DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562311220191518", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1518)", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "published": "2020-01-23T00:00:00", "modified": "2020-02-05T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191518", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1518", "2019-1518"], "cvelist": ["CVE-2014-3646", "CVE-2016-8660", "CVE-2014-1739", "CVE-2018-16597", "CVE-2013-2897", "CVE-2015-1350", "CVE-2016-9083", "CVE-2014-3144", "CVE-2015-8539", "CVE-2015-0239", "CVE-2014-3153", "CVE-2018-17972", "CVE-2015-1339", "CVE-2017-2596", "CVE-2017-15127", "CVE-2018-16658", "CVE-2015-3290", "CVE-2016-5412", "CVE-2015-7885", "CVE-2016-9755"], "immutableFields": [], "lastseen": "2020-02-05T16:41:27", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["0A73C01D4DA08B819B9C4B612AFC80EC", "25926E58CA3C6E49F9B16880837630CC", "65E6C6CA8EA785E25FE51261D729D687"]}, {"type": "amazon", "idList": ["ALAS-2014-363", "ALAS-2014-392", "ALAS-2016-772", "ALAS-2018-1086", "ALAS-2018-1100", "ALAS2-2018-1086", "ALAS2-2018-1100"]}, {"type": "android", "idList": ["ANDROID:TOWELROOT"]}, {"type": "androidsecurity", "idList": ["ANDROID:2017-04-01"]}, {"type": "archlinux", "idList": ["ASA-201411-14", "ASA-201411-15"]}, {"type": "attackerkb", "idList": ["AKB:ECB48E8B-D8BC-4DF8-BCCF-8AD6370D261A"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "canvas", "idList": ["LINUX_FUTEX_REQUEUE"]}, {"type": "centos", "idList": ["CESA-2014:0771", "CESA-2014:0981", "CESA-2014:1724", "CESA-2014:1843", "CESA-2014:1971", "CESA-2015:1272", "CESA-2015:2152", "CESA-2016:2574", "CESA-2017:0386", "CESA-2017:1842", "CESA-2018:0151", "CESA-2018:1062", "CESA-2019:0512", "CESA-2019:2029", "CESA-2019:2473"]}, {"type": "chrome", "idList": ["GCSA-4830242147321115275"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2014-3153"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:131A4556633D91C9BF0AE72696FADB89", "CFOUNDRY:1E92DA1FCC786D8CF92EF17F4A659881", "CFOUNDRY:292CE3FF25BE7F67EFA36C82DF2DFC90", "CFOUNDRY:357A3D675E310E16A6C343FB03145CD4", "CFOUNDRY:3DCD5683F03B57AFBD25479619516122", "CFOUNDRY:8CFC2758BB5A33EFE62E28CBCF6F0C0C", "CFOUNDRY:B4B97B81301258FB8DE2E5FB29E0A418", "CFOUNDRY:CB87545A2D6E3B6DCF68CD117331BD4E"]}, {"type": "cve", "idList": ["CVE-2013-2897", "CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3153", "CVE-2014-3646", "CVE-2014-9895", "CVE-2015-0239", "CVE-2015-1339", "CVE-2015-1350", "CVE-2015-3290", "CVE-2015-7885", "CVE-2015-8539", "CVE-2016-5412", "CVE-2016-8660", "CVE-2016-9083", "CVE-2016-9755", "CVE-2017-15127", "CVE-2017-2596", "CVE-2018-16597", "CVE-2018-16658", "CVE-2018-17972", "CVE-2018-18710"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1531-1:834CC", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-772-1:EB721", "DEBIAN:DSA-2949-1:3DC27", "DEBIAN:DSA-2949-1:5D47D", "DEBIAN:DSA-2950-1:15DF5", "DEBIAN:DSA-3060-1:12BAD", "DEBIAN:DSA-3060-1:394A4", "DEBIAN:DSA-3170-1:F6570", "DEBIAN:DSA-3313-1:00F99", "DEBIAN:DSA-3313-1:C4641", "DEBIAN:DSA-3791-1:0D4D5", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-4308-1:A5A75", "DEBIAN:DSA-4308-1:D561A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-2897", "DEBIANCVE:CVE-2014-1739", "DEBIANCVE:CVE-2014-3144", "DEBIANCVE:CVE-2014-3153", "DEBIANCVE:CVE-2014-3646", "DEBIANCVE:CVE-2014-9895", "DEBIANCVE:CVE-2015-0239", "DEBIANCVE:CVE-2015-1339", "DEBIANCVE:CVE-2015-1350", "DEBIANCVE:CVE-2015-3290", "DEBIANCVE:CVE-2015-7885", "DEBIANCVE:CVE-2015-8539", "DEBIANCVE:CVE-2016-5412", "DEBIANCVE:CVE-2016-8660", "DEBIANCVE:CVE-2016-9083", "DEBIANCVE:CVE-2016-9755", "DEBIANCVE:CVE-2017-15127", "DEBIANCVE:CVE-2017-2596", "DEBIANCVE:CVE-2018-16597", "DEBIANCVE:CVE-2018-16658", "DEBIANCVE:CVE-2018-17972", "DEBIANCVE:CVE-2018-18710"]}, {"type": "exploitdb", "idList": ["EDB-ID:35370"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:448F0B0D44522EA4F8F2133CF21B41E4", "EXPLOITPACK:6D7A39DDD9FCE730C1AA0BD07808752A", "EXPLOITPACK:9F9EC3D4DD26B34F2A3BD7077A1EBB9E"]}, {"type": "f5", "idList": ["F5:K07560020", "F5:K11165942", "F5:K11853211", "F5:K15912", "F5:K22691834", "F5:K27673650", "F5:K40523020", "F5:K41900062", "SOL07560020", "SOL11853211", "SOL15912", "SOL16429"]}, {"type": "fedora", "idList": ["FEDORA:0777460874C8", "FEDORA:0960721640", "FEDORA:0BFFD21A2A", "FEDORA:0E8612288A", "FEDORA:0FB9F605F1E0", "FEDORA:131186087E1C", "FEDORA:1317A20FE4", "FEDORA:13273218E5", "FEDORA:163BB601CF8F", "FEDORA:1661D600FD84", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1AE8521943", "FEDORA:1CCC322073", "FEDORA:1DA3D221C6", "FEDORA:1DB63211A2", "FEDORA:23B6E225A0", "FEDORA:2457821EFD", "FEDORA:26C5127E25", "FEDORA:26DF321BA7", "FEDORA:2784A21C29", "FEDORA:280D922723", "FEDORA:28A7021A1E", "FEDORA:28A8366B1094", "FEDORA:28CF260C68EC", "FEDORA:29049600CFF3", "FEDORA:2A0322BA2C", "FEDORA:2AD3261A18E6", "FEDORA:2BA602158D", "FEDORA:2EB1060491B1", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3060D60E9A21", "FEDORA:30991220A7", "FEDORA:30C5820E79", "FEDORA:33D8860877E1", "FEDORA:39B5660877A6", "FEDORA:3D4286087E43", "FEDORA:4276F60157E5", "FEDORA:4359160906D1", "FEDORA:4375D611D164", "FEDORA:50E6E6087656", "FEDORA:51EB2601616F", "FEDORA:56A5821917", "FEDORA:58AF5217A1", "FEDORA:5D94521889", "FEDORA:60B8C60918D5", "FEDORA:6A93C20D15", "FEDORA:6B39A60C690C", "FEDORA:6F57B601CED2", "FEDORA:756F822091", "FEDORA:7734E613B647", "FEDORA:804CC6092211", "FEDORA:84C4E22D8F", "FEDORA:8593C630DD53", "FEDORA:8BF45213A1", "FEDORA:8C61D2154D", "FEDORA:8E01360DC908", "FEDORA:8EFBC604949F", "FEDORA:92F5160877B4", "FEDORA:9330A21FE6", "FEDORA:936A4223EA", "FEDORA:9FA6021249", "FEDORA:A4C8660C350E", "FEDORA:A765122E16", "FEDORA:A7C8F21CCE", "FEDORA:A7F0966B1097", "FEDORA:B91586087C43", "FEDORA:B9C4760130DC", "FEDORA:BA8EE21864", "FEDORA:BD41660BC2B1", "FEDORA:BE085601E81D", "FEDORA:C26F460906BA", "FEDORA:C35B860CD859", "FEDORA:C44336087E4E", "FEDORA:C56CF6087715", "FEDORA:CE3236087E07", "FEDORA:CFDB8604972F", "FEDORA:D0CC960762B3", "FEDORA:D15E060F33C2", "FEDORA:D69CC24B48", "FEDORA:D6CE3608F49C", "FEDORA:D89B960F8CA9", "FEDORA:DA71D21D19", "FEDORA:DB49F219DE", "FEDORA:DFF016087D0B", "FEDORA:E17EC601FD8F", "FEDORA:E1CE2605E17A", "FEDORA:E6C59213CA", "FEDORA:E7CE72245B", "FEDORA:E819660C68EA", "FEDORA:E99C02072E", "FEDORA:EEB386177DBB", "FEDORA:F39746087895"]}, {"type": "freebsd", "idList": ["6294F75F-03F2-11E5-AAB1-D050996490D0"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:54DEC08A36CF8A81368D7CBA20C3E51B"]}, {"type": "hackerone", "idList": ["H1:13388"]}, {"type": "ibm", "idList": ["091C926DD3372A48BCEFCA3A598C2A54BAEA4FF0AC1ADA170D539846CF9E0B12", "0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300", "289F46B747F4C8F26E8F8D17623E34EDE1DB7595184FCDCC87FEDCC356AC9965", "2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "61EAA34D5E4645B71F124164E8135272DB3119CF3ABDC2864377B692FCF87527", "6F75059EBDF719D84C8DC0CA4BAADF9428544BDAFCEEAE62F4225A55CA1E8AF0", "72A14F3E1A05E87987247C3A94DA37A971910E734C842EA2FD4E32CE8B24FCF5", "75F4CE8201FAA026B444CA3308E12CA9B1FBD302D6BDA963D3635F7318CA3ADB", "886FADBF12E5D255DA0F738559659C57F2FF4189798EA7267513A7ED50B1F227", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "AF6E3EC9D5A5C3CF688EF87142347E0688A4AE1CB6831F92326966B86BF2D9C1", "B21E322EBFC512ECDC98906E22E800594BBF803083C0BFA068CC6E0D3D1145F7", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "CD9B5BF488F3327F1A5D08B8A25E9EF90D7304376F44A16FB3F05E06566E80FF", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484"]}, {"type": "kitploit", "idList": ["KITPLOIT:4462385753504235463"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2013-0342", "MGASA-2013-0343", "MGASA-2013-0344", "MGASA-2013-0345", "MGASA-2013-0346", "MGASA-2013-0371", "MGASA-2013-0372", "MGASA-2013-0373", "MGASA-2013-0374", "MGASA-2013-0375", "MGASA-2014-0265", "MGASA-2014-0273", "MGASA-2014-0330", "MGASA-2014-0331", "MGASA-2014-0332", "MGASA-2014-0336", "MGASA-2014-0337", "MGASA-2014-0474", "MGASA-2015-0075", "MGASA-2015-0076", "MGASA-2015-0077", "MGASA-2015-0078", "MGASA-2015-0210", "MGASA-2015-0219", "MGASA-2015-0221", "MGASA-2016-0005", "MGASA-2016-0014", "MGASA-2016-0015", "MGASA-2017-0136", "MGASA-2017-0147", "MGASA-2017-0148"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-ANDROID-LOCAL-FUTEX_REQUEUE-"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1086.NASL", "AL2_ALAS-2018-1100.NASL", "ALA_ALAS-2014-363.NASL", "ALA_ALAS-2014-392.NASL", "ALA_ALAS-2016-772.NASL", "ALA_ALAS-2018-1086.NASL", "ALA_ALAS-2018-1100.NASL", "CENTOS_RHSA-2014-0771.NASL", "CENTOS_RHSA-2014-0981.NASL", "CENTOS_RHSA-2014-1724.NASL", "CENTOS_RHSA-2014-1843.NASL", "CENTOS_RHSA-2014-1971.NASL", "CENTOS_RHSA-2015-1272.NASL", "CENTOS_RHSA-2015-2152.NASL", "CENTOS_RHSA-2016-2574.NASL", "CENTOS_RHSA-2017-0386.NASL", "CENTOS_RHSA-2017-1842.NASL", "CENTOS_RHSA-2018-0151.NASL", "CENTOS_RHSA-2018-1062.NASL", "CENTOS_RHSA-2019-0512.NASL", "CENTOS_RHSA-2019-2029.NASL", "CENTOS_RHSA-2019-2473.NASL", "DEBIAN_DLA-1531.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-772.NASL", "DEBIAN_DSA-2949.NASL", "DEBIAN_DSA-2950.NASL", "DEBIAN_DSA-3060.NASL", "DEBIAN_DSA-3170.NASL", "DEBIAN_DSA-3313.NASL", "DEBIAN_DSA-3791.NASL", "DEBIAN_DSA-4308.NASL", "EULEROS_SA-2016-1026.NASL", "EULEROS_SA-2018-1373.NASL", "EULEROS_SA-2018-1407.NASL", "EULEROS_SA-2018-1432.NASL", "EULEROS_SA-2019-1027.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2019-1156.NASL", "EULEROS_SA-2019-1188.NASL", "EULEROS_SA-2019-1189.NASL", "EULEROS_SA-2019-1220.NASL", "EULEROS_SA-2019-1223.NASL", "EULEROS_SA-2019-1303.NASL", "EULEROS_SA-2019-1479.NASL", "EULEROS_SA-2019-1480.NASL", "EULEROS_SA-2019-1485.NASL", "EULEROS_SA-2019-1487.NASL", "EULEROS_SA-2019-1489.NASL", "EULEROS_SA-2019-1496.NASL", "EULEROS_SA-2019-1502.NASL", "EULEROS_SA-2019-1511.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1518.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2599.NASL", "EULEROS_SA-2019-2693.NASL", "EULEROS_SA-2021-1808.NASL", "F5_BIGIP_SOL15912.NASL", "F5_BIGIP_SOL27673650.NASL", "F5_BIGIP_SOL40523020.NASL", "FEDORA_2013-16336.NASL", "FEDORA_2013-16379.NASL", "FEDORA_2014-13773.NASL", "FEDORA_2014-14068.NASL", "FEDORA_2014-14126.NASL", "FEDORA_2014-6354.NASL", "FEDORA_2014-6357.NASL", "FEDORA_2014-7128.NASL", "FEDORA_2014-7320.NASL", "FEDORA_2015-12437.NASL", "FEDORA_2015-1657.NASL", "FEDORA_2015-1672.NASL", "FEDORA_2016-4B67F775FE.NASL", "FEDORA_2016-5EC2475E3F.NASL", "FEDORA_2016-90F142AA64.NASL", "FEDORA_2016-96D276367E.NASL", "FEDORA_2016-9C17CB9648.NASL", "FEDORA_2016-BBE98C341C.NASL", "FEDORA_2016-EE3A114958.NASL", "FEDORA_2017-392B319BB5.NASL", "FEDORA_2017-472052EBE5.NASL", "FEDORA_2018-2EE3411CB8.NASL", "FEDORA_2018-59E4747E0F.NASL", "FEDORA_2018-9F4381D8C4.NASL", "FEDORA_2018-EC3BF1B228.NASL", "FREEBSD_PKG_6294F75F03F211E5AAB1D050996490D0.NASL", "MANDRIVA_MDVSA-2013-242.NASL", "MANDRIVA_MDVSA-2014-124.NASL", "MANDRIVA_MDVSA-2014-230.NASL", "MANDRIVA_MDVSA-2015-058.NASL", "NEWSTART_CGSL_NS-SA-2019-0014_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0070_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0074_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0021_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_16_0_1.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "OPENSUSE-2014-441.NASL", "OPENSUSE-2014-451.NASL", "OPENSUSE-2014-478.NASL", "OPENSUSE-2014-791.NASL", "OPENSUSE-2014-793.NASL", "OPENSUSE-2015-543.NASL", "OPENSUSE-2015-686.NASL", "OPENSUSE-2016-116.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-136.NASL", "OPENSUSE-2016-1426.NASL", "OPENSUSE-2016-1428.NASL", "OPENSUSE-2016-445.NASL", "OPENSUSE-2016-862.NASL", "OPENSUSE-2017-418.NASL", "OPENSUSE-2017-419.NASL", "OPENSUSE-2018-1016.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-1184.NASL", "OPENSUSE-2018-1342.NASL", "OPENSUSE-2018-1427.NASL", "OPENSUSE-2019-1407.NASL", "OPENSUSE-2019-769.NASL", "OPENSUSE-2019-893.NASL", "ORACLELINUX_ELSA-2014-0771.NASL", "ORACLELINUX_ELSA-2014-0786.NASL", "ORACLELINUX_ELSA-2014-0981.NASL", "ORACLELINUX_ELSA-2014-1724.NASL", "ORACLELINUX_ELSA-2014-1843.NASL", "ORACLELINUX_ELSA-2014-1971.NASL", "ORACLELINUX_ELSA-2014-3002.NASL", "ORACLELINUX_ELSA-2014-3037.NASL", "ORACLELINUX_ELSA-2014-3038.NASL", "ORACLELINUX_ELSA-2014-3039.NASL", "ORACLELINUX_ELSA-2014-3052.NASL", "ORACLELINUX_ELSA-2014-3053.NASL", "ORACLELINUX_ELSA-2014-3054.NASL", "ORACLELINUX_ELSA-2014-3070.NASL", "ORACLELINUX_ELSA-2014-3084.NASL", "ORACLELINUX_ELSA-2014-3096.NASL", "ORACLELINUX_ELSA-2014-3104.NASL", "ORACLELINUX_ELSA-2015-0290.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-2152.NASL", "ORACLELINUX_ELSA-2015-3053.NASL", "ORACLELINUX_ELSA-2015-3054.NASL", "ORACLELINUX_ELSA-2015-3055.NASL", "ORACLELINUX_ELSA-2015-3064.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2017-0386.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-1842.NASL", "ORACLELINUX_ELSA-2017-3514.NASL", "ORACLELINUX_ELSA-2017-3533.NASL", "ORACLELINUX_ELSA-2018-0151.NASL", "ORACLELINUX_ELSA-2018-1062.NASL", "ORACLELINUX_ELSA-2018-4227.NASL", "ORACLELINUX_ELSA-2018-4242.NASL", "ORACLELINUX_ELSA-2018-4245.NASL", "ORACLELINUX_ELSA-2018-4250.NASL", "ORACLELINUX_ELSA-2018-4288.NASL", "ORACLELINUX_ELSA-2018-4300.NASL", "ORACLELINUX_ELSA-2018-4301.NASL", "ORACLELINUX_ELSA-2018-4304.NASL", "ORACLELINUX_ELSA-2019-0512.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-4316.NASL", "ORACLELINUX_ELSA-2019-4531.NASL", "ORACLELINUX_ELSA-2019-4532.NASL", "ORACLELINUX_ELSA-2019-4541.NASL", "ORACLELINUX_ELSA-2019-4577.NASL", "ORACLELINUX_ELSA-2022-9969.NASL", "ORACLEVM_OVMSA-2015-0104.NASL", "ORACLEVM_OVMSA-2015-0109.NASL", "ORACLEVM_OVMSA-2016-0037.NASL", "ORACLEVM_OVMSA-2017-0039.NASL", "ORACLEVM_OVMSA-2017-0056.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2018-0258.NASL", "ORACLEVM_OVMSA-2018-0284.NASL", "ORACLEVM_OVMSA-2019-0007.NASL", "PHOTONOS_PHSA-2016-0012.NASL", "PHOTONOS_PHSA-2016-0012_LINUX.NASL", "PHOTONOS_PHSA-2019-1_0-0240_LINUX.NASL", "REDHAT-RHSA-2014-0771.NASL", "REDHAT-RHSA-2014-0786.NASL", "REDHAT-RHSA-2014-0800.NASL", "REDHAT-RHSA-2014-0815.NASL", "REDHAT-RHSA-2014-0900.NASL", "REDHAT-RHSA-2014-0913.NASL", "REDHAT-RHSA-2014-0981.NASL", "REDHAT-RHSA-2014-1168.NASL", "REDHAT-RHSA-2014-1724.NASL", "REDHAT-RHSA-2014-1843.NASL", "REDHAT-RHSA-2014-1971.NASL", "REDHAT-RHSA-2015-0126.NASL", "REDHAT-RHSA-2015-0284.NASL", "REDHAT-RHSA-2015-1272.NASL", "REDHAT-RHSA-2015-2152.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2017-0386.NASL", "REDHAT-RHSA-2017-0387.NASL", "REDHAT-RHSA-2017-1842.NASL", "REDHAT-RHSA-2017-2077.NASL", "REDHAT-RHSA-2018-0151.NASL", "REDHAT-RHSA-2018-0152.NASL", "REDHAT-RHSA-2018-0181.NASL", "REDHAT-RHSA-2018-0676.NASL", "REDHAT-RHSA-2018-1062.NASL", "REDHAT-RHSA-2019-0512.NASL", "REDHAT-RHSA-2019-0514.NASL", "REDHAT-RHSA-2019-0831.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2473.NASL", "REDHAT-RHSA-2019-4154.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SL_20140619_KERNEL_ON_SL6_X.NASL", "SL_20141028_KERNEL_ON_SL7_X.NASL", "SL_20141209_KERNEL_ON_SL7_X.NASL", "SL_20150722_KERNEL_ON_SL6_X.NASL", "SL_20151119_KERNEL_ON_SL7_X.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SL_20170302_KERNEL_ON_SL7_X.NASL", "SL_20170801_KERNEL_ON_SL7_X.NASL", "SL_20180125_KERNEL_ON_SL7_X.NASL", "SL_20180410_KERNEL_ON_SL7_X.NASL", "SL_20190314_KERNEL_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SUSE_11_KERNEL-140604.NASL", "SUSE_11_KERNEL-140709.NASL", "SUSE_11_KERNEL-140924.NASL", "SUSE_11_KERNEL-141202.NASL", "SUSE_11_KERNEL-141217.NASL", "SUSE_11_KERNEL-BIGSMP-201409-140924.NASL", "SUSE_SU-2014-0287-1.NASL", "SUSE_SU-2014-0536-1.NASL", "SUSE_SU-2014-0832-1.NASL", "SUSE_SU-2014-1105-1.NASL", "SUSE_SU-2014-1138-1.NASL", "SUSE_SU-2015-0481-1.NASL", "SUSE_SU-2016-0168-1.NASL", "SUSE_SU-2016-0585-1.NASL", "SUSE_SU-2016-0911-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2017-0181-1.NASL", "SUSE_SU-2017-0333-1.NASL", "SUSE_SU-2017-0437-1.NASL", "SUSE_SU-2017-0464-1.NASL", "SUSE_SU-2017-0471-1.NASL", "SUSE_SU-2017-0494-1.NASL", "SUSE_SU-2017-1183-1.NASL", "SUSE_SU-2017-1247-1.NASL", "SUSE_SU-2017-1360-1.NASL", "SUSE_SU-2018-2776-1.NASL", "SUSE_SU-2018-2858-1.NASL", "SUSE_SU-2018-2879-1.NASL", "SUSE_SU-2018-2907-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-2980-1.NASL", "SUSE_SU-2018-3003-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2018-3689-1.NASL", "SUSE_SU-2018-3746-1.NASL", "SUSE_SU-2018-3934-1.NASL", "SUSE_SU-2018-4069-1.NASL", "SUSE_SU-2019-0095-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "SUSE_SU-2019-14089-1.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1692-1.NASL", "UBUNTU_USN-2015-1.NASL", "UBUNTU_USN-2016-1.NASL", "UBUNTU_USN-2019-1.NASL", "UBUNTU_USN-2020-1.NASL", "UBUNTU_USN-2021-1.NASL", "UBUNTU_USN-2023-1.NASL", "UBUNTU_USN-2038-1.NASL", "UBUNTU_USN-2233-1.NASL", "UBUNTU_USN-2234-1.NASL", "UBUNTU_USN-2235-1.NASL", "UBUNTU_USN-2237-1.NASL", "UBUNTU_USN-2238-1.NASL", "UBUNTU_USN-2239-1.NASL", "UBUNTU_USN-2240-1.NASL", "UBUNTU_USN-2241-1.NASL", "UBUNTU_USN-2251-1.NASL", "UBUNTU_USN-2252-1.NASL", "UBUNTU_USN-2259-1.NASL", "UBUNTU_USN-2260-1.NASL", "UBUNTU_USN-2261-1.NASL", "UBUNTU_USN-2262-1.NASL", "UBUNTU_USN-2264-1.NASL", "UBUNTU_USN-2285-1.NASL", "UBUNTU_USN-2286-1.NASL", "UBUNTU_USN-2288-1.NASL", "UBUNTU_USN-2290-1.NASL", "UBUNTU_USN-2394-1.NASL", "UBUNTU_USN-2395-1.NASL", "UBUNTU_USN-2396-1.NASL", "UBUNTU_USN-2417-1.NASL", "UBUNTU_USN-2513-1.NASL", "UBUNTU_USN-2515-1.NASL", "UBUNTU_USN-2515-2.NASL", "UBUNTU_USN-2516-1.NASL", "UBUNTU_USN-2516-2.NASL", "UBUNTU_USN-2516-3.NASL", "UBUNTU_USN-2517-1.NASL", "UBUNTU_USN-2518-1.NASL", "UBUNTU_USN-2687-1.NASL", "UBUNTU_USN-2688-1.NASL", "UBUNTU_USN-2689-1.NASL", "UBUNTU_USN-2690-1.NASL", "UBUNTU_USN-2691-1.NASL", "UBUNTU_USN-2700-1.NASL", "UBUNTU_USN-2701-1.NASL", "UBUNTU_USN-2841-1.NASL", "UBUNTU_USN-2841-2.NASL", "UBUNTU_USN-2842-1.NASL", "UBUNTU_USN-2842-2.NASL", "UBUNTU_USN-2843-1.NASL", "UBUNTU_USN-2843-2.NASL", "UBUNTU_USN-2843-3.NASL", "UBUNTU_USN-2844-1.NASL", "UBUNTU_USN-3084-1.NASL", "UBUNTU_USN-3084-2.NASL", "UBUNTU_USN-3084-3.NASL", "UBUNTU_USN-3084-4.NASL", "UBUNTU_USN-3216-1.NASL", "UBUNTU_USN-3293-1.NASL", "UBUNTU_USN-3312-1.NASL", "UBUNTU_USN-3312-2.NASL", "UBUNTU_USN-3359-1.NASL", "UBUNTU_USN-3361-1.NASL", "UBUNTU_USN-3422-1.NASL", "UBUNTU_USN-3797-1.NASL", "UBUNTU_USN-3797-2.NASL", "UBUNTU_USN-3798-1.NASL", "UBUNTU_USN-3820-1.NASL", "UBUNTU_USN-3820-2.NASL", "UBUNTU_USN-3820-3.NASL", "UBUNTU_USN-3821-1.NASL", "UBUNTU_USN-3821-2.NASL", "UBUNTU_USN-3822-1.NASL", "UBUNTU_USN-3832-1.NASL", "UBUNTU_USN-3835-1.NASL", "UBUNTU_USN-3871-1.NASL", "UBUNTU_USN-3871-2.NASL", "UBUNTU_USN-3871-3.NASL", "UBUNTU_USN-3871-4.NASL", "UBUNTU_USN-3871-5.NASL", "UBUNTU_USN-3880-1.NASL", "UBUNTU_USN-4904-1.NASL", "VIRTUOZZO_VZA-2017-001.NASL", "VIRTUOZZO_VZA-2019-067.NASL", "VIRTUOZZO_VZLSA-2017-0386.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120248", "OPENVAS:1361412562310120340", "OPENVAS:1361412562310122785", "OPENVAS:1361412562310123042", "OPENVAS:1361412562310123043", "OPENVAS:1361412562310123047", "OPENVAS:1361412562310123058", "OPENVAS:1361412562310123223", "OPENVAS:1361412562310123230", "OPENVAS:1361412562310123234", "OPENVAS:1361412562310123254", "OPENVAS:1361412562310123265", "OPENVAS:1361412562310123267", "OPENVAS:1361412562310123346", "OPENVAS:1361412562310123347", "OPENVAS:1361412562310123348", "OPENVAS:1361412562310123349", "OPENVAS:1361412562310123354", "OPENVAS:1361412562310123391", "OPENVAS:1361412562310123398", "OPENVAS:1361412562310123399", "OPENVAS:1361412562310123400", "OPENVAS:1361412562310123470", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310131175", "OPENVAS:1361412562310131182", "OPENVAS:1361412562310702949", "OPENVAS:1361412562310702950", "OPENVAS:1361412562310703060", "OPENVAS:1361412562310703170", "OPENVAS:1361412562310703313", "OPENVAS:1361412562310703791", "OPENVAS:1361412562310704308", "OPENVAS:1361412562310809110", "OPENVAS:1361412562310809111", "OPENVAS:1361412562310810159", "OPENVAS:1361412562310810170", "OPENVAS:1361412562310841618", "OPENVAS:1361412562310841620", "OPENVAS:1361412562310841626", "OPENVAS:1361412562310841627", "OPENVAS:1361412562310841629", "OPENVAS:1361412562310841631", "OPENVAS:1361412562310841643", "OPENVAS:1361412562310841647", "OPENVAS:1361412562310841656", "OPENVAS:1361412562310841841", "OPENVAS:1361412562310841844", "OPENVAS:1361412562310841845", "OPENVAS:1361412562310841846", "OPENVAS:1361412562310841847", "OPENVAS:1361412562310841848", "OPENVAS:1361412562310841849", "OPENVAS:1361412562310841850", "OPENVAS:1361412562310841852", "OPENVAS:1361412562310841859", "OPENVAS:1361412562310841860", "OPENVAS:1361412562310841870", "OPENVAS:1361412562310841873", "OPENVAS:1361412562310841874", "OPENVAS:1361412562310841876", "OPENVAS:1361412562310841879", "OPENVAS:1361412562310841880", "OPENVAS:1361412562310841893", "OPENVAS:1361412562310841897", "OPENVAS:1361412562310841906", "OPENVAS:1361412562310841907", "OPENVAS:1361412562310842017", "OPENVAS:1361412562310842018", "OPENVAS:1361412562310842022", "OPENVAS:1361412562310842106", "OPENVAS:1361412562310842108", "OPENVAS:1361412562310842109", "OPENVAS:1361412562310842110", "OPENVAS:1361412562310842111", "OPENVAS:1361412562310842112", "OPENVAS:1361412562310842113", "OPENVAS:1361412562310842115", "OPENVAS:1361412562310842116", "OPENVAS:1361412562310842388", "OPENVAS:1361412562310842389", "OPENVAS:1361412562310842390", "OPENVAS:1361412562310842392", "OPENVAS:1361412562310842396", "OPENVAS:1361412562310842399", "OPENVAS:1361412562310842450", "OPENVAS:1361412562310842565", "OPENVAS:1361412562310842568", "OPENVAS:1361412562310842569", "OPENVAS:1361412562310842571", "OPENVAS:1361412562310842572", "OPENVAS:1361412562310842573", "OPENVAS:1361412562310842574", "OPENVAS:1361412562310842575", "OPENVAS:1361412562310842885", "OPENVAS:1361412562310842886", "OPENVAS:1361412562310842888", "OPENVAS:1361412562310842890", "OPENVAS:1361412562310843080", "OPENVAS:1361412562310843165", "OPENVAS:1361412562310843199", "OPENVAS:1361412562310843200", "OPENVAS:1361412562310843247", "OPENVAS:1361412562310843249", "OPENVAS:1361412562310843312", "OPENVAS:1361412562310843663", "OPENVAS:1361412562310843665", "OPENVAS:1361412562310843666", "OPENVAS:1361412562310843820", "OPENVAS:1361412562310843821", "OPENVAS:1361412562310843822", "OPENVAS:1361412562310843823", "OPENVAS:1361412562310843824", "OPENVAS:1361412562310843825", "OPENVAS:1361412562310843840", "OPENVAS:1361412562310843841", "OPENVAS:1361412562310843884", "OPENVAS:1361412562310843891", "OPENVAS:1361412562310843892", "OPENVAS:1361412562310843896", "OPENVAS:1361412562310843897", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310850593", "OPENVAS:1361412562310850594", "OPENVAS:1361412562310850595", "OPENVAS:1361412562310850598", "OPENVAS:1361412562310850626", "OPENVAS:1361412562310850628", "OPENVAS:1361412562310850675", "OPENVAS:1361412562310850746", "OPENVAS:1361412562310850776", "OPENVAS:1361412562310850794", "OPENVAS:1361412562310850801", "OPENVAS:1361412562310850805", "OPENVAS:1361412562310850818", "OPENVAS:1361412562310850821", "OPENVAS:1361412562310850836", "OPENVAS:1361412562310850840", "OPENVAS:1361412562310850859", "OPENVAS:1361412562310850881", "OPENVAS:1361412562310850918", "OPENVAS:1361412562310850975", "OPENVAS:1361412562310851102", "OPENVAS:1361412562310851121", "OPENVAS:1361412562310851159", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851179", "OPENVAS:1361412562310851197", "OPENVAS:1361412562310851273", "OPENVAS:1361412562310851449", "OPENVAS:1361412562310851513", "OPENVAS:1361412562310851529", "OPENVAS:1361412562310851530", "OPENVAS:1361412562310851895", "OPENVAS:1361412562310851937", "OPENVAS:1361412562310852091", "OPENVAS:1361412562310852108", "OPENVAS:1361412562310852140", "OPENVAS:1361412562310852506", "OPENVAS:1361412562310866894", "OPENVAS:1361412562310866896", "OPENVAS:1361412562310866900", "OPENVAS:1361412562310866901", "OPENVAS:1361412562310866934", "OPENVAS:1361412562310866952", "OPENVAS:1361412562310866964", "OPENVAS:1361412562310866972", "OPENVAS:1361412562310867001", "OPENVAS:1361412562310867043", "OPENVAS:1361412562310867054", "OPENVAS:1361412562310867089", "OPENVAS:1361412562310867096", "OPENVAS:1361412562310867119", "OPENVAS:1361412562310867183", "OPENVAS:1361412562310867240", "OPENVAS:1361412562310867242", "OPENVAS:1361412562310867520", "OPENVAS:1361412562310867546", "OPENVAS:1361412562310867580", "OPENVAS:1361412562310867651", "OPENVAS:1361412562310867682", "OPENVAS:1361412562310867774", "OPENVAS:1361412562310867811", "OPENVAS:1361412562310867820", "OPENVAS:1361412562310867852", "OPENVAS:1361412562310867857", "OPENVAS:1361412562310867886", "OPENVAS:1361412562310867905", "OPENVAS:1361412562310867911", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310867967", "OPENVAS:1361412562310867986", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868980", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869077", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869115", "OPENVAS:1361412562310869136", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869284", "OPENVAS:1361412562310869369", "OPENVAS:1361412562310869374", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310869459", "OPENVAS:1361412562310869476", "OPENVAS:1361412562310869836", "OPENVAS:1361412562310869857", "OPENVAS:1361412562310869860", "OPENVAS:1361412562310869886", "OPENVAS:1361412562310869889", "OPENVAS:1361412562310871192", "OPENVAS:1361412562310871193", "OPENVAS:1361412562310871216", "OPENVAS:1361412562310871280", "OPENVAS:1361412562310871288", "OPENVAS:1361412562310871413", "OPENVAS:1361412562310871487", "OPENVAS:1361412562310871708", "OPENVAS:1361412562310871768", "OPENVAS:1361412562310871855", "OPENVAS:1361412562310872105", "OPENVAS:1361412562310872111", "OPENVAS:1361412562310872115", "OPENVAS:1361412562310872344", "OPENVAS:1361412562310872370", "OPENVAS:1361412562310875066", "OPENVAS:1361412562310875067", "OPENVAS:1361412562310875072", "OPENVAS:1361412562310875187", "OPENVAS:1361412562310875189", "OPENVAS:1361412562310875195", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875202", "OPENVAS:1361412562310875203", "OPENVAS:1361412562310875929", "OPENVAS:1361412562310875951", "OPENVAS:1361412562310876317", "OPENVAS:1361412562310881955", "OPENVAS:1361412562310881979", "OPENVAS:1361412562310882069", "OPENVAS:1361412562310882079", "OPENVAS:1361412562310882673", "OPENVAS:1361412562310882836", "OPENVAS:1361412562310883019", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310891531", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562311220161026", "OPENVAS:1361412562311220181373", "OPENVAS:1361412562311220181407", "OPENVAS:1361412562311220181432", "OPENVAS:1361412562311220191027", "OPENVAS:1361412562311220191028", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191188", "OPENVAS:1361412562311220191189", "OPENVAS:1361412562311220191220", "OPENVAS:1361412562311220191223", "OPENVAS:1361412562311220191303", "OPENVAS:1361412562311220191479", "OPENVAS:1361412562311220191480", "OPENVAS:1361412562311220191485", "OPENVAS:1361412562311220191487", "OPENVAS:1361412562311220191489", "OPENVAS:1361412562311220191496", "OPENVAS:1361412562311220191502", "OPENVAS:1361412562311220191511", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191587", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192599", "OPENVAS:1361412562311220192693", "OPENVAS:702949", "OPENVAS:702950", "OPENVAS:703060", "OPENVAS:703170", "OPENVAS:703313", "OPENVAS:703791", "OPENVAS:841618", "OPENVAS:841620", "OPENVAS:841626", "OPENVAS:841627", "OPENVAS:841629", "OPENVAS:841631", "OPENVAS:841643", "OPENVAS:841647", "OPENVAS:841656", "OPENVAS:866894", "OPENVAS:866896", "OPENVAS:866900", "OPENVAS:866901", "OPENVAS:866934", "OPENVAS:866952", "OPENVAS:866964", "OPENVAS:866972", "OPENVAS:867001", "OPENVAS:867043", "OPENVAS:867054", "OPENVAS:867089", "OPENVAS:867096", "OPENVAS:867119", "OPENVAS:867183", "OPENVAS:867240", "OPENVAS:867242", "OPENVAS:867520", "OPENVAS:867546", "OPENVAS:867580", "OPENVAS:867651", "OPENVAS:867682", "OPENVAS:867774"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0771", "ELSA-2014-0786", "ELSA-2014-0981", "ELSA-2014-1724", "ELSA-2014-1843", "ELSA-2014-1971", "ELSA-2014-1997", "ELSA-2014-3002", "ELSA-2014-3037", "ELSA-2014-3038", "ELSA-2014-3039", "ELSA-2014-3052", "ELSA-2014-3053", "ELSA-2014-3054", "ELSA-2014-3070", "ELSA-2014-3084", "ELSA-2014-3096", "ELSA-2014-3104", "ELSA-2015-1272", "ELSA-2015-2152", "ELSA-2015-3053", "ELSA-2015-3054", "ELSA-2015-3055", "ELSA-2015-3064", "ELSA-2016-2574", "ELSA-2017-0386", "ELSA-2017-0386-1", "ELSA-2017-1842", "ELSA-2017-1842-1", "ELSA-2017-3514", "ELSA-2017-3533", "ELSA-2018-0151", "ELSA-2018-1062", "ELSA-2018-4227", "ELSA-2018-4242", "ELSA-2018-4245", "ELSA-2018-4246", "ELSA-2018-4250", "ELSA-2018-4288", "ELSA-2018-4300", "ELSA-2018-4301", "ELSA-2018-4304", "ELSA-2019-0512", "ELSA-2019-2029", "ELSA-2019-2473", "ELSA-2019-4531", "ELSA-2019-4532", "ELSA-2019-4541", "ELSA-2019-4577", "ELSA-2022-9969"]}, {"type": "osv", "idList": ["OSV:DLA-0007-1", "OSV:DLA-0015-1", "OSV:DLA-1529-1", "OSV:DLA-1531-1", "OSV:DLA-1715-1", "OSV:DLA-1731-1", "OSV:DLA-772-1", "OSV:DSA-2949-1", "OSV:DSA-2950-1", "OSV:DSA-3060-1", "OSV:DSA-3170-1", "OSV:DSA-3313-1", "OSV:DSA-3791-1", "OSV:DSA-4308-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:130329", "PACKETSTORM:132994"]}, {"type": "photon", "idList": ["PHSA-2016-0012", "PHSA-2018-0101", "PHSA-2018-0190", "PHSA-2019-0240", "PHSA-2019-1.0-0240"]}, {"type": "redhat", "idList": ["RHSA-2014:0771", "RHSA-2014:0786", "RHSA-2014:0800", "RHSA-2014:0815", "RHSA-2014:0900", "RHSA-2014:0913", "RHSA-2014:0981", "RHSA-2014:1168", "RHSA-2014:1724", "RHSA-2014:1843", "RHSA-2014:1971", "RHSA-2015:0126", "RHSA-2015:0284", "RHSA-2015:1272", "RHSA-2015:2152", "RHSA-2016:2574", "RHSA-2017:0386", "RHSA-2017:0387", "RHSA-2017:1842", "RHSA-2017:2077", "RHSA-2018:0151", "RHSA-2018:0152", "RHSA-2018:0181", "RHSA-2018:0676", "RHSA-2018:1062", "RHSA-2019:0512", "RHSA-2019:0514", "RHSA-2019:0831", "RHSA-2019:2029", "RHSA-2019:2043", "RHSA-2019:2473", "RHSA-2019:4154"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-5412", "RH:CVE-2016-8660", "RH:CVE-2016-9755", "RH:CVE-2017-15127", "RH:CVE-2017-2596", "RH:CVE-2018-16597", "RH:CVE-2018-16658", "RH:CVE-2018-17972"]}, {"type": "saint", "idList": ["SAINT:58F657BC1DD46A0850A96857BC5FA43B", "SAINT:62CFE302E8E036752E595883D6BF6332", "SAINT:8BE23F1EC35A570A9A83983E4E020927", "SAINT:CC7E2B1599949AEEEB57BA20490CBAFE"]}, {"type": "securelist", "idList": ["SECURELIST:52B19EC96333D6EAA616F8D528A8E64A"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29993", "SECURITYVULNS:DOC:30788", "SECURITYVULNS:DOC:30880", "SECURITYVULNS:DOC:31324", "SECURITYVULNS:DOC:31325", "SECURITYVULNS:DOC:31407", "SECURITYVULNS:DOC:31766", "SECURITYVULNS:DOC:32352", "SECURITYVULNS:VULN:13400", "SECURITYVULNS:VULN:13706", "SECURITYVULNS:VULN:13812", "SECURITYVULNS:VULN:13844", "SECURITYVULNS:VULN:14068", "SECURITYVULNS:VULN:14292", "SECURITYVULNS:VULN:14579"]}, {"type": "slackware", "idList": ["SSA-2019-030-01", "SSA-2019-202-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0840-1", "OPENSUSE-SU-2014:0856-1", "OPENSUSE-SU-2014:0878-1", "OPENSUSE-SU-2014:0957-1", "OPENSUSE-SU-2014:1669-1", "OPENSUSE-SU-2014:1677-1", "OPENSUSE-SU-2015:0566-1", "OPENSUSE-SU-2015:1382-1", "OPENSUSE-SU-2015:1842-1", "OPENSUSE-SU-2016:0280-1", "OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:0318-1", "OPENSUSE-SU-2016:1008-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2016:3050-1", "OPENSUSE-SU-2016:3058-1", "OPENSUSE-SU-2017:0906-1", "OPENSUSE-SU-2017:0907-1", "OPENSUSE-SU-2018:2738-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3202-1", "OPENSUSE-SU-2018:3658-1", "OPENSUSE-SU-2018:3817-1", "OPENSUSE-SU-2019:1407-1", "SUSE-SU-2014:0536-1", "SUSE-SU-2014:0775-1", "SUSE-SU-2014:0796-1", "SUSE-SU-2014:0807-1", "SUSE-SU-2014:0837-1", "SUSE-SU-2014:0837-2", "SUSE-SU-2014:0908-1", "SUSE-SU-2014:0909-1", "SUSE-SU-2014:0910-1", "SUSE-SU-2014:0911-1", "SUSE-SU-2014:0912-1", "SUSE-SU-2014:1138-1", "SUSE-SU-2014:1316-1", "SUSE-SU-2014:1319-1", "SUSE-SU-2014:1693-1", "SUSE-SU-2014:1693-2", "SUSE-SU-2014:1695-1", "SUSE-SU-2014:1695-2", "SUSE-SU-2015:0481-1", "SUSE-SU-2016:0168-1", "SUSE-SU-2016:0335-1", "SUSE-SU-2016:0336-1", "SUSE-SU-2016:0337-1", "SUSE-SU-2016:0339-1", "SUSE-SU-2016:0380-1", "SUSE-SU-2016:0381-1", "SUSE-SU-2016:0383-1", "SUSE-SU-2016:0384-1", "SUSE-SU-2016:0386-1", "SUSE-SU-2016:0387-1", "SUSE-SU-2016:0434-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1707-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2017:0181-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2017:0407-1", "SUSE-SU-2017:0437-1", "SUSE-SU-2017:0464-1", "SUSE-SU-2017:0471-1", "SUSE-SU-2017:0494-1", "SUSE-SU-2017:1102-1", "SUSE-SU-2017:1183-1", "SUSE-SU-2017:1247-1", "SUSE-SU-2017:1360-1", "SUSE-SU-2017:1990-1"]}, {"type": "thn", "idList": ["THN:608C3D3E206B655519193316EAFA2C22", "THN:94A8976C00B182A05720DD5149AC5DE0", "THN:B13AEDC0DAC18F19211BE2B4BE0C4787", "THN:B829D3A52189C266464176E0C3E66EE3", "THN:C8A4219AFC2880AC311776A8C10BAE97"]}, {"type": "threatpost", "idList": ["THREATPOST:42E64B8A7AF8DD130DE81078204DEE28", "THREATPOST:5E0275127CA36073D1FD4B8A32CAADD6", "THREATPOST:A1F7D2E70C26FAAFD6D382A08D8D7B38", "THREATPOST:B4267D45B883F6975BE2834CBA5C5B48", "THREATPOST:B433923D1E04E82EB6DD30772F192222", "THREATPOST:DF79B36E4B10187B12FB82AEF22C5EA9"]}, {"type": "ubuntu", "idList": ["USN-2015-1", "USN-2016-1", "USN-2019-1", "USN-2020-1", "USN-2021-1", "USN-2022-1", "USN-2023-1", "USN-2024-1", "USN-2038-1", "USN-2039-1", "USN-2050-1", "USN-2233-1", "USN-2234-1", "USN-2235-1", "USN-2236-1", "USN-2237-1", "USN-2238-1", "USN-2239-1", "USN-2240-1", "USN-2241-1", "USN-2251-1", "USN-2252-1", "USN-2259-1", "USN-2260-1", "USN-2261-1", "USN-2262-1", "USN-2263-1", "USN-2264-1", "USN-2285-1", "USN-2286-1", "USN-2288-1", "USN-2290-1", "USN-2394-1", "USN-2395-1", "USN-2396-1", "USN-2417-1", "USN-2418-1", "USN-2513-1", "USN-2514-1", "USN-2515-1", "USN-2515-2", "USN-2516-1", "USN-2516-2", "USN-2516-3", "USN-2517-1", "USN-2518-1", "USN-2687-1", "USN-2688-1", "USN-2689-1", "USN-2690-1", "USN-2691-1", "USN-2841-1", "USN-2841-2", "USN-2842-1", "USN-2842-2", "USN-2843-1", "USN-2843-2", "USN-2843-3", "USN-2844-1", "USN-3084-1", "USN-3084-2", "USN-3084-3", "USN-3084-4", "USN-3293-1", "USN-3312-1", "USN-3312-2", "USN-3359-1", "USN-3361-1", "USN-3422-1", "USN-3422-2", "USN-3797-1", "USN-3797-2", "USN-3798-1", "USN-3798-2", "USN-3820-1", "USN-3820-2", "USN-3820-3", "USN-3821-1", "USN-3821-2", "USN-3822-1", "USN-3822-2", "USN-3832-1", "USN-3835-1", "USN-3871-1", "USN-3871-2", "USN-3871-3", "USN-3871-4", "USN-3871-5", "USN-3880-1", "USN-3880-2", "USN-4904-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-2897", "UB:CVE-2014-1739", "UB:CVE-2014-3144", "UB:CVE-2014-3153", "UB:CVE-2014-3646", "UB:CVE-2014-9895", "UB:CVE-2015-0239", "UB:CVE-2015-1339", "UB:CVE-2015-1350", "UB:CVE-2015-3290", "UB:CVE-2015-7885", "UB:CVE-2015-8539", "UB:CVE-2016-3044", "UB:CVE-2016-5412", "UB:CVE-2016-8660", "UB:CVE-2016-9083", "UB:CVE-2016-9755", "UB:CVE-2017-15127", "UB:CVE-2017-2596", "UB:CVE-2018-16597", "UB:CVE-2018-16658", "UB:CVE-2018-17972", "UB:CVE-2018-18710"]}, {"type": "veracode", "idList": ["VERACODE:21048"]}, {"type": "virtuozzo", "idList": ["VZA-2017-001", "VZA-2019-066", "VZA-2019-067"]}, {"type": "zdt", "idList": ["1337DAY-ID-22925", "1337DAY-ID-23280", "1337DAY-ID-23971"]}]}, "score": {"value": 0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1086"]}, {"type": "archlinux", "idList": ["ASA-201411-14"]}, {"type": "canvas", "idList": ["LINUX_FUTEX_REQUEUE"]}, {"type": "centos", "idList": ["CESA-2019:0512", "CESA-2019:2473"]}, {"type": "chrome", "idList": ["GCSA-4830242147321115275"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:131A4556633D91C9BF0AE72696FADB89", "CFOUNDRY:B4B97B81301258FB8DE2E5FB29E0A418"]}, {"type": "cve", "idList": ["CVE-2013-2897", "CVE-2015-7885", "CVE-2016-5412", "CVE-2018-16597", "CVE-2018-17972"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1531-1:834CC", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-772-1:EB721", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-4308-1:D561A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-2897", "DEBIANCVE:CVE-2014-1739", "DEBIANCVE:CVE-2014-3144", "DEBIANCVE:CVE-2014-3153", "DEBIANCVE:CVE-2014-3646", "DEBIANCVE:CVE-2015-0239", "DEBIANCVE:CVE-2015-1339", "DEBIANCVE:CVE-2015-1350", "DEBIANCVE:CVE-2015-3290", "DEBIANCVE:CVE-2015-7885", "DEBIANCVE:CVE-2015-8539", "DEBIANCVE:CVE-2016-5412", "DEBIANCVE:CVE-2016-8660", "DEBIANCVE:CVE-2016-9083", "DEBIANCVE:CVE-2016-9755", "DEBIANCVE:CVE-2017-15127", "DEBIANCVE:CVE-2017-2596", "DEBIANCVE:CVE-2018-16597", "DEBIANCVE:CVE-2018-16658", "DEBIANCVE:CVE-2018-17972"]}, {"type": "exploitdb", "idList": ["EDB-ID:35370"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:448F0B0D44522EA4F8F2133CF21B41E4"]}, {"type": "f5", "idList": ["F5:K11165942", "F5:K27673650", "F5:K40523020", "SOL07560020"]}, {"type": "fedora", "idList": ["FEDORA:131186087E1C", "FEDORA:163BB601CF8F", "FEDORA:28A8366B1094", "FEDORA:28CF260C68EC", "FEDORA:29049600CFF3", "FEDORA:2AD3261A18E6", "FEDORA:2F13360877A3", "FEDORA:50E6E6087656", "FEDORA:56A5821917", "FEDORA:6B39A60C690C", "FEDORA:6F57B601CED2", "FEDORA:7734E613B647", "FEDORA:804CC6092211", "FEDORA:8593C630DD53", "FEDORA:92F5160877B4", "FEDORA:A7F0966B1097", "FEDORA:BE085601E81D", "FEDORA:C44336087E4E", "FEDORA:D6CE3608F49C", "FEDORA:E17EC601FD8F", "FEDORA:E819660C68EA", "FEDORA:EEB386177DBB"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:54DEC08A36CF8A81368D7CBA20C3E51B"]}, {"type": "hackerone", "idList": ["H1:13388"]}, {"type": "ibm", "idList": ["9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF"]}, {"type": "kitploit", "idList": ["KITPLOIT:4462385753504235463"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/UBUNTU-USN-2516-2/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1086.NASL", "ALA_ALAS-2018-1086.NASL", "CENTOS_RHSA-2014-1724.NASL", "DEBIAN_DLA-1531.NASL", "DEBIAN_DSA-4308.NASL", "EULEROS_SA-2019-1027.NASL", "EULEROS_SA-2019-1028.NASL", "FEDORA_2014-14068.NASL", "FEDORA_2016-4B67F775FE.NASL", "FEDORA_2016-90F142AA64.NASL", "FEDORA_2018-2EE3411CB8.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "OPENSUSE-2015-686.NASL", "OPENSUSE-2018-1016.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-1184.NASL", "OPENSUSE-2019-1407.NASL", "OPENSUSE-2019-769.NASL", "OPENSUSE-2019-893.NASL", "ORACLELINUX_ELSA-2018-4227.NASL", "ORACLELINUX_ELSA-2018-4242.NASL", "ORACLELINUX_ELSA-2018-4245.NASL", "ORACLELINUX_ELSA-2018-4250.NASL", "ORACLELINUX_ELSA-2019-0512.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-4531.NASL", "ORACLELINUX_ELSA-2019-4532.NASL", "ORACLELINUX_ELSA-2019-4541.NASL", "ORACLELINUX_ELSA-2019-4577.NASL", "ORACLEVM_OVMSA-2018-0258.NASL", "ORACLEVM_OVMSA-2019-0007.NASL", "REDHAT-RHSA-2014-0913.NASL", "REDHAT-RHSA-2019-0512.NASL", "REDHAT-RHSA-2019-0514.NASL", "REDHAT-RHSA-2019-0831.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2473.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20190314_KERNEL_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SUSE_SU-2014-1105-1.NASL", "SUSE_SU-2018-2776-1.NASL", "SUSE_SU-2018-2858-1.NASL", "SUSE_SU-2018-2879-1.NASL", "SUSE_SU-2018-2907-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-3003-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1692-1.NASL", "UBUNTU_USN-2015-1.NASL", "UBUNTU_USN-2235-1.NASL", "UBUNTU_USN-2515-2.NASL", "UBUNTU_USN-2516-3.NASL", "UBUNTU_USN-3797-1.NASL", "UBUNTU_USN-3797-2.NASL", "UBUNTU_USN-3871-1.NASL", "UBUNTU_USN-3871-2.NASL", "UBUNTU_USN-3871-3.NASL", "UBUNTU_USN-3871-4.NASL", "UBUNTU_USN-3871-5.NASL", "UBUNTU_USN-3880-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123042", "OPENVAS:1361412562310702949", "OPENVAS:1361412562310704308", "OPENVAS:1361412562310841850", "OPENVAS:1361412562310841897", "OPENVAS:1361412562310842396", "OPENVAS:1361412562310843663", "OPENVAS:1361412562310843666", "OPENVAS:1361412562310843884", "OPENVAS:1361412562310843891", "OPENVAS:1361412562310843892", "OPENVAS:1361412562310843896", "OPENVAS:1361412562310843897", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310851159", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851895", "OPENVAS:1361412562310851937", "OPENVAS:1361412562310866964", "OPENVAS:1361412562310867240", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310872105", "OPENVAS:1361412562310872111", "OPENVAS:1361412562310872115", "OPENVAS:1361412562310875066", "OPENVAS:1361412562310875067", "OPENVAS:1361412562310875072", "OPENVAS:1361412562310875187", "OPENVAS:1361412562310875189", "OPENVAS:1361412562310875195", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875202", "OPENVAS:1361412562310875203", "OPENVAS:1361412562310883019", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310891531", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562311220191480", "OPENVAS:841626"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-3002", "ELSA-2014-3052", "ELSA-2018-4227", "ELSA-2018-4242", "ELSA-2018-4245", "ELSA-2018-4246", "ELSA-2018-4250", "ELSA-2019-0512", "ELSA-2019-2029", "ELSA-2019-2473", "ELSA-2019-4531", "ELSA-2019-4532", "ELSA-2019-4541", "ELSA-2019-4577"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:130329"]}, {"type": "photon", "idList": ["PHSA-2018-0109", "PHSA-2019-1.0-0240"]}, {"type": "redhat", "idList": ["RHSA-2019:2473"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-8660", "RH:CVE-2018-16597", "RH:CVE-2018-16658"]}, {"type": "saint", "idList": ["SAINT:8BE23F1EC35A570A9A83983E4E020927"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31324"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0566-1", "OPENSUSE-SU-2016:0280-1", "OPENSUSE-SU-2018:2738-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3202-1", "SUSE-SU-2014:0796-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2017:1247-1"]}, {"type": "thn", "idList": ["THN:C8A4219AFC2880AC311776A8C10BAE97"]}, {"type": "threatpost", "idList": ["THREATPOST:42E64B8A7AF8DD130DE81078204DEE28", "THREATPOST:5E0275127CA36073D1FD4B8A32CAADD6", "THREATPOST:B4267D45B883F6975BE2834CBA5C5B48"]}, {"type": "ubuntu", "idList": ["USN-2039-1", "USN-2286-1", "USN-2395-1", "USN-3293-1", "USN-3871-1", "USN-3871-2", "USN-3871-3", "USN-3871-4", "USN-3871-5", "USN-3880-1", "USN-3880-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-16597", "UB:CVE-2018-16658", "UB:CVE-2018-17972"]}, {"type": "virtuozzo", "idList": ["VZA-2019-066", "VZA-2019-067"]}, {"type": "zdt", "idList": ["1337DAY-ID-23280"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2014-3646", "epss": "0.003030000", "percentile": "0.649100000", "modified": "2023-03-15"}, {"cve": "CVE-2016-8660", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2014-1739", "epss": "0.000440000", "percentile": "0.084760000", "modified": "2023-03-15"}, {"cve": "CVE-2018-16597", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2013-2897", "epss": "0.002160000", "percentile": "0.578100000", "modified": "2023-03-15"}, {"cve": "CVE-2015-1350", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2016-9083", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2014-3144", "epss": "0.000560000", "percentile": "0.214970000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8539", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-0239", "epss": "0.001150000", "percentile": "0.436130000", "modified": "2023-03-15"}, {"cve": "CVE-2014-3153", "epss": "0.000520000", "percentile": "0.185600000", "modified": "2023-03-15"}, {"cve": "CVE-2018-17972", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-1339", "epss": "0.001150000", "percentile": "0.434820000", "modified": "2023-03-15"}, {"cve": "CVE-2017-2596", "epss": "0.000620000", "percentile": "0.245740000", "modified": "2023-03-15"}, {"cve": "CVE-2017-15127", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2018-16658", "epss": "0.000440000", "percentile": "0.082750000", "modified": "2023-03-15"}, {"cve": "CVE-2015-3290", "epss": "0.000420000", "percentile": "0.004980000", "modified": "2023-03-15"}, {"cve": "CVE-2016-5412", "epss": "0.000620000", "percentile": "0.245740000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7885", "epss": "0.000440000", "percentile": "0.102620000", "modified": "2023-03-15"}, {"cve": "CVE-2016-9755", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}], "vulnersScore": 0.4}, "_state": {"dependencies": 1678957314, "score": 1698838580, "epss": 1678957426}, "_internal": {"score_hash": "445e772cf38c31d58cb28c969ec81a53"}, "pluginID": "1361412562311220191518", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1518\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-2897\", \"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3153\", \"CVE-2014-3646\", \"CVE-2015-0239\", \"CVE-2015-1339\", \"CVE-2015-1350\", \"CVE-2015-3290\", \"CVE-2015-7885\", \"CVE-2015-8539\", \"CVE-2016-5412\", \"CVE-2016-8660\", \"CVE-2016-9083\", \"CVE-2016-9755\", \"CVE-2017-15127\", \"CVE-2017-2596\", \"CVE-2018-16597\", \"CVE-2018-16658\", \"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:02:17 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1518)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1518\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1518\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1518 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS.(CVE-2017-2596)\n\nThe (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.(CVE-2014-3144)\n\nA flaw was found in the Linux kernel when freeing pages in hugetlbfs. This could trigger a local denial of service by crashing the kernel.(CVE-2017-15127)\n\nAn issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.(CVE-2018-16597)\n\nMemory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.(CVE-2015-1339)\n\nA flaw was found in the way the Linux kernel's nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2015-3290)\n\nMultiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.(CVE-2013-2897)\n\nA flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system.(CVE-2014-3153)\n\nThe XFS subsystem in the Linux kernel 4.4 and later allows local users to cause a denial of service (fdatasync() failure and system hang) by using the vfs syscall group in the 'trinity' program, as a result of a page lock order bug in the XFS seek hole/data implementation.(CVE-2016-8660)\n\nA flaw ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Huawei EulerOS Local Security Checks"}

{"nessus": [{"lastseen": "2022-02-19T13:49:55", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS.(CVE-2017-2596i1/4%0\n\n - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability was announced.(CVE-2014-3144i1/4%0\n\n - A flaw was found in the Linux kernel when freeing pages in hugetlbfs. This could trigger a local denial of service by crashing the kernel.(CVE-2017-15127i1/4%0\n\n - An issue was discovered in the Linux kernel before 4.8.\n Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.(CVE-2018-16597i1/4%0\n\n - Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.(CVE-2015-1339i1/4%0\n\n - A flaw was found in the way the Linux kernel's nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2015-3290i1/4%0\n\n - Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.(CVE-2013-2897i1/4%0\n\n - A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system.(CVE-2014-3153i1/4%0\n\n - The XFS subsystem in the Linux kernel 4.4 and later allows local users to cause a denial of service (fdatasync() failure and system hang) by using the vfs syscall group in the 'trinity' program, as a result of a page lock order bug in the XFS seek hole/data implementation.(CVE-2016-8660i1/4%0\n\n - A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the -i1/4zupdate key type method must be aware that the error code may be there.(CVE-2015-8539i1/4%0\n\n - It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the SYSENTER model-specific registers (MSRs). Note: Certified guest operating systems for Red Hat Enterprise Linux with KVM do initialize the SYSENTER MSRs and are thus not vulnerable to this issue when running on a KVM hypervisor.(CVE-2015-0239i1/4%0\n\n - An information leak flaw was found in the way the Linux kernel handled media device enumerate entities IOCTL requests. A local user able to access the /dev/media0 device file could use this flaw to leak kernel memory bytes.(CVE-2014-1739i1/4%0\n\n - The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.(CVE-2015-7885i1/4%0\n\n - An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.(CVE-2018-16658i1/4%0\n\n - A flaw was discovered in the Linux kernel's implementation of VFIO. An attacker issuing an ioctl can create a situation where memory is corrupted and modify memory outside of the expected area. This may overwrite kernel memory and subvert kernel execution.(CVE-2016-9083i1/4%0\n\n - It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid (Invalidate Translations Based on VPID) instructions.\n On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest.(CVE-2014-3646i1/4%0\n\n - An attacker on a network could abuse a flaw in the IPv6 stack fragment reassembly code to induce kernel memory corruption on the system, possibly leading to a system crash.(CVE-2016-9755i1/4%0\n\n - It was found that a regular user could remove xattr permissions on files by using the chown or write system calls. A local attacker could use this flaw to deny elevated permissions from valid users, services, or applications, potentially resulting in a denial of service.(CVE-2015-1350i1/4%0\n\n - arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.(CVE-2016-5412i1/4%0\n\n - An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.(CVE-2018-17972i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1518)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2897", "CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3153", "CVE-2014-3646", "CVE-2015-0239", "CVE-2015-1339", "CVE-2015-1350", "CVE-2015-3290", "CVE-2015-7885", "CVE-2015-8539", "CVE-2016-5412", "CVE-2016-8660", "CVE-2016-9083", "CVE-2016-9755", "CVE-2017-15127", "CVE-2017-2596", "CVE-2018-16597", "CVE-2018-16658", "CVE-2018-17972"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1518.NASL", "href": "https://www.tenable.com/plugins/nessus/124971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124971);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-2897\",\n \"CVE-2014-1739\",\n \"CVE-2014-3144\",\n \"CVE-2014-3153\",\n \"CVE-2014-3646\",\n \"CVE-2015-0239\",\n \"CVE-2015-1339\",\n \"CVE-2015-1350\",\n \"CVE-2015-3290\",\n \"CVE-2015-7885\",\n \"CVE-2015-8539\",\n \"CVE-2016-5412\",\n \"CVE-2016-8660\",\n \"CVE-2016-9083\",\n \"CVE-2016-9755\",\n \"CVE-2017-15127\",\n \"CVE-2017-2596\",\n \"CVE-2018-16597\",\n \"CVE-2018-16658\",\n \"CVE-2018-17972\"\n );\n script_bugtraq_id(\n 62044,\n 67309,\n 67906,\n 68048,\n 70745,\n 72842,\n 76004\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1518)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - Linux kernel built with the KVM visualization support\n (CONFIG_KVM), with nested visualization(nVMX) feature\n enabled(nested=1), is vulnerable to host memory leakage\n issue. It could occur while emulating VMXON instruction\n in 'handle_vmon'. An L1 guest user could use this flaw\n to leak host memory potentially resulting in\n DoS.(CVE-2017-2596i1/4%0\n\n - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST\n extension implementations in the sk_run_filter function\n in net/core/filter.c in the Linux kernel through 3.14.3\n do not check whether a certain length value is\n sufficiently large, which allows local users to cause a\n denial of service (integer underflow and system crash)\n via crafted BPF instructions. NOTE: the affected code\n was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the\n vulnerability was announced.(CVE-2014-3144i1/4%0\n\n - A flaw was found in the Linux kernel when freeing pages\n in hugetlbfs. This could trigger a local denial of\n service by crashing the kernel.(CVE-2017-15127i1/4%0\n\n - An issue was discovered in the Linux kernel before 4.8.\n Incorrect access checking in overlayfs mounts could be\n used by local attackers to modify or truncate files in\n the underlying filesystem.(CVE-2018-16597i1/4%0\n\n - Memory leak in the cuse_channel_release function in\n fs/fuse/cuse.c in the Linux kernel before 4.4 allows\n local users to cause a denial of service (memory\n consumption) or possibly have unspecified other impact\n by opening /dev/cuse many times.(CVE-2015-1339i1/4%0\n\n - A flaw was found in the way the Linux kernel's nested\n NMI handler and espfix64 functionalities interacted\n during NMI processing. A local, unprivileged user could\n use this flaw to crash the system or, potentially,\n escalate their privileges on the\n system.(CVE-2015-3290i1/4%0\n\n - Multiple array index errors in\n drivers/hid/hid-multitouch.c in the Human Interface\n Device (HID) subsystem in the Linux kernel through\n 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow\n physically proximate attackers to cause a denial of\n service (heap memory corruption, or NULL pointer\n dereference and OOPS) via a crafted\n device.(CVE-2013-2897i1/4%0\n\n - A flaw was found in the way the Linux kernel's futex\n subsystem handled the requeuing of certain Priority\n Inheritance (PI) futexes. A local, unprivileged user\n could use this flaw to escalate their privileges on the\n system.(CVE-2014-3153i1/4%0\n\n - The XFS subsystem in the Linux kernel 4.4 and later\n allows local users to cause a denial of service\n (fdatasync() failure and system hang) by using the vfs\n syscall group in the 'trinity' program, as a result of\n a page lock order bug in the XFS seek hole/data\n implementation.(CVE-2016-8660i1/4%0\n\n - A flaw was found in the Linux kernel's key management\n system where it was possible for an attacker to\n escalate privileges or crash the machine. If a user key\n gets negatively instantiated, an error code is cached\n in the payload area. A negatively instantiated key may\n be then be positively instantiated by updating it with\n valid data. However, the -i1/4zupdate key type method\n must be aware that the error code may be\n there.(CVE-2015-8539i1/4%0\n\n - It was found that the Linux kernel KVM subsystem's\n sysenter instruction emulation was not sufficient. An\n unprivileged guest user could use this flaw to escalate\n their privileges by tricking the hypervisor to emulate\n a SYSENTER instruction in 16-bit mode, if the guest OS\n did not initialize the SYSENTER model-specific\n registers (MSRs). Note: Certified guest operating\n systems for Red Hat Enterprise Linux with KVM do\n initialize the SYSENTER MSRs and are thus not\n vulnerable to this issue when running on a KVM\n hypervisor.(CVE-2015-0239i1/4%0\n\n - An information leak flaw was found in the way the Linux\n kernel handled media device enumerate entities IOCTL\n requests. A local user able to access the /dev/media0\n device file could use this flaw to leak kernel memory\n bytes.(CVE-2014-1739i1/4%0\n\n - The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel\n through 4.3.3 does not initialize a certain structure\n member, which allows local users to obtain sensitive\n information from kernel memory via a crafted\n application.(CVE-2015-7885i1/4%0\n\n - An information leak was discovered in the Linux kernel\n in cdrom_ioctl_drive_status() function in\n drivers/cdrom/cdrom.c that could be used by local\n attackers to read kernel memory at certain\n location.(CVE-2018-16658i1/4%0\n\n - A flaw was discovered in the Linux kernel's\n implementation of VFIO. An attacker issuing an ioctl\n can create a situation where memory is corrupted and\n modify memory outside of the expected area. This may\n overwrite kernel memory and subvert kernel\n execution.(CVE-2016-9083i1/4%0\n\n - It was found that the Linux kernel's KVM subsystem did\n not handle the VM exits gracefully for the invvpid\n (Invalidate Translations Based on VPID) instructions.\n On hosts with an Intel processor and invppid VM exit\n support, an unprivileged guest user could use these\n instructions to crash the guest.(CVE-2014-3646i1/4%0\n\n - An attacker on a network could abuse a flaw in the IPv6\n stack fragment reassembly code to induce kernel memory\n corruption on the system, possibly leading to a system\n crash.(CVE-2016-9755i1/4%0\n\n - It was found that a regular user could remove xattr\n permissions on files by using the chown or write system\n calls. A local attacker could use this flaw to deny\n elevated permissions from valid users, services, or\n applications, potentially resulting in a denial of\n service.(CVE-2015-1350i1/4%0\n\n - arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux\n kernel through 4.7 on PowerPC platforms, when\n CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS\n users to cause a denial of service (host OS infinite\n loop) by making a H_CEDE hypercall during the existence\n of a suspended transaction.(CVE-2016-5412i1/4%0\n\n - An issue was discovered in the proc_pid_stack function\n in fs/proc/base.c in the Linux kernel. An attacker with\n a local account can trick the stack unwinder code to\n leak stack contents to userspace. The fix allows only\n root to inspect the kernel stack of an arbitrary\n task.(CVE-2018-17972i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1518\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0fa3dae4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9083\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Towelroot Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-08T17:22:24", "description": "The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.\n\nA flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system.\n\nThe n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the 'LECHO & !OPOST' case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.", "cvss3": {}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2014-392)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0196", "CVE-2014-1739", "CVE-2014-3153"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-392.NASL", "href": "https://www.tenable.com/plugins/nessus/78335", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-392.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78335);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1739\", \"CVE-2014-3153\");\n script_xref(name:\"ALAS\", value:\"2014-392\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2014-392)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The media_device_enum_entities function in\ndrivers/media/media-device.c in the Linux kernel before 3.14.6 does\nnot initialize a certain data structure, which allows local users to\nobtain sensitive information from kernel memory by leveraging\n/dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.\n\nA flaw was found in the way the Linux kernel's futex subsystem handled\nthe requeuing of certain Priority Inheritance (PI) futexes. A local,\nunprivileged user could use this flaw to escalate their privileges on\nthe system.\n\nThe n_tty_write function in drivers/tty/n_tty.c in the Linux kernel\nthrough 3.14.3 does not properly manage tty driver access in the\n'LECHO & !OPOST' case, which allows local users to cause a denial of\nservice (memory corruption and system crash) or gain privileges by\ntriggering a race condition involving read and write operations with\nlong strings.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2014-392.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-3.10.53-56.140.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-3.10.53-56.140.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:34:02", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation :\n\n - CVE-2014-3144/ CVE-2014-3145 A local user can cause a denial of service (system crash) via crafted BPF instructions.\n\n - CVE-2014-3153 Pinkie Pie discovered an issue in the futex subsystem that allows a local user to gain ring 0 control via the futex syscall. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation.", "cvss3": {}, "published": "2014-06-06T00:00:00", "type": "nessus", "title": "Debian DSA-2949-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2949.NASL", "href": "https://www.tenable.com/plugins/nessus/74336", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2949. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74336);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-3153\");\n script_bugtraq_id(67309, 67321);\n script_xref(name:\"DSA\", value:\"2949\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"Debian DSA-2949-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation :\n\n - CVE-2014-3144/ CVE-2014-3145\n A local user can cause a denial of service (system\n crash) via crafted BPF instructions.\n\n - CVE-2014-3153\n Pinkie Pie discovered an issue in the futex subsystem\n that allows a local user to gain ring 0 control via the\n futex syscall. An unprivileged user could use this flaw\n to crash the kernel (resulting in denial of service) or\n for privilege escalation.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-3144\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-3145\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-3153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2014/dsa-2949\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.2.57-3+deb7u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.57-3+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T17:17:38", "description": "Salva Peiro discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3145).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-06-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2261-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2261-1.NASL", "href": "https://www.tenable.com/plugins/nessus/76296", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2261-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76296);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_bugtraq_id(67309, 67321, 68048);\n script_xref(name:\"USN\", value:\"2261-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2261-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Salva Peiro discovered an information leak in the Linux kernel's\nmedia- device driver. A local attacker could exploit this flaw to\nobtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of\nthe Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter\nsubsystem of the Linux kernel. A local user could exploit this flaw to\ncause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3145).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2261-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.11-generic and / or\nlinux-image-3.11-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2261-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.11.0-24-generic\", pkgver:\"3.11.0-24.41~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.11.0-24-generic-lpae\", pkgver:\"3.11.0-24.41~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.11-generic / linux-image-3.11-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:29:55", "description": "Salva Peiro discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3145).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-06-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2259-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2259-1.NASL", "href": "https://www.tenable.com/plugins/nessus/76294", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2259-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76294);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_bugtraq_id(67309, 67321, 68048);\n script_xref(name:\"USN\", value:\"2259-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2259-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Salva Peiro discovered an information leak in the Linux kernel's\nmedia- device driver. A local attacker could exploit this flaw to\nobtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of\nthe Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter\nsubsystem of the Linux kernel. A local user could exploit this flaw to\ncause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3145).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2259-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2259-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-65-generic\", pkgver:\"3.2.0-65.98\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-65-generic-pae\", pkgver:\"3.2.0-65.98\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-65-highbank\", pkgver:\"3.2.0-65.98\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-65-virtual\", pkgver:\"3.2.0-65.98\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T17:17:02", "description": "Salva Peiro discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3145).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-06-28T00:00:00", "type": "nessus", "title": "Ubuntu 13.10 : linux vulnerabilities (USN-2264-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:13.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae"], "id": "UBUNTU_USN-2264-1.NASL", "href": "https://www.tenable.com/plugins/nessus/76298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2264-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76298);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_bugtraq_id(67309, 67321, 68048);\n script_xref(name:\"USN\", value:\"2264-1\");\n\n script_name(english:\"Ubuntu 13.10 : linux vulnerabilities (USN-2264-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Salva Peiro discovered an information leak in the Linux kernel's\nmedia- device driver. A local attacker could exploit this flaw to\nobtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of\nthe Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter\nsubsystem of the Linux kernel. A local user could exploit this flaw to\ncause a denial of service (system crash) via crafted BPF instructions.\n(CVE-2014-3145).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2264-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.11-generic and / or\nlinux-image-3.11-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2264-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.10\", pkgname:\"linux-image-3.11.0-24-generic\", pkgver:\"3.11.0-24.41\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"linux-image-3.11.0-24-generic-lpae\", pkgver:\"3.11.0-24.41\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.11-generic / linux-image-3.11-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:29", "description": "According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability :\n\n - Fixed handling of stored error in a negatively instantiated user key. Key management subsystems could be abused to escalate privileges through memory corruption. All kernels were affected.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-03-27T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8539"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZA-2017-001.NASL", "href": "https://www.tenable.com/plugins/nessus/97974", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97974);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2015-8539\"\n );\n\n script_name(english:\"Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-001)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the parallels-server-bm-release /\nvzkernel / etc packages installed, the Virtuozzo installation on the\nremote host is affected by the following vulnerability :\n\n - Fixed handling of stored error in a negatively\n instantiated user key. Key management subsystems could\n be abused to escalate privileges through memory\n corruption. All kernels were affected.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/en/portal/articles/2718897\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected parallels-server-bm-release / vzkernel / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"parallels-server-bm-release-6.0.12-3656\",\n \"vzkernel-2.6.32-042stab120.18\",\n \"vzkernel-devel-2.6.32-042stab120.18\",\n \"vzkernel-firmware-2.6.32-042stab120.18\",\n \"vzmodules-2.6.32-042stab120.18\",\n \"vzmodules-devel-2.6.32-042stab120.18\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"parallels-server-bm-release / vzkernel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:44", "description": "The 4.18.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2018-59e4747e0f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-59E4747E0F.NASL", "href": "https://www.tenable.com/plugins/nessus/120447", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-59e4747e0f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120447);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16658\");\n script_xref(name:\"FEDORA\", value:\"2018-59e4747e0f\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2018-59e4747e0f)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-59e4747e0f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-16658\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-59e4747e0f\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.18.7-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.18.7-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-4.18.7-200.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:36", "description": "The 4.18.13 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2018-9f4381d8c4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-9F4381D8C4.NASL", "href": "https://www.tenable.com/plugins/nessus/120659", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-9f4381d8c4.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120659);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-17972\");\n script_xref(name:\"FEDORA\", value:\"2018-9f4381d8c4\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2018-9f4381d8c4)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.13 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f4381d8c4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-17972\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-9f4381d8c4\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.18.13-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.18.13-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-4.18.13-200.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:11:24", "description": "According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.i1/4^CVE-2018-16658i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1188)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1188.NASL", "href": "https://www.tenable.com/plugins/nessus/123874", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123874);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-16658\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1188)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An information leak was discovered in the Linux kernel\n in cdrom_ioctl_drive_status() function in\n drivers/cdrom/cdrom.c that could be used by local\n attackers to read kernel memory at certain\n location.i1/4^CVE-2018-16658i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1188\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?93dc3ec2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-514.44.5.10_112\",\n \"kernel-devel-3.10.0-514.44.5.10_112\",\n \"kernel-headers-3.10.0-514.44.5.10_112\",\n \"kernel-tools-3.10.0-514.44.5.10_112\",\n \"kernel-tools-libs-3.10.0-514.44.5.10_112\",\n \"kernel-tools-libs-devel-3.10.0-514.44.5.10_112\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:03", "description": "The 4.18.13 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-10-17T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel / kernel-headers / kernel-tools (2018-2ee3411cb8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-2EE3411CB8.NASL", "href": "https://www.tenable.com/plugins/nessus/118160", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-2ee3411cb8.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118160);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-17972\");\n script_xref(name:\"FEDORA\", value:\"2018-2ee3411cb8\");\n\n script_name(english:\"Fedora 27 : kernel / kernel-headers / kernel-tools (2018-2ee3411cb8)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.13 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-2ee3411cb8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-17972\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-2ee3411cb8\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.18.13-100.fc27\")) flag++;\nif (rpm_check(release:\"FC27\", reference:\"kernel-headers-4.18.13-100.fc27\")) flag++;\nif (rpm_check(release:\"FC27\", reference:\"kernel-tools-4.18.13-100.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:56:28", "description": "The 4.6.6 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-08-16T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel (2016-4b67f775fe)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5412"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-4B67F775FE.NASL", "href": "https://www.tenable.com/plugins/nessus/92971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-4b67f775fe.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92971);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5412\");\n script_xref(name:\"FEDORA\", value:\"2016-4b67f775fe\");\n\n script_name(english:\"Fedora 23 : kernel (2016-4b67f775fe)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.6.6 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-4b67f775fe\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-5412\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-4b67f775fe\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.6.6-200.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:52:47", "description": "The v4.6.6 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-08-16T00:00:00", "type": "nessus", "title": "Fedora 24 : kernel (2016-90f142aa64)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5412"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-90F142AA64.NASL", "href": "https://www.tenable.com/plugins/nessus/92973", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-90f142aa64.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92973);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5412\");\n script_xref(name:\"FEDORA\", value:\"2016-90f142aa64\");\n\n script_name(english:\"Fedora 24 : kernel (2016-90f142aa64)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The v4.6.6 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-90f142aa64\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-5412\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-90f142aa64\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.6.6-300.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:11:24", "description": "According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.i1/4^CVE-2018-16658i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1189)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.4"], "id": "EULEROS_SA-2019-1189.NASL", "href": "https://www.tenable.com/plugins/nessus/123875", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123875);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-16658\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1189)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An information leak was discovered in the Linux kernel\n in cdrom_ioctl_drive_status() function in\n drivers/cdrom/cdrom.c that could be used by local\n attackers to read kernel memory at certain\n location.i1/4^CVE-2018-16658i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1189\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34ea33e7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.4\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.4\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.1_39\",\n \"kernel-devel-3.10.0-862.14.1.1_39\",\n \"kernel-headers-3.10.0-862.14.1.1_39\",\n \"kernel-tools-3.10.0-862.14.1.1_39\",\n \"kernel-tools-libs-3.10.0-862.14.1.1_39\",\n \"kernel-tools-libs-devel-3.10.0-862.14.1.1_39\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-04T16:52:14", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. (CVE-2018-17972)\n\nImpact\n\nBIG-IP and Traffix SDC\n\nLocal attackers can exploit this vulnerability to obtain sensitive information from the affected system.\n\nBIG-IQ, Enterprise Manager, and F5 iWorkflow\n\nThere is no impact on theseF5 products; theyare not affected by this vulnerability.", "cvss3": {}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K27673650)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2023-11-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_domain_name_system", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL27673650.NASL", "href": "https://www.tenable.com/plugins/nessus/132562", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K27673650.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132562);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/02\");\n\n script_cve_id(\"CVE-2018-17972\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K27673650)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"An issue was discovered in the proc_pid_stack function in\nfs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure\nthat only root may inspect the kernel stack of an arbitrary task,\nallowing a local attacker to exploit racy stack unwinding and leak\nkernel task stack contents. (CVE-2018-17972)\n\nImpact\n\nBIG-IP and Traffix SDC\n\nLocal attackers can exploit this vulnerability to obtain sensitive\ninformation from the affected system.\n\nBIG-IQ, Enterprise Manager, and F5 iWorkflow\n\nThere is no impact on theseF5 products; theyare not affected by this\nvulnerability.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://my.f5.com/manage/s/article/K27673650\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K27673650.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17972\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_domain_name_system\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K27673650';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'AM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'APM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'ASM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'AVR': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'DNS': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'GTM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'LC': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'LTM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'PEM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n },\n 'WAM': {\n 'affected': [\n '15.0.0-15.0.1','14.0.0-14.1.2','13.0.0-13.1.3','12.1.0-12.1.5','11.5.1-11.6.5'\n ],\n 'unaffected': [\n '15.1.0','15.0.1.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:18", "description": "The 4.18.13 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2018-ec3bf1b228)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-EC3BF1B228.NASL", "href": "https://www.tenable.com/plugins/nessus/120883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-ec3bf1b228.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120883);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-17972\");\n script_xref(name:\"FEDORA\", value:\"2018-ec3bf1b228\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2018-ec3bf1b228)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.13 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ec3bf1b228\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-17972\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-ec3bf1b228\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-4.18.13-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-4.18.13-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-4.18.13-300.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:50:43", "description": "The 4.9.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-02-07T00:00:00", "type": "nessus", "title": "Fedora 24 : kernel (2017-392b319bb5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2596"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-392B319BB5.NASL", "href": "https://www.tenable.com/plugins/nessus/97032", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-392b319bb5.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97032);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-2596\");\n script_xref(name:\"FEDORA\", value:\"2017-392b319bb5\");\n\n script_name(english:\"Fedora 24 : kernel (2017-392b319bb5)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.9.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-392b319bb5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-2596\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-392b319bb5\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.9.7-101.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:30:22", "description": "The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-3039 advisory.\n\n - The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2014-06-09T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3039)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el5uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el5uekdebug", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el6uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el6uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el5uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el5uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el6uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el6uekdebug"], "id": "ORACLELINUX_ELSA-2014-3039.NASL", "href": "https://www.tenable.com/plugins/nessus/74378", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3039.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74378);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-3153\");\n script_bugtraq_id(67906);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3039)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2014-3039 advisory.\n\n - The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls\n have two different futex addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-3039.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3153\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Towelroot Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.2.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.2.el6uekdebug\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 5 / 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-400.36.2.el5uek', '2.6.32-400.36.2.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-3039');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.32-400.36.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-2.6.32-400.36.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-doc-2.6.32-400.36.2.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.32'},\n {'reference':'kernel-uek-firmware-2.6.32-400.36.2.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'mlnx_en-2.6.32-400.36.2.el5uek-1.5.7-2', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.2.el5uek-1.5.7-2', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.2.el5uekdebug-1.5.7-2', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.2.el5uekdebug-1.5.7-2', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el5uek-1.5.1-4.0.58', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el5uek-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el5uekdebug-1.5.1-4.0.58', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el5uekdebug-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-2.6.32-400.36.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-2.6.32-400.36.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-doc-2.6.32-400.36.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.32'},\n {'reference':'kernel-uek-firmware-2.6.32-400.36.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'mlnx_en-2.6.32-400.36.2.el6uek-1.5.7-0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.2.el6uek-1.5.7-0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.2.el6uekdebug-1.5.7-0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.2.el6uekdebug-1.5.7-0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el6uek-1.5.1-4.0.58', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el6uek-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el6uekdebug-1.5.1-4.0.58', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.2.el6uekdebug-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T17:15:40", "description": "Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-06-06T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2237-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2237-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74357", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2237-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74357);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-3153\");\n script_xref(name:\"USN\", value:\"2237-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2237-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or gain administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/2237-1/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected linux-image-3.5-generic package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-3153\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2237-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-51-generic\", pkgver:\"3.5.0-51.77~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:51:10", "description": "The 4.9.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-02-07T00:00:00", "type": "nessus", "title": "Fedora 25 : kernel (2017-472052ebe5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2596"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-472052EBE5.NASL", "href": "https://www.tenable.com/plugins/nessus/97033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-472052ebe5.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97033);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-2596\");\n script_xref(name:\"FEDORA\", value:\"2017-472052ebe5\");\n\n script_name(english:\"Fedora 25 : kernel (2017-472052ebe5)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.9.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-472052ebe5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-2596\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-472052ebe5\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.9.7-201.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:34:03", "description": "The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-3038 advisory.\n\n - The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2014-06-09T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3038)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2014-3038.NASL", "href": "https://www.tenable.com/plugins/nessus/74377", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3038.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74377);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-3153\");\n script_bugtraq_id(67906);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3038)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2014-3038 advisory.\n\n - The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls\n have two different futex addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-3038.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3153\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Towelroot Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 5 / 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.39-400.215.2.el5uek', '2.6.39-400.215.2.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-3038');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.39-400.215.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.215.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.2.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.2.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.215.2.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.215.2.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.215.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.215.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.215.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.215.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:30:22", "description": "The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-3037 advisory.\n\n - The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2014-06-09T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-35.1.1.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-headers", "p-cpe:/a:oracle:linux:dtrace-modules-provider-headers", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2014-3037.NASL", "href": "https://www.tenable.com/plugins/nessus/74376", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3037.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74376);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-3153\");\n script_bugtraq_id(67906);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3037)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2014-3037 advisory.\n\n - The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls\n have two different futex addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-3037.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3153\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Towelroot Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-35.1.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-provider-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-35.1.1.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-3037');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-35.1.1.el6uek-0.4.3-4.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dtrace-modules-headers-0.4.3-4.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dtrace-modules-provider-headers-0.4.3-4.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-35.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-35.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-35.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-35.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-35.1.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-35.1.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-35.1.1.el6uek / dtrace-modules-headers / dtrace-modules-provider-headers / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T17:22:22", "description": "The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.", "cvss3": {}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2014-363)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-363.NASL", "href": "https://www.tenable.com/plugins/nessus/78306", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-363.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78306);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-3153\");\n script_xref(name:\"ALAS\", value:\"2014-363\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2014-363)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The futex_requeue function in kernel/futex.c in the Linux kernel\nthrough 3.14.5 does not ensure that calls have two different futex\naddresses, which allows local users to gain privileges via a crafted\nFUTEX_REQUEUE command that facilitates unsafe waiter modification.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2014-363.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-3.10.42-52.145.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-3.10.42-52.145.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "mageia": [{"lastseen": "2023-12-07T10:51:25", "description": "Updated kernel packages fixes security vulnerabilities. The kernel has been updated to the upstream 3.12.21 longterm kernel, and fixes the following security issues: media-device: fix infoleak in ioctl media_enum_entities() (CVE-2014-1739) The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153) kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. To avoid this and other issues CONFIG_AUDITSYSCALL has been disabled. (CVE-2014-3917) Other changes: iwlwifi: mvm: disable beacon filtering ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets For other upstream changes, see the referenced changelog. \n", "cvss3": {}, "published": "2014-06-19T00:50:01", "type": "mageia", "title": "Updated kernel packages fixes security vulnerabilities.\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739", "CVE-2014-3153", "CVE-2014-3917"], "modified": "2014-06-19T00:50:01", "id": "MGASA-2014-0265", "href": "https://advisories.mageia.org/MGASA-2014-0265.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T10:51:25", "description": "The kernel has been updated to the upstream 3.10.44 longterm kernel, and fixes the following security issues: The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program. (CVE-2014-0181) media-device: fix infoleak in ioctl media_enum_entities() (CVE-2014-1739) The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153) kernel/auditsc.c in the Linux kernel through 3.14.5, when AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. (CVE-2014-3917) Andy Lutomirski has reported a vulnerability in Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error related to checking Inode capabilities, which can be exploited to conduct certain actions with escalated privileges. Successful exploitation requires a kernel built with user namespaces (USER_NS) enabled. (CVE-2014-4014) For other changes, see the referenced changelogs. \n", "cvss3": {}, "published": "2014-06-23T01:13:23", "type": "mageia", "title": "Updated kernel packages fixes security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0181", "CVE-2014-1739", "CVE-2014-3153", "CVE-2014-3917", "CVE-2014-4014"], "modified": "2014-06-23T01:13:23", "id": "MGASA-2014-0273", "href": "https://advisories.mageia.org/MGASA-2014-0273.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:37:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-saucy USN-2261-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3145", "CVE-2014-3144"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841879", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841879", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2261_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-saucy USN-2261-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841879\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 22:48:26 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux-lts-saucy USN-2261-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-saucy on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Salva Peir&#243 discovered an information leak in the Linux\nkernel's media- device driver. A local attacker could exploit this flaw to\nobtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the\nLinux kernel. A local user could exploit this flaw to cause a denial of\nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem\nof the Linux kernel. A local user could exploit this flaw to cause a denial\nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2261-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2261-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-saucy'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-24-generic\", ver:\"3.11.0-24.41~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-24-generic-lpae\", ver:\"3.11.0-24.41~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-17T23:01:12", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-392)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-0196", "CVE-2014-3153"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120248", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120248\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:21:22 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-392)\");\n script_tag(name:\"insight\", value:\"The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the LECHO & !OPOST case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-392.html\");\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3153\", \"CVE-2014-0196\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.53~56.140.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2259-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3145", "CVE-2014-3144"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841874", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841874", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2259_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2259-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841874\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 22:15:43 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-2259-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Salva Peir&#243 discovered an information leak in the Linux\nkernel's media- device driver. A local attacker could exploit this flaw to\nobtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the\nLinux kernel. A local user could exploit this flaw to cause a denial of\nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem\nof the Linux kernel. A local user could exploit this flaw to cause a denial\nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2259-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2259-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-generic\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-generic-pae\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-highbank\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-omap\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-powerpc-smp\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-powerpc64-smp\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-65-virtual\", ver:\"3.2.0-65.98\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2263-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3145", "CVE-2014-3144"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841876", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841876", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2263_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2263-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841876\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 22:30:58 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2263-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Salva Peir&#243 discovered an information leak in the Linux\nkernel's media-device driver. A local attacker could exploit this flaw to obtain\nsensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the\nLinux kernel. A local user could exploit this flaw to cause a denial of\nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem\nof the Linux kernel. A local user could exploit this flaw to cause a denial\nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2263-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2263-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1450-omap4\", ver:\"3.2.0-1450.69\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2264-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1739", "CVE-2014-3145", "CVE-2014-3144"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841880", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841880", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2264_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2264-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841880\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 22:55:02 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-1739\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-2264-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 13.10\");\n script_tag(name:\"insight\", value:\"Salva Peir&#243 discovered an information leak in the Linux\nkernel's media- device driver. A local attacker could exploit this flaw to\nobtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the\nLinux kernel. A local user could exploit this flaw to cause a denial of\nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem\nof the Linux kernel. A local user could exploit this flaw to cause a denial\nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2264-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2264-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-24-generic\", ver:\"3.11.0-24.41\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-24-generic-lpae\", ver:\"3.11.0-24.41\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-08-04T10:49:15", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3144 / CVE-2014-3145 \nA local user can cause a denial of service (system crash) via\ncrafted BPF instructions.\n\nCVE-2014-3153 \nPinkie Pie discovered an issue in the futex subsystem that allows a\nlocal user to gain ring 0 control via the futex syscall. An\nunprivileged user could use this flaw to crash the kernel (resulting\nin denial of service) or for privilege escalation.", "cvss3": {}, "published": "2014-06-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2949-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3145", "CVE-2014-3144", "CVE-2014-3153"], "modified": "2017-07-20T00:00:00", "id": "OPENVAS:702949", "href": "http://plugins.openvas.org/nasl.php?oid=702949", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2949.nasl 6769 2017-07-20 09:56:33Z teissa $\n# Auto-generated from advisory DSA 2949-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"linux on Debian Linux\";\ntag_insight = \"The Linux kernel is the core of the Linux operating system.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your linux packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3144 / CVE-2014-3145 \nA local user can cause a denial of service (system crash) via\ncrafted BPF instructions.\n\nCVE-2014-3153 \nPinkie Pie discovered an issue in the futex subsystem that allows a\nlocal user to gain ring 0 control via the futex syscall. An\nunprivileged user could use this flaw to crash the kernel (resulting\nin denial of service) or for privilege escalation.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702949);\n script_version(\"$Revision: 6769 $\");\n script_cve_id(\"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-3153\");\n script_name(\"Debian Security Advisory DSA 2949-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-20 11:56:33 +0200 (Thu, 20 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-06-05 00:00:00 +0200 (Thu, 05 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2949.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:13", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3144 / CVE-2014-3145\nA local user can cause a denial of service (system crash) via\ncrafted BPF instructions.\n\nCVE-2014-3153\nPinkie Pie discovered an issue in the futex subsystem that allows a\nlocal user to gain ring 0 control via the futex syscall. An\nunprivileged user could use this flaw to crash the kernel (resulting\nin denial of service) or for privilege escalation.", "cvss3": {}, "published": "2014-06-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2949-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3145", "CVE-2014-3144", "CVE-2014-3153"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310702949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702949", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2949.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2949-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702949\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-3153\");\n script_name(\"Debian Security Advisory DSA 2949-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-05 00:00:00 +0200 (Thu, 05 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2949.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3144 / CVE-2014-3145\nA local user can cause a denial of service (system crash) via\ncrafted BPF instructions.\n\nCVE-2014-3153\nPinkie Pie discovered an issue in the futex subsystem that allows a\nlocal user to gain ring 0 control via the futex syscall. An\nunprivileged user could use this flaw to crash the kernel (resulting\nin denial of service) or for privilege escalation.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-16T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-90f142aa64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5412"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-90f142aa64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809110\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-16 05:55:47 +0200 (Tue, 16 Aug 2016)\");\n script_cve_id(\"CVE-2016-5412\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:S/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-90f142aa64\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-90f142aa64\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIECVMGNK64CYF6KY336Z36H62ICGRYI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.6.6~300.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-16T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-4b67f775fe", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5412"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809111", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809111", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-4b67f775fe\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809111\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-16 05:56:18 +0200 (Tue, 16 Aug 2016)\");\n script_cve_id(\"CVE-2016-5412\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:S/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-4b67f775fe\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-4b67f775fe\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHQTHD35KRH2KATKNWYFEX5PHTCYRNPU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.6.6~200.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2018-ec3bf1b228", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875929", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875929\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:27:58 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2018-ec3bf1b228\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-ec3bf1b228\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BK75TBVAEWCPURVFUHKRUXCSNUBJFDNO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the FEDORA-2018-ec3bf1b228 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Kernel-headers includes the C header files that specify the interface\nbetween the Linux kernel and userspace libraries and programs. The\nheader files define structures and constants that are needed for\nbuilding most standard programs and are also needed for rebuilding the\nglibc package.\");\n\n script_tag(name:\"affected\", value:\"'kernel-headers' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.18.13~300.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2018-ec3bf1b228", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875951", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875951\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:29 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2018-ec3bf1b228\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-ec3bf1b228\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAT2WQMM2TGAO32Y23MFKWZJZ43IWF3D\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2018-ec3bf1b228 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the tools/ directory from the kernel source\nand the supporting documentation.\");\n\n script_tag(name:\"affected\", value:\"'kernel-tools' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.18.13~300.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-ec3bf1b228", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876317", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876317", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876317\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:44:12 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-ec3bf1b228\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-ec3bf1b228\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZG6KDGEE7JPWCJRGXKTMUM7LJVFLRHI\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-ec3bf1b228 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.18.13~300.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-01-27T18:33:59", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1189)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191189", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191189", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1189\");\n script_version(\"2020-01-23T11:34:05+0000\");\n script_cve_id(\"CVE-2018-16658\");\n script_tag(name:\"cvss_base\", value:\"3.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:34:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:34:05 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1189)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1189\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1189\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1189 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.CVE-2018-16658\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.1_39\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.1_39\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.1_39\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.1_39\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.1_39\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.1_39\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2018-2ee3411cb8", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2ee3411cb8_kernel-headers_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-headers FEDORA-2018-2ee3411cb8\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875203\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-17 06:44:32 +0200 (Wed, 17 Oct 2018)\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2018-2ee3411cb8\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2ee3411cb8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFY7M6MQMHNRHFXRTDRHOKQMOJ3FLCF6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.18.13~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-01-27T18:39:07", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1188)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191188", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191188", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1188\");\n script_version(\"2020-01-23T11:34:04+0000\");\n script_cve_id(\"CVE-2018-16658\");\n script_tag(name:\"cvss_base\", value:\"3.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:34:04 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:34:04 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1188)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1188\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1188\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1188 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.CVE-2018-16658\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10_112\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10_112\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10_112\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10_112\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10_112\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.44.5.10_112\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2018-9f4381d8c4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875187", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875187", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9f4381d8c4_kernel-headers_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-headers FEDORA-2018-9f4381d8c4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875187\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 07:11:07 +0200 (Mon, 15 Oct 2018)\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2018-9f4381d8c4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9f4381d8c4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4WCIJVPNIKHQAVSZ2266K5RB6KVPZAY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.18.13~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2018-9f4381d8c4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9f4381d8c4_kernel-tools_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-tools FEDORA-2018-9f4381d8c4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875195\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-15 07:14:39 +0200 (Mon, 15 Oct 2018)\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2018-9f4381d8c4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9f4381d8c4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QOHPEYAZQ23NZYZGXSTHYE6VSC5LXAMM\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.18.13~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2018-2ee3411cb8", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875202", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875202", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2ee3411cb8_kernel-tools_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-tools FEDORA-2018-2ee3411cb8\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875202\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-17 06:44:30 +0200 (Wed, 17 Oct 2018)\");\n script_cve_id(\"CVE-2018-17972\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2018-2ee3411cb8\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2ee3411cb8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEGXJQJRTARI6Y4VCINTTN7RFK5IRF5Q\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.18.13~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-09-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2018-59e4747e0f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875067", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875067", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_59e4747e0f_kernel-tools_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-tools FEDORA-2018-59e4747e0f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875067\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-15 07:41:57 +0200 (Sat, 15 Sep 2018)\");\n script_cve_id(\"CVE-2018-16658\");\n script_tag(name:\"cvss_base\", value:\"3.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2018-59e4747e0f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-59e4747e0f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WA5I2MFZHPHJLXIJ5447WI4JFYPYPUR\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.18.7~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-09-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2018-59e4747e0f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16658"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875072", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_59e4747e0f_kernel-headers_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-headers FEDORA-2018-59e4747e0f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875072\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-15 07:42:38 +0200 (Sat, 15 Sep 2018)\");\n script_cve_id(\"CVE-2018-16658\");\n script_tag(name:\"cvss_base\", value:\"3.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2018-59e4747e0f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-59e4747e0f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSJQRK7HAG7GPOSBCZZMP4LFXYQ7Z5PP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.18.7~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:18", "description": "Oracle Linux Local Security Checks ELSA-2014-3037", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-3037", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123400", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123400", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3037.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123400\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:19 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3037\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3037 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3037\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3037.html\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~35.1.1.el6uek~0.4.3~4.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dtrace-modules-headers\", rpm:\"dtrace-modules-headers~0.4.3~4.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"dtrace-modules-provider-headers\", rpm:\"dtrace-modules-provider-headers~0.4.3~4.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~35.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~35.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~35.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~35.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~35.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~35.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-02-20T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-392b319bb5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2596"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872370", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872370", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-392b319bb5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872370\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-20 11:39:09 +0100 (Mon, 20 Feb 2017)\");\n script_cve_id(\"CVE-2017-2596\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-392b319bb5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-392b319bb5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TLFZQHUXGWTSWJHU42NMBAT7OATAT7G\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.7~101.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:13", "description": "Oracle Linux Local Security Checks ELSA-2014-3038", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-3038", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123398", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123398", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3038.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123398\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:17 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3038\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3038 - unbreakable enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3038\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3038.html\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-02-20T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-472052ebe5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2596"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-472052ebe5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872344\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-20 11:38:29 +0100 (Mon, 20 Feb 2017)\");\n script_cve_id(\"CVE-2017-2596\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-472052ebe5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-472052ebe5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OHLLY7LUJLDMEXATPIEDZBW4XU2RXEH\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.7~201.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:37:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0775-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850794", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850794", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850794\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 18:35:00 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0775-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix a\n critical privilege escalation security issue:\n\n * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be\n used to gain ring0 access via the futex syscall. This could be used\n for privilege escalation by non-root users. (bnc#880892)\n\n Indications:\n\n Everyone using the Linux Kernel on x86_64 architecture should update.\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0775-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.2.4_02_3.0.101_0.31~0.7.33\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ppc64-devel\", rpm:\"kernel-ppc64-devel~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.0.101~0.31.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.2.4_02_3.0.101_0.31~0.7.33\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:39:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-15T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0878-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850595", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850595", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850595\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-07-15 16:38:28 +0530 (Tue, 15 Jul 2014)\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0878-1)\");\n\n script_tag(name:\"affected\", value:\"kernel on openSUSE 11.4\");\n\n script_tag(name:\"insight\", value:\"kernel update for Evergreen 11.4 fixes local privilege escalation in futex\n code (bnc#880892 / CVE-2014-3153) and a regression causing a crash if\n IPsec peer is unavailable\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:0878-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.4\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-hmac\", rpm:\"kernel-debug-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-hmac\", rpm:\"kernel-default-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base-debuginfo\", rpm:\"kernel-desktop-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debuginfo\", rpm:\"kernel-desktop-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debugsource\", rpm:\"kernel-desktop-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel-debuginfo\", rpm:\"kernel-desktop-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-hmac\", rpm:\"kernel-desktop-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base-debuginfo\", rpm:\"kernel-ec2-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel-debuginfo\", rpm:\"kernel-ec2-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-extra-debuginfo\", rpm:\"kernel-ec2-extra-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-hmac\", rpm:\"kernel-ec2-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base-debuginfo\", rpm:\"kernel-trace-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel-debuginfo\", rpm:\"kernel-trace-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-hmac\", rpm:\"kernel-trace-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-hmac\", rpm:\"kernel-vanilla-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel-debuginfo\", rpm:\"kernel-xen-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-hmac\", rpm:\"kernel-xen-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload\", rpm:\"preload~1.2~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload-debuginfo\", rpm:\"preload-debuginfo~1.2~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload-debugsource\", rpm:\"preload-debugsource~1.2~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.2_3.0.101_87~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload-kmp-default-debuginfo\", rpm:\"preload-kmp-default-debuginfo~1.2_3.0.101_87~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.2_3.0.101_87~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"preload-kmp-desktop-debuginfo\", rpm:\"preload-kmp-desktop-debuginfo~1.2_3.0.101_87~6.65.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~3.0.101~87.2\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base-debuginfo\", rpm:\"kernel-pae-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel-debuginfo\", rpm:\"kernel-pae-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-hmac\", rpm:\"kernel-pae-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-base-debuginfo\", rpm:\"kernel-vmi-base-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-debuginfo\", rpm:\"kernel-vmi-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-debugsource\", rpm:\"kernel-vmi-debugsource~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-devel\", rpm:\"kernel-vmi-devel~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-devel-debuginfo\", rpm:\"kernel-vmi-devel-debuginfo~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vmi-hmac\", rpm:\"kernel-vmi-hmac~3.0.101~87.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Oracle Linux Local Security Checks ELSA-2014-3039", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-3039", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123399", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123399", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3039.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123399\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:18 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3039\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3039 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3039\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3039.html\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.36.2.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.2.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.2.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.2.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.2.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.36.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.2.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.2.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.2.el6uek~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.2.el6uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:38:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0837-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851102", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851102", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851102\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 20:04:21 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0837-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel was updated to fix\n a critical security issue:\n\n * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be\n used to gain ring0 access via the futex syscall. This could be used\n for privilege escalation by non-root users. (bnc#880892)\n\n Security Issue reference:\n\n * CVE-2014-3153\n Indications:\n\n Everyone using the Linux Kernel on x86_64 architecture should update.\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0837-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.1.6_06_3.0.101_0.7.21~0.5.16\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-trace\", rpm:\"xen-kmp-trace~4.1.6_06_3.0.101_0.7.21~0.5.16\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:38:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0837-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850859", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850859", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850859\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 12:22:14 +0200 (Thu, 15 Oct 2015)\");\n script_cve_id(\"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0837-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel was updated to fix\n a critical security issue:\n\n * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be\n used to gain ring0 access via the futex syscall. This could be used\n for privilege escalation by non-root users. (bnc#880892)\n\n Indications:\n\n Everyone using the Linux Kernel on s390x architecture should update.\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0837-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~0.7.21.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.1.6_06_3.0.101_0.7.21~0.5.16\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.1.6_06_3.0.101_0.7.21~0.5.16\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-trace\", rpm:\"xen-kmp-trace~4.1.6_06_3.0.101_0.7.21~0.5.16\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2023-12-07T12:31:08", "description": "**Issue Overview:**\n\nThe media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call. \n\nA flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. \n\nThe n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO &amp; !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 perf-debuginfo-3.10.53-56.140.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-headers-3.10.53-56.140.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-3.10.53-56.140.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-3.10.53-56.140.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-3.10.53-56.140.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-i686-3.10.53-56.140.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-devel-3.10.53-56.140.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 kernel-doc-3.10.53-56.140.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 kernel-3.10.53-56.140.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-headers-3.10.53-56.140.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-3.10.53-56.140.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-3.10.53-56.140.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-3.10.53-56.140.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-3.10.53-56.140.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-3.10.53-56.140.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-3.10.53-56.140.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-0196](<https://access.redhat.com/security/cve/CVE-2014-0196>), [CVE-2014-1739](<https://access.redhat.com/security/cve/CVE-2014-1739>), [CVE-2014-3153](<https://access.redhat.com/security/cve/CVE-2014-3153>)\n\nMitre: [CVE-2014-0196](<https://vulners.com/cve/CVE-2014-0196>), [CVE-2014-1739](<https://vulners.com/cve/CVE-2014-1739>), [CVE-2014-3153](<https://vulners.com/cve/CVE-2014-3153>)\n", "cvss3": {}, "published": "2014-08-21T11:03:00", "type": "amazon", "title": "Medium: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0196", "CVE-2014-1739", "CVE-2014-3153"], "modified": "2014-09-19T11:43:00", "id": "ALAS-2014-392", "href": "https://alas.aws.amazon.com/ALAS-2014-392.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T12:31:34", "description": "**Issue Overview:**\n\nThe futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-i686-3.10.42-52.145.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-3.10.42-52.145.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-debuginfo-3.10.42-52.145.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-devel-3.10.42-52.145.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-3.10.42-52.145.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-headers-3.10.42-52.145.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-3.10.42-52.145.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 kernel-doc-3.10.42-52.145.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 kernel-3.10.42-52.145.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-3.10.42-52.145.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-3.10.42-52.145.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-3.10.42-52.145.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-3.10.42-52.145.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-3.10.42-52.145.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-3.10.42-52.145.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-3.10.42-52.145.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2014-3153](<https://access.redhat.com/security/cve/CVE-2014-3153>)\n\nMitre: [CVE-2014-3153](<https://vulners.com/cve/CVE-2014-3153>)\n", "cvss3": {}, "published": "2014-06-15T16:30:00", "type": "amazon", "title": "Medium: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3153"], "modified": "2014-09-19T10:25:00", "id": "ALAS-2014-363", "href": "https://alas.aws.amazon.com/ALAS-2014-363.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-12-07T15:17:06", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux-lts-saucy \\- Linux hardware enablement kernel from Saucy\n\nSalva Peir\u00f3 discovered an information leak in the Linux kernel's media- \ndevice driver. A local attacker could exploit this flaw to obtain sensitive \ninformation from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the \nLinux kernel. A local user could exploit this flaw to cause a denial of \nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem \nof the Linux kernel. A local user could exploit this flaw to cause a denial \nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n", "cvss3": {}, "published": "2014-06-27T00:00:00", "type": "ubuntu", "title": "Linux kernel (Saucy HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2014-06-27T00:00:00", "id": "USN-2261-1", "href": "https://ubuntu.com/security/notices/USN-2261-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-07T15:17:08", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux \\- Linux kernel\n\nSalva Peir\u00f3 discovered an information leak in the Linux kernel's media- \ndevice driver. A local attacker could exploit this flaw to obtain sensitive \ninformation from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the \nLinux kernel. A local user could exploit this flaw to cause a denial of \nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem \nof the Linux kernel. A local user could exploit this flaw to cause a denial \nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n", "cvss3": {}, "published": "2014-06-27T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2014-06-27T00:00:00", "id": "USN-2259-1", "href": "https://ubuntu.com/security/notices/USN-2259-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-07T15:17:07", "description": "## Releases\n\n * Ubuntu 13.10 \n\n## Packages\n\n * linux \\- Linux kernel\n\nSalva Peir\u00f3 discovered an information leak in the Linux kernel's media- \ndevice driver. A local attacker could exploit this flaw to obtain sensitive \ninformation from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the \nLinux kernel. A local user could exploit this flaw to cause a denial of \nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem \nof the Linux kernel. A local user could exploit this flaw to cause a denial \nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n", "cvss3": {}, "published": "2014-06-27T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2014-06-27T00:00:00", "id": "USN-2264-1", "href": "https://ubuntu.com/security/notices/USN-2264-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-07T15:17:07", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux-ti-omap4 \\- Linux kernel for OMAP4\n\nSalva Peir\u00f3 discovered an information leak in the Linux kernel's media- \ndevice driver. A local attacker could exploit this flaw to obtain sensitive \ninformation from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the \nLinux kernel. A local user could exploit this flaw to cause a denial of \nservice (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem \nof the Linux kernel. A local user could exploit this flaw to cause a denial \nof service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n", "cvss3": {}, "published": "2014-06-27T00:00:00", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2014-06-27T00:00:00", "id": "USN-2263-1", "href": "https://ubuntu.com/security/notices/USN-2263-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-07T15:17:17", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux-lts-quantal \\- Linux hardware enablement kernel from Quantal\n\nPinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An \nunprivileged local user could exploit this flaw to cause a denial of \nservice (system crash) or gain administrative privileges.\n", "cvss3": {}, "published": "2014-06-05T00:00:00", "type": "ubuntu", "title": "Linux kernel (Quantal HWE) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3153"], "modified": "2014-06-05T00:00:00", "id": "USN-2237-1", "href": "https://ubuntu.com/security/notices/USN-2237-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-12-07T14:29:34", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2949-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJune 05, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2014-3144 CVE-2014-3145 CVE-2014-3153\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3144 / CVE-2014-3145\n\n A local user can cause a denial of service (system crash) via\n crafted BPF instructions.\n\nCVE-2014-3153\n\n Pinkie Pie discovered an issue in the futex subsystem that allows a\n local user to gain ring 0 control via the futex syscall. An\n unprivileged user could use this flaw to crash the kernel (resulting\n in denial of service) or for privilege escalation.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-06-05T12:15:58", "type": "debian", "title": "[SECURITY] [DSA 2949-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153"], "modified": "2014-06-05T12:15:58", "id": "DEBIAN:DSA-2949-1:5D47D", "href": "https://lists.debian.org/debian-security-announce/2014/msg00130.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T23:07:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2949-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJune 05, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2014-3144 CVE-2014-3145 CVE-2014-3153\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3144 / CVE-2014-3145\n\n A local user can cause a denial of service (system crash) via\n crafted BPF instructions.\n\nCVE-2014-3153\n\n Pinkie Pie discovered an issue in the futex subsystem that allows a\n local user to gain ring 0 control via the futex syscall. An\n unprivileged user could use this flaw to crash the kernel (resulting\n in denial of service) or for privilege escalation.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-06-05T12:15:58", "type": "debian", "title": "[SECURITY] [DSA 2949-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153"], "modified": "2014-06-05T12:15:58", "id": "DEBIAN:DSA-2949-1:3DC27", "href": "https://lists.debian.org/debian-security-announce/2014/msg00130.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-07-21T08:28:20", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\n\n* [CVE-2014-3144](https://security-tracker.debian.org/tracker/CVE-2014-3144)\n\n/ [CVE-2014-3145](https://security-tracker.debian.org/tracker/CVE-2014-3145)\nA local user can cause a denial of service (system crash) via\n crafted BPF instructions.\n* [CVE-2014-3153](https://security-tracker.debian.org/tracker/CVE-2014-3153)\nPinkie Pie discovered an issue in the futex subsystem that allows a\n local user to gain ring 0 control via the futex syscall. An\n unprivileged user could use this flaw to crash the kernel (resulting\n in denial of service) or for privilege escalation.\n\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u2.\n\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\n\nWe recommend that you upgrade your linux packages.\n\n\n", "cvss3": {}, "published": "2014-06-05T00:00:00", "type": "osv", "title": "linux - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3145", "CVE-2014-3144", "CVE-2014-3153"], "modified": "2022-07-21T05:48:17", "id": "OSV:DSA-2949-1", "href": "https://osv.dev/vulnerability/DSA-2949-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T22:58:42", "description": "Several vulnerabilities have been patched in the Linux kernel that could have led to a denial of service or privilege escalation.\n\nDebian, which distributes versions of Linux for personal computers and network servers, warned about the vulnerabilities [yesterday in a security update](<https://lists.debian.org/debian-security-announce/2014/msg00130.html>).\n\nThe most concerning issue (CVE-2014-3153) involves the futex subsystem and could let an attacker with local access perform unauthorized actions. According to LWN.net, the futux mechanism is a \u201c[fast, lightweight kernel-assisted locking primitive for user-space applications.](<http://lwn.net/Articles/360699/>)\u201d The local user could gain ring 0 control via the futex system call.\n\n\u201cAn unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation,\u201d the advisory said.\n\nAs futex tends to be available within most Linux sandboxes, some experts are viewing it as an especially urgent to fix issue.\n\nKees Cook, a ChromeOS security researcher and former Ubuntu Security Engineer wrote [Thursday on Seclists.org](<http://seclists.org/oss-sec/2014/q2/469>).\n\n\u201cThe futex syscall can leave a queued kernel waiter hanging on the stack. By manipulating the stack with further syscalls, the waiter structure can be altered. When later woken up, the altered waiter can result in arbitrary code execution in ring 0,\u201d Cook said when explaining the bug.\n\nPinkie Pie, the anonymous teenage researcher who famously produced a sandbox escape against Chrome when he [chained together six individual vulnerabilities in 2012](<http://threatpost.com/google-fixes-second-set-chrome-bugs-used-pwnium-contest-031212>), was credited with discovering the futex issue.\n\nPinkie Pie of course has proved more than adept at finding additional bugs in [Chrome](<http://threatpost.com/pinkiepie-strikes-again-compromises-google-chrome-pwnium-contest-hack-box-101012>) and [Chrome OS ](<http://threatpost.com/google-serves-half-slice-pwnium-cash-pinkie-pie-031913/77639>)\u2013 many of them sandbox exploits \u2013 at both Pwnium and Pwn2Own competitions over the last few years.\n\nAnother issue (CVE-2014-3144/CVE-2014-3145) where-in a local user could also cause a DoS situation via BPF instructions, was also fixed yesterday.\n\nDebian is encouraging Linux users to upgrade their packages and points out that the issue has been fixed in the stable distribution, version 3.2.57-3+deb7u2, and will be fixed in the unstable distribution soon.\n\nA bug similar to the futex one \u2013 [one that apparently existed for five years](<http://threatpost.com/five-year-old-security-vulnerability-patched-in-linux-kernel/106104>) \u2013 was patched last month in Linux kernel. A problem with the \u201cn_tty_write function\u201d could have let local users cause denial of service attacks, gain privileges or run malicious code.\n", "cvss3": {}, "published": "2014-06-06T13:40:34", "type": "threatpost", "title": "Pinkie Pie Linux Kernel Patch Available", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153"], "modified": "2014-06-06T17:40:34", "id": "THREATPOST:B4267D45B883F6975BE2834CBA5C5B48", "href": "https://threatpost.com/debian-urging-users-patch-linux-kernel-flaw/106516/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T22:53:27", "description": "A family of Android malware was so successful that at its peak, over the course of two months last year, it infected 14 million devices and rooted more than half of them, roughly eight million devices.\n\nResearchers said early Tuesday the strain of malware, dubbed CopyCat, helped its authors earn $1.5 million \u2013 primarily through ad fraud \u2013 from April to May 2016.\n\nResearchers with Check Point\u2019s Mobile Research Team, who found the malware in March this year, claim CopyCat mostly infected Android users in Southeast Asia, but that upwards to 280,000 U.S. Android users were also infected. According researchers, Asia accounted for 55 percent of CopyCat infections. Africa, at 18 percent, accounted for the second highest number of infected devices.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2017/07/06223810/Screen-Shot-2017-07-06-at-12.39.15-PM.png>)\n\nThe malware never made it to Google\u2019s Play marketplace, but did spread via popular apps, which were repackaged with CopyCat and available for download on third-party app stores.\n\nThe malware lingers until the infected device is restarted; once that happens, it downloads a series of exploits from an Amazon S3 bucket and attempts to root the device.\n\n\u201cIf successful, CopyCat installs another component to the device\u2019s system directory, an activity which requires root permissions, and establishes persistency, making it difficult to remove,\u201d the researchers [wrote Thursday](<http://blog.checkpoint.com/2017/07/06/how-the-copycat-malware-infected-android-devices-around-the-world/>).\n\nOnce in, the malware targets Zygote, an Android core process that launches apps and if exploited, essentially grants attackers admin privileges.\n\nTriada, an Android Trojan uncovered by [Kaspersky Lab](<https://securelist.com/everyone-sees-not-what-they-want-to-see/74997/>), and later by Check Point [in 2016](<https://threatpost.com/aggressive-triada-horde-variants-up-mobile-malware-threat/118767/>), previously used this technique. Kaspersky Lab\u2019s Anton Kivva, a malware analyst with the company, said in June that year Triada was infecting Zygote, obtaining super-user privileges, and using Linux debugging tools to embed a malicious DLL to target mobile browsers.\n\nResearchers at Check Point claim that with the CopyCat malware, attackers have taken a shine to injecting code into the Zygote process to get credit for fraudulently installed apps on the device by swapping out referrer IDs for legitimate apps with their own. The malware also displays fake ads and installs fake apps, two additional methods of generating capital for the attacker.\n\nResearchers were able to get a better idea exactly what attackers were doing to victim\u2019s devices by looking through one of the malware\u2019s command-and-control servers. Daniel Padon, a mobile threat researcher with Check Point told Threatpost Thursday researchers have the data from a C+C going back more than a year. Between April and May 3.8 million of the devices were being served fake ads while 4.4 million other devices were being used to steal credit for installing apps on Google Play, the firm claims.\n\nThe bulk of the exploits CopyCat used to root the eight million devices are years old, according to Check Point. Four of them were from 2014, one was even from 2013, suggesting victims either didn\u2019t patch their devices, or patched infrequently.\n\nOne of the exploits, Towelroot (CVE-2014-3153) was behind a scourge of auto-rooting malware [this time last summer](<https://threatpost.com/google-play-hit-with-rash-of-auto-rooting-malware/118938/>) and a wave of Android ransomware attacks [in April of that year](<https://threatpost.com/android-ransomware-attacks-using-towelroot-hacking-team-exploits/117655/>) that targeted outdated systems.\n\nResearchers are unclear who exactly is behind CopyCat but note there are several connections to MobiSummer, an ad network based in China. It\u2019s possible the attackers simply used the network\u2019s code and infrastructure however.\n\nCheck Point says Google, which it informed of CopyCat in March \u2013 shortly after it discovered the malware \u2013 has been able to \u201cquell the campaign\u201d over the past year.\n\nWhen reached by Threatpost on Thursday a spokesperson for Google said the company has been familiar with CopyCat \u2013 malware it says is a variant of a larger, undisclosed malware family its monitored since 2015.\n\n\u201cEach time a new variant appears, we update our detection systems to protect our users. Play Protect secures users from the family, and any apps that may have been infected with CopyCat were not distributed via Play. As always, we appreciate researchers\u2019 efforts to help keep users safe,\u201d Google said.\n\nGoogle introduced Play Protect, a service that scans previously downloaded apps to ensure they\u2019re safe from malicious components, [in May](<https://threatpost.com/android-gets-security-makeover-with-google-play-protect/125781/>) at Google I/O.\n\nPadon told Threatpost the malware demonstrated a number of new techniques, and that as far as he knew, wasn\u2019t connected to another family.\n\n\u201cWe didn\u2019t manage to affiliate this malware with any other known family,\u201d Padon said, \u201cIt also presents a lot of new techniques which were never seen before. If Google does come up with a name it will be interesting to know.\u201d\n\nCopyCat joins the ranks of other Android malware strains previously discovered by Check Point, like HummingBad and Gooligan. [Gooligan](<https://threatpost.com/gooligan-malware-breaches-1-million-google-accounts/122195/>) was blamed for the breach of 1 million Google accounts this past December. HummingBad, [disclosed by the firm last July](<https://threatpost.com/chinese-ad-firm-raking-in-300k-a-month-through-adfraud-android-malware/119030/>), reportedly raked in $300,000 a month for its authors via adfraud. Both families of malware installed adware on infected handsets in order to generate revenue.\n", "cvss3": {}, "published": "2017-07-06T13:49:02", "type": "threatpost", "title": "CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2017-07-06T17:49:02", "id": "THREATPOST:A1F7D2E70C26FAAFD6D382A08D8D7B38", "href": "https://threatpost.com/copycat-malware-infected-14m-android-devices-rooted-8m-in-2016/126691/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T22:55:25", "description": "A menacing wave of ransomware that locks up Android devices and demands victims pay $200 in Apple iTunes gift card codes is raising concern among security researchers. The ransomware attacks, they say, open a new chapter for Android vulnerabilities similar to Microsoft\u2019s obsolete, unpatched and unsupported Windows XP operating system.\n\n\u201cThis is a new and troubling development for the Android OS. This ransomware thrives on outdated Android devices that are not patched and will likely never be,\u201d said Andrew Brandt, researcher at Blue Coat and the analyst who discovered the vulnerability.\n\nHe said the ransomware attacks Android 4.x operating systems, predominantly used in 2012 to 2013. That version of the Android OS is still in use by approximately 60 percent of Android devices around the world, [according to Google\u2019s own internal estimates](<https://developer.android.com/about/dashboards/index.html>). And just as Microsoft stopped patching Windows XP, Google is highly unlikely to patch a 5-year-old OS, Brandt said.\n\n\u201cWhat we have here is a fully operational operating system which no longer receives updates,\u201dBrandt said. \u201cUsers are in danger of infection just by using it. Having things installed without any user interaction until it\u2019s too late is a pretty scary new development in Android threats,\u201d Brandt said.\n\nBrandt told Threatpost that the ransomware utilizes a three-prong attack. First, it uses the drive-by lbxslt exploit embedded in ads to penetrate users of the Android versions 4.0.3 and 4.4.4\u2019s default browsers. So far, the malicious ads are targeting porn websites.\n\nAttackers are using the lbxslt exploit, Brandt said, which was stolen from Hacking Team in July of last year. But Brandt said, the authors appear to be using an updated version of lbxslt that infects a larger range of Android 4.x OS devices compared to earlier versions.\n\nPhase two, Brandt said, is installing a weaponized version of the Towelroot jailbreaking utility. Used in the past by non-technical users, Towelroot is a once popular single-click Android rooting tool for Samsung Galaxy handsets and other Android devices running Android 4.4.2, according to Khang Nguyen, security researcher, at Duo Security.\n\nTowelroot, said Nguyen, is an exploit for ([CVE-2014-3153](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153>)) a vulnerability that affected the Linux kernel through 3.14.5. CVE-2014-3153 was discovered by comex (Nicholas Allegra) and the first exploit based on Towelroot written by well-known hacker geohot (George Hotz). This is not the first public Towelroot exploit, but it\u2019s likely the first drive-by malware attack using a weaponized version of Towelroot, Nguyen said.\n\nThe use of Towelroot is twofold. The first, Brandt said, is that Towelroot suppresses the normal pop-up permissions window on Android that appears when you install programs from Google Play. \u201cAll installs are silent and in the background,\u201d he said.\n\nUnder that cloak of indiscernibility, criminals use the compromised Android machines to download the ransomware called Cyber.Police. This is non-crypto ransomware that displays a note that vaguely looks like an official warning targeting visitors of porn websites stating: \u201cAll actions are illegal, are fixed. History query stored in the database of the U.S. Department of Homeland Security.\u201d Attackers claim to be either \u201cAmerican national security agency\u201d or \u201cnation security agency\u201d.\n\n\u201cThe ransomware doesn\u2019t threaten to (or actually) encrypt the victim\u2019s data. Rather, the device is held in a locked state where it cannot be used for anything other than delivering payment to the criminals in the form of two $100 Apple iTunes gift card codes,\u201d Brandt wrote in a research note.\n\nVictims who opt to pay the ransom to unlock their phone are directed to pay a \u201cfine\u201d between $100 and $200 to a \u201ctreasury account\u201d via submitting an iTunes gift card codes. Use of iTunes gift cards for ransomware payments is unusual given Bitcoin payments have been preferred untraceable forms of payment for crypto-ransomware attackers for over a year now.\n\nBrandt said the easiest and most effective way to remove the ransomware is to restore the Android device to its original factory default software.\n\n\u201cWhen we executed the application\u2026, we learned that the malware\u2019s internal name for itself is \u201cnet.prospectus\u201d and engages in the sorts of behavior we\u2019ve come to expect from ransomware: It kills all other apps; prevents other apps from launching or stopping the ransomware,\u201d Brandt wrote. \u201cIt sets itself up to be the first thing to start at boot time; profiles the infected device; and communicates with a command-and-control server.\u201d\n\nThe best way to mitigate this vulnerability is to use a device that runs a more recent version of Android than the Android 4 family of operating systems, Nguyen said. Blue Coat recommends keeping a fresh device backup somewhere other than on your phone or tablet\u2019s internal memory or memory card. \u201cThat way, you can just perform a factory reset and not worry about losing anything other than the time it takes to reconfigure and reinstall your mobile device\u2019s apps,\u201d Brandt said.\n", "cvss3": {}, "published": "2016-04-25T15:36:33", "type": "threatpost", "title": "Android Ransomware Attacks Using Towelroot, Hacking Team Exploits", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2016-04-25T19:36:33", "id": "THREATPOST:DF79B36E4B10187B12FB82AEF22C5EA9", "href": "https://threatpost.com/android-ransomware-attacks-using-towelroot-hacking-team-exploits/117655/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T22:55:07", "description": "Researchers have identified a recent wave of malware targeting the Google Play app marketplace that entices users to download utilities and games that when installed surreptitiously root devices.\n\nThe exploit, which mobile security firm Lookout calls autorooting malware, gives attackers complete control of the infected device. It was discovered by researchers in an app called LevelDropper.\n\n\u201cLevelDropper, an app in the Google Play Store that we determined to be malicious, is the latest example of a new and persisting trend in mobile threats: autorooting malware,\u201d wrote Colin Streicher, with Lookout\u2019s research and response team [in a blog posted Monday](<https://blog.lookout.com/blog/2016/06/27/leveldropper/>).\n\nLookout did not indicate what versions of the Android OS is vulnerable to LevelDropper.\n\nStreicher said once installed, LevelDropper, an app that gauged a horizontal plane with a simulated air bubble, quietly jailbreaks or roots the targeted Android phone or tablet. Next, with escalated privileges, attackers can remotely install additional applications without the target\u2019s knowledge.\n\n\u201cImmediately after running LevelDropper, we noticed that the Location Services window popped up blank. This is a significant red flag,\u201d Streicher wrote. Worse, after just 30 minutes being attacked, the attacker had silently installed 14 applications with no user interaction.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2016/06/06235033/LevelDropper_Lookout.png>)\n\nCredit: Lookout\n\nUpon closer examination of the device\u2019s System Directory, researchers said, there were no overt signs that the Android device had been rooted. \u201cUsually we would see a superuser binary and often a rewritten \u201cinstall-system-recovery\u201d script, which is used to ensure that root access survives upgrades.\u201d\n\nLevelDropper is just the latest in a wave of similar type autorooting malware to hit the Google Play store. Lookout said Google has recently given the boot to Brain Test, ShiftyBug, Shuanet, and Shedun that each bundled the autoroot exploit. As with these others, LevelDropper was also pulled from the Google Play marketplace.\n\nWith LevelDropper, the attacker\u2019s intent appears to be to drive ad revenues.\n\n\u201cIn cases like this, developers often integrate auto-rooting functionality to drive app installs which can drive both perceived popularity and ad revenue,\u201d Streicher explains. In the case of the autorooting malware sample called Brain Test the attackers went so far as to hijacks the victim\u2019s phone in order to post positive reviews of similar autorooting malware-laced games, he wrote.\n\nRoot exploits are not new and trace back to 2011 with the reported GingerMaster exploit that targeted Android 2.3 and gave attackers complete control over infected devices. [That malware](<https://threatpost.com/gingermaster-malware-seen-using-root-exploit-android-gingerbread-081811/75559/>), also packaged in infected apps, collected data on the user and downloaded and installed apps on its own, without the user\u2019s permission. More recently, in April, Blue Coat security researchers observed a weaponized version of the Towelroot jailbreaking utility used in tandem with [ransomware attacks against Android device users.](<https://threatpost.com/android-ransomware-attacks-using-towelroot-hacking-team-exploits/117655/>)\n\nAccording to a [2014 report by Lacoon Mobile Security,](<https://threatpost.com/android-root-access-vulnerability-affecting-most-devices/106683/>) Android root access vulnerabilities affect most devices. The exploit is tied to a vulnerability in version 3.14.5 of the Linux kernel. The firm called the bug \u201cTowelroot,\u201d because it is the same vulnerability (CVE-2014-3153) exploited in the latest Android rooting tool developed by the hacker George Hotz.\n", "cvss3": {}, "published": "2016-06-28T12:29:57", "type": "threatpost", "title": "Google Play Hit With Rash of Auto-Rooting Malware", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2016-06-28T16:29:57", "id": "THREATPOST:B433923D1E04E82EB6DD30772F192222", "href": "https://threatpost.com/google-play-hit-with-rash-of-auto-rooting-malware/118938/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T22:58:39", "description": "A recently disclosed [vulnerability in version 3.14.5 of the Linux kernel](<http://threatpost.com/debian-urging-users-patch-linux-kernel-flaw/106516>) is also present in most versions of Android and could give attackers the ability to acquire root access on affected devices.\n\nResearchers at Lacoon Mobile Security are calling the bug \u201cTowelRoot,\u201d because it is the very same vulnerability (CVE-2014-3153) exploited in the latest Android rooting tool developed by George Hotz (Geohot). Successful exploitation of the Linux bug within the Android operating system would give the attacker administrative access to a victim\u2019s phone. Specifically, such access could potentially allow that same attacker to run further malicious code, retrieve files and device data, bypass third-party or enterprise security applications including containers like Samsung\u2019s secure Knox sub-operating system, and establish backdoors for future access on victim devices.\n\n[Jeff Forristal](<http://threatpost.com/android-master-key-malware-emerged-before-official-patch-details>), the chief technology officer at the mobile security firm Bluebox Security, explained to Threatpost in an interview that the Linux futex vulnerability affects Android devices because those devices run on the Linux kernel, and once the bug became public, it was only a matter of time before someone developed an Android-specific exploit for it. George Hotz, a well-known figure in the jailbreaking and rooting scene, took that next step.\n\n\u201cThis is pretty common practice/recipe in the Android rooting scene: they wait for a general-purpose Linux kernel vulnerability to surface, then they race to create an Android-specific exploit for it that can root the device,\u201d Forristal said.\n\nThis vulnerability exists in Android version 4.4 and earlier, and is therefore present on nearly every commercial build, including the wildly popular Samsung Galaxy S5, according to [research from Lacoon Mobile Security](<http://www.lacoon.com/blog/2014/06/towelroot-gives-root-access-samsung-galaxy-s5-popular-android-devices/>). Other vulnerable devices are said to include the Samsung Note 3, LG G Flex, the Motorola RAZR HD/M and Razr Maxx HD, and the Sony Xperia E1, C6603, C5303, Xperia T, Xperia z1, and Xperia SP among others.\n\n\u201cThe vulnerability is currently codenamed TowelRoot after a rooting tool that was released on mobile forums that uses the vulnerability to root most of the popular mobile devices on the market,\u201d writes Ohad Bobrov, Lacoon Security\u2019s vice president of research and development. \u201cThis tool is being widely publicized and is easily available for use without the need for technical know-how.\u201d\n\nIn an email interview, Michael Shaulov, the CEO of Lacoon, explained that in the case of secure Samsung Knox environments, the exploit would trigger protection and issue an alert to users, but that, ultimately, the attacker could still gain root access.\n\n\u201cRight now this vulnerability is only used by the rooting tool and has yet to show up in any malicious sample,\u201d explains Bobrov. \u201cLearning from the past, we can assume that it is only a matter of time until exploits for this vulnerability are distributed through other channels.\u201d\n\nIn order to gain root access to a victim\u2019s phone using this vulnerability, an attacker would need to craft an exploit and package it within a malicious application. Because of this, users that avoid third-party markets and avoid following shady links or clicking on suspicious attachments should be immune.\n\n\u201cThe risk of this particular Linux kernel bug, as realized on an Android device, is that unprivileged generic Android apps with malicious intent can also exploit the same kernel vulnerability for other evil (non-root) reasons,\u201d Forristal said. \u201cThis has absolutely nothing to do with TowelRoot or rooting in general \u2014 it\u2019s just a callout that this time around it\u2019s a very general-purpose security risk that is relevant regardless of the device owner\u2019s rooting proclivities.\u201d\n", "cvss3": {}, "published": "2014-06-17T10:47:45", "type": "threatpost", "title": "Android Root Access Vulnerability Affecting Most Devices", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2014-06-18T17:21:03", "id": "THREATPOST:42E64B8A7AF8DD130DE81078204DEE28", "href": "https://threatpost.com/android-root-access-vulnerability-affecting-most-devices/106683/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2023-06-24T04:22:48", "description": "An issue was discovered in the Linux kernel through 4.18.6. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. ([CVE-2018-16597](<https://vulners.com/cve/CVE-2018-16597>)) \n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-15T19:52:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2018-16597", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16597"], "modified": "2019-01-15T19:52:00", "id": "F5:K22691834", "href": "https://support.f5.com/csp/article/K22691834", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}}, {"lastseen": "2023-06-24T04:33:13", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG). ([CVE-2017-15127](<https://vulners.com/cve/CVE-2017-15127>))\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-02T21:11:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2017-15127", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2018-03-02T21:11:00", "id": "F5:K41900062", "href": "https://support.f5.com/csp/article/K41900062", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-06T22:40:12", "description": "\nF5 Product Development has assigned ID 756571 (BIG-IP), and ID CPF-25052 and CPF-25053 (Traffix SDC) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.1 | Low | [3.3](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>) | Linux kernel \n14.x | 14.0.0 - 14.1.2 | None \n13.x | 13.0.0 - 13.1.3 | None \n12.x | 12.1.0 - 12.1.5 | None \n11.x | 11.5.1 - 11.6.5 | None \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable2 | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable2 | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable2 | None | None \nTraffix SDC | 5.x | 5.0.0 - 5.1.0 | None | Low | [3.3](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N>) | Linux kernel \n4.x | 4.4.0 | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n2The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nBIG-IP\n\nTo mitigate this vulnerability, you should permit management access to F5 products only over a secure network and restrict command line/Configuration utility access for affected systems to only administrative users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 14.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\nTraffix SDC\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-02-12T18:49:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2018-17972", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2019-12-12T16:29:00", "id": "F5:K27673650", "href": "https://support.f5.com/csp/article/K27673650", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2016-09-26T17:23:11", "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "cvss3": {}, "published": "2015-04-13T00:00:00", "type": "f5", "title": "SOL16429 - Linux kernel vulnerability CVE-2015-0239", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0239"], "modified": "2015-04-13T00:00:00", "id": "SOL16429", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/400/sol16429.html", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:COMPLETE/"}}], "ubuntucve": [{"lastseen": "2023-12-06T15:01:16", "description": "An issue was discovered in the Linux kernel before 4.8. Incorrect access\nchecking in overlayfs mounts could be used by local attackers to modify or\ntruncate files in the underlying filesystem.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | according to https://bugzilla.suse.com/show_bug.cgi?id=1106512#c26 eea2fb4851e9dcbab6b991aaf47e2e024f1f55a0 is not relevant to this issue. \n[tyhicks](<https://launchpad.net/~tyhicks>) | Ubuntu carries an out-of-tree patch, in some Ubuntu releases, that fixes this flaw: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/xenial/commit/?id=98a3740920f8f3362c1ac50598af2dc632f5051a\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-21T00:00:00", "type": "ubuntucve", "title": "CVE-2018-16597", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16597"], "modified": "2018-09-21T00:00:00", "id": "UB:CVE-2018-16597", "href": "https://ubuntu.com/security/CVE-2018-16597", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}}, {"lastseen": "2023-12-06T16:02:07", "description": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to\ngain privileges or cause a denial of service (BUG) via crafted keyctl\ncommands that negatively instantiate a key, related to\nsecurity/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and\nsecurity/keys/user_defined.c.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1525569>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | Debian's triage suggested this was introduced by 146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc \n[sbeattie](<https://launchpad.net/~sbeattie>) | verified this is an issue with precise's kernel, the second reproducer in the git commit results in a NULL pointer exception \n[tyhicks](<https://launchpad.net/~tyhicks>) | As sbeattie mentioned above, this is present prior to 4.4. I'm setting the break commit to the start of git history which is after user keys were added\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-02-07T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8539", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8539"], "modified": "2016-02-07T00:00:00", "id": "UB:CVE-2015-8539", "href": "https://ubuntu.com/security/CVE-2015-8539", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T16:06:24", "description": "The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the\nLinux kernel through 4.3.3 does not initialize a certain structure member,\nwhich allows local users to obtain sensitive information from kernel memory\nvia a crafted application.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1509565>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 2.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-10-23T00:00:00", "type": "ubuntucve", "title": "CVE-2015-7885", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7885"], "modified": "2015-10-23T00:00:00", "id": "UB:CVE-2015-7885", "href": "https://ubuntu.com/security/CVE-2015-7885", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T15:43:10", "description": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local\nusers to bypass integer overflow checks, and cause a denial of service\n(memory corruption) or have unspecified other impact, by leveraging access\nto a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a\n\"state machine confusion bug.\"\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9083", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9083"], "modified": "2016-11-27T00:00:00", "id": "UB:CVE-2016-9083", "href": "https://ubuntu.com/security/CVE-2016-9083", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:40:57", "description": "The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6\nreassembly, which allows local users to cause a denial of service (integer\noverflow, out-of-bounds write, and GPF) or possibly have unspecified other\nimpact via a crafted application that makes socket, connect, and writev\nsystem calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and\nnet/ipv6/netfilter/nf_defrag_ipv6_hooks.c.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-28T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9755", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9755"], "modified": "2016-12-28T00:00:00", "id": "UB:CVE-2016-9755", "href": "https://ubuntu.com/security/CVE-2016-9755", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:51:47", "description": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on\nPowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS\nusers to cause a denial of service (host OS infinite loop) by making a\nH_CEDE hypercall during the existence of a suspended transaction.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1349916>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2016-08-06T00:00:00", "type": "ubuntucve", "title": "CVE-2016-5412", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2016-08-06T00:00:00", "id": "UB:CVE-2016-5412", "href": "https://ubuntu.com/security/CVE-2016-5412", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T15:00:37", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in\nthe Linux kernel through 4.18.11. It does not ensure that only root may\ninspect the kernel stack of an arbitrary task, allowing a local attacker to\nexploit racy stack unwinding and leak kernel task stack contents.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-03T00:00:00", "type": "ubuntucve", "title": "CVE-2018-17972", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2018-10-03T00:00:00", "id": "UB:CVE-2018-17972", "href": "https://ubuntu.com/security/CVE-2018-17972", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-12-06T15:17:38", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c\nin the Linux kernel before 4.13. A superfluous implicit page unlock for\nVM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2017-15127", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2018-01-14T00:00:00", "id": "UB:CVE-2017-15127", "href": "https://ubuntu.com/security/CVE-2017-15127", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T15:47:21", "description": "The XFS subsystem in the Linux kernel through 4.8.2 allows local users to\ncause a denial of service (fdatasync failure and system hang) by using the\nvfs syscall group in the trinity program, related to a \"page lock order bug\nin the XFS seek hole/data implementation.\"\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1384851>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | As of 2018-09-12, there is no upstream fix available and upstream disputes the security impact of this issue (see linux-fsdevel reference above)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2016-8660", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8660"], "modified": "2016-10-16T00:00:00", "id": "UB:CVE-2016-8660", "href": "https://ubuntu.com/security/CVE-2016-8660", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T15:58:20", "description": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the\nLinux kernel before 4.4 allows local users to cause a denial of service\n(memory consumption) or possibly have unspecified other impact by opening\n/dev/cuse many times.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1554258>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1339", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1339"], "modified": "2016-04-27T00:00:00", "id": "UB:CVE-2015-1339", "href": "https://ubuntu.com/security/CVE-2015-1339", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T16:09:25", "description": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64\nplatform improperly relies on espfix64 during nested NMI processing, which\nallows local users to gain privileges by triggering an NMI within a certain\ninstruction window.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1477026>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[tyhicks](<https://launchpad.net/~tyhicks>) | Per oss-security, affects 3.13 and newer \n[kamal](<https://launchpad.net/~kamal>) | precise_linux 3.2-based kernels set to \"not-affected (code not present)\" per oss-security post\n", "cvss3": {}, "published": "2015-07-23T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3290", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3290"], "modified": "2015-07-23T00:00:00", "id": "UB:CVE-2015-3290", "href": "https://ubuntu.com/security/CVE-2015-3290", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:58:09", "description": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of\nrequirements for setattr operations that underspecifies removing extended\nprivilege attributes, which allows local users to cause a denial of service\n(capability stripping) via a failed invocation of a system call, as\ndemonstrated by using chown to remove a capability from the ping or\nWireshark dumpcap program.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492>\n * <https://launchpad.net/bugs/1415636>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-02T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1350", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1350"], "modified": "2016-05-02T00:00:00", "id": "UB:CVE-2015-1350", "href": "https://ubuntu.com/security/CVE-2015-1350", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T16:29:49", "description": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human\nInterface Device (HID) subsystem in the Linux kernel through 3.11, when\nCONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to\ncause a denial of service (heap memory corruption, or NULL pointer\ndereference and OOPS) via a crafted device.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1220205>\n", "cvss3": {}, "published": "2013-09-16T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2897", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2897"], "modified": "2013-09-16T00:00:00", "id": "UB:CVE-2013-2897", "href": "https://ubuntu.com/security/CVE-2013-2897", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T16:14:06", "description": "The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel\nbefore 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows\nguest OS users to gain guest OS privileges or cause a denial of service\n(guest OS crash) by triggering use of a 16-bit code segment for emulation\nof a SYSENTER instruction.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1414651>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2015-01-23T00:00:00", "type": "ubuntucve", "title": "CVE-2015-0239", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0239"], "modified": "2015-01-23T00:00:00", "id": "UB:CVE-2015-0239", "href": "https://ubuntu.com/security/CVE-2015-0239", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-07T16:12:53", "description": "The media_device_enum_entities function in drivers/media/media-device.c in\nthe Linux kernel before 3.14.6 does not initialize a certain data\nstructure, which allows local users to obtain sensitive information from\nkernel memory by leveraging /dev/media0 read access for a\nMEDIA_IOC_ENUM_ENTITIES ioctl call.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1333609>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels\n", "cvss3": {}, "published": "2014-06-23T00:00:00", "type": "ubuntucve", "title": "CVE-2014-1739", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739"], "modified": "2014-06-23T00:00:00", "id": "UB:CVE-2014-1739", "href": "https://ubuntu.com/security/CVE-2014-1739", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T15:38:21", "description": "The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux\nkernel through 4.9.8 improperly emulates the VMXON instruction, which\nallows KVM L1 guest OS users to cause a denial of service (host OS memory\nconsumption) by leveraging the mishandling of page references.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2017-02-06T00:00:00", "type": "ubuntucve", "title": "CVE-2017-2596", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2596"], "modified": "2017-02-06T00:00:00", "id": "UB:CVE-2017-2596", "href": "https://ubuntu.com/security/CVE-2017-2596", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-07T16:13:27", "description": "The futex_requeue function in kernel/futex.c in the Linux kernel through\n3.14.5 does not ensure that calls have two different futex addresses, which\nallows local users to gain privileges via a crafted FUTEX_REQUEUE command\nthat facilitates unsafe waiter modification.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1326367>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels\n", "cvss3": {}, "published": "2014-06-05T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3153", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3153"], "modified": "2014-06-05T00:00:00", "id": "UB:CVE-2014-3153", "href": "https://ubuntu.com/security/CVE-2014-3153", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T16:14:23", "description": "The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension\nimplementations in the sk_run_filter function in net/core/filter.c in the\nLinux kernel through 3.14.3 do not check whether a certain length value is\nsufficiently large, which allows local users to cause a denial of service\n(integer underflow and system crash) via crafted BPF instructions. NOTE:\nthe affected code was moved to the __skb_get_nlattr and\n__skb_get_nlattr_nest functions before the vulnerability was announced.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1319561>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels\n", "cvss3": {}, "published": "2014-05-11T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3144", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3144"], "modified": "2014-05-11T00:00:00", "id": "UB:CVE-2014-3144", "href": "https://ubuntu.com/security/CVE-2014-3144", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "redhatcve": [{"lastseen": "2023-06-23T20:30:33", "description": "An issue was discovered in the Linux kernel where an incorrect access check in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-24T20:19:19", "type": "redhatcve", "title": "CVE-2018-16597", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16597"], "modified": "2023-04-06T05:01:00", "id": "RH:CVE-2018-16597", "href": "https://access.redhat.com/security/cve/cve-2018-16597", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}}, {"lastseen": "2022-07-07T11:11:24", "description": "A flaw was found in the Linux kernel when freeing pages in hugetlbfs. This could trigger a local denial of service by crashing the kernel.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-12-15T13:49:38", "type": "redhatcve", "title": "CVE-2017-15127", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2022-07-07T09:11:50", "id": "RH:CVE-2017-15127", "href": "https://access.redhat.com/security/cve/cve-2017-15127", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-23T20:30:28", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-08T22:15:56", "type": "redhatcve", "title": "CVE-2018-17972", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2023-04-06T05:18:57", "id": "RH:CVE-2018-17972", "href": "https://access.redhat.com/security/cve/cve-2018-17972", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-09-02T22:52:19", "description": "An attacker on a network could abuse a flaw in the IPv6 stack fragment reassembly code to induce kernel memory corruption on the system, possibly leading to a system crash.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-02T09:47:31", "type": "redhatcve", "title": "CVE-2016-9755", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9755"], "modified": "2020-04-08T20:43:42", "id": "RH:CVE-2016-9755", "href": "https://access.redhat.com/security/cve/cve-2016-9755", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:53:41", "description": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2016-12-15T20:22:55", "type": "redhatcve", "title": "CVE-2016-5412", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2020-08-21T18:54:06", "id": "RH:CVE-2016-5412", "href": "https://access.redhat.com/security/cve/cve-2016-5412", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-03-07T23:25:48", "description": "An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-09-11T11:24:52", "type": "redhatcve", "title": "CVE-2018-16658", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16658"], "modified": "2023-03-07T22:11:41", "id": "RH:CVE-2018-16658", "href": "https://access.redhat.com/security/cve/cve-2018-16658", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-09-02T22:53:00", "description": "The XFS subsystem in the Linux kernel 4.4 and later allows local users to cause a denial of service (fdatasync() failure and system hang) by using the vfs syscall group in the 'trinity' program, as a result of a page lock order bug in the XFS seek hole/data implementation.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-10-14T09:47:23", "type": "redhatcve", "title": "CVE-2016-8660", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8660"], "modified": "2020-04-08T19:08:07", "id": "RH:CVE-2016-8660", "href": "https://access.redhat.com/security/cve/cve-2016-8660", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-01-21T00:07:23", "description": "Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS.\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2017-01-31T07:47:49", "type": "redhatcve", "title": "CVE-2017-2596", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2596"], "modified": "2022-01-20T21:15:24", "id": "RH:CVE-2017-2596", "href": "https://access.redhat.com/security/cve/cve-2017-2596", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "prion": [{"lastseen": "2023-11-22T02:37:07", "description": "An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-21T16:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16597"], "modified": "2019-10-03T00:03:00", "id": "PRION:CVE-2018-16597", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-16597", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}}, {"lastseen": "2023-11-22T03:57:46", "description": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-02-08T03:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8539"], "modified": "2022-01-31T17:51:00", "id": "PRION:CVE-2015-8539", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-8539", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:56:51", "description": "The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 2.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-28T11:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7885"], "modified": "2016-12-07T18:25:00", "id": "PRION:CVE-2015-7885", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-7885", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:05:07", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T06:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2023-02-12T23:28:00", "id": "PRION:CVE-2017-15127", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-15127", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T03:42:54", "description": "The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2016-12-28T07:59:00", "type": "prion", "title": "Integer overflow", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9755"], "modified": "2023-11-07T02:37:00", "id": "PRION:CVE-2016-9755", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-9755", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:45:52", "description": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1339"], "modified": "2016-12-01T02:59:00", "id": "PRION:CVE-2015-1339", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-1339", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T03:41:47", "description": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-28T03:59:00", "type": "prion", "title": "Integer overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9083"], "modified": "2023-01-17T21:05:00", "id": "PRION:CVE-2016-9083", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-9083", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T02:38:53", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 3.6}, "published": "2018-10-03T22:29:00", "type": "prion", "title": "Stack overflow", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2020-10-15T13:28:00", "id": "PRION:CVE-2018-17972", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-17972", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-11-22T03:41:04", "description": "The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a \"page lock order bug in the XFS seek hole/data implementation.\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8660"], "modified": "2016-11-28T20:41:00", "id": "PRION:CVE-2016-8660", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-8660", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T03:35:27", "description": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2016-08-06T20:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2023-02-12T23:24:00", "id": "PRION:CVE-2016-5412", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2016-5412", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T03:49:18", "description": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.", "cvss3": {}, "published": "2015-08-31T10:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3290"], "modified": "2017-09-17T01:29:00", "id": "PRION:CVE-2015-3290", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-3290", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:45:51", "description": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-02T10:59:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1350"], "modified": "2021-07-15T19:16:00", "id": "PRION:CVE-2015-1350", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-1350", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T04:24:03", "description": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.", "cvss3": {}, "published": "2013-09-16T13:01:00", "type": "prion", "title": "Null pointer dereference", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2897"], "modified": "2023-11-07T02:15:00", "id": "PRION:CVE-2013-2897", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2013-2897", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T04:05:04", "description": "The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.", "cvss3": {}, "published": "2014-06-07T14:55:00", "type": "prion", "title": "Command injection", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "type": "Primary", "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3153"], "modified": "2023-11-07T02:19:00", "id": "PRION:CVE-2014-3153", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2014-3153", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T03:43:41", "description": "The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.", "cvss3": {}, "published": "2015-03-02T11:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0239"], "modified": "2023-02-13T00:45:00", "id": "PRION:CVE-2015-0239", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-0239", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:12:22", "description": "The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2017-02-06T06:59:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2596"], "modified": "2023-02-12T23:29:00", "id": "PRION:CVE-2017-2596", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-2596", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-11-22T04:02:48", "description": "The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.", "cvss3": {}, "published": "2014-06-23T11:21:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "type": "Primary", "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739"], "modified": "2023-11-07T02:19:00", "id": "PRION:CVE-2014-1739", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2014-1739", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-12-06T18:24:23", "description": "An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-21T16:29:00", "type": "debiancve", "title": "CVE-2018-16597", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16597"], "modified": "2018-09-21T16:29:00", "id": "DEBIANCVE:CVE-2018-16597", "href": "https://security-tracker.debian.org/tracker/CVE-2018-16597", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}}, {"lastseen": "2023-12-06T18:24:21", "description": "The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 2.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-28T11:59:00", "type": "debiancve", "title": "CVE-2015-7885", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7885"], "modified": "2015-12-28T11:59:00", "id": "DEBIANCVE:CVE-2015-7885", "href": "https://security-tracker.debian.org/tracker/CVE-2015-7885", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T18:24:22", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T06:29:00", "type": "debiancve", "title": "CVE-2017-15127", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2018-01-14T06:29:00", "id": "DEBIANCVE:CVE-2017-15127", "href": "https://security-tracker.debian.org/tracker/CVE-2017-15127", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T18:24:23", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-03T22:29:00", "type": "debiancve", "title": "CVE-2018-17972", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2018-10-03T22:29:00", "id": "DEBIANCVE:CVE-2018-17972", "href": "https://security-tracker.debian.org/tracker/CVE-2018-17972", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-12-06T18:24:22", "description": "The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-28T07:59:00", "type": "debiancve", "title": "CVE-2016-9755", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9755"], "modified": "2016-12-28T07:59:00", "id": "DEBIANCVE:CVE-2016-9755", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9755", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:24:21", "description": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "debiancve", "title": "CVE-2015-1339", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1339"], "modified": "2016-04-27T17:59:00", "id": "DEBIANCVE:CVE-2015-1339", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1339", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T18:24:22", "description": "The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a \"page lock order bug in the XFS seek hole/data implementation.\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "debiancve", "title": "CVE-2016-8660", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8660"], "modified": "2016-10-16T21:59:00", "id": "DEBIANCVE:CVE-2016-8660", "href": "https://security-tracker.debian.org/tracker/CVE-2016-8660", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T18:24:22", "description": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-28T03:59:00", "type": "debiancve", "title": "CVE-2016-9083", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9083"], "modified": "2016-11-28T03:59:00", "id": "DEBIANCVE:CVE-2016-9083", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9083", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:24:21", "description": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-02-08T03:59:00", "type": "debiancve", "title": "CVE-2015-8539", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8539"], "modified": "2016-02-08T03:59:00", "id": "DEBIANCVE:CVE-2015-8539", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8539", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:24:22", "description": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2016-08-06T20:59:00", "type": "debiancve", "title": "CVE-2016-5412", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2016-08-06T20:59:00", "id": "DEBIANCVE:CVE-2016-5412", "href": "https://security-tracker.debian.org/tracker/CVE-2016-5412", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T18:24:21", "description": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.", "cvss3": {}, "published": "2015-08-31T10:59:00", "type": "debiancve", "title": "CVE-2015-3290", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3290"], "modified": "2015-08-31T10:59:00", "id": "DEBIANCVE:CVE-2015-3290", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3290", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:24:21", "description": "The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.", "cvss3": {}, "published": "2015-03-02T11:59:00", "type": "debiancve", "title": "CVE-2015-0239", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0239"], "modified": "2015-03-02T11:59:00", "id": "DEBIANCVE:CVE-2015-0239", "href": "https://security-tracker.debian.org/tracker/CVE-2015-0239", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:24:19", "description": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.", "cvss3": {}, "published": "2013-09-16T13:01:00", "type": "debiancve", "title": "CVE-2013-2897", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2897"], "modified": "2013-09-16T13:01:00", "id": "DEBIANCVE:CVE-2013-2897", "href": "https://security-tracker.debian.org/tracker/CVE-2013-2897", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T18:24:21", "description": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-02T10:59:00", "type": "debiancve", "title": "CVE-2015-1350", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1350"], "modified": "2016-05-02T10:59:00", "id": "DEBIANCVE:CVE-2015-1350", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1350", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-07T18:23:30", "description": "The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.", "cvss3": {}, "published": "2014-06-07T14:55:00", "type": "debiancve", "title": "CVE-2014-3153", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3153"], "modified": "2014-06-07T14:55:00", "id": "DEBIANCVE:CVE-2014-3153", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3153", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:24:23", "description": "The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2017-02-06T06:59:00", "type": "debiancve", "title": "CVE-2017-2596", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2596"], "modified": "2017-02-06T06:59:00", "id": "DEBIANCVE:CVE-2017-2596", "href": "https://security-tracker.debian.org/tracker/CVE-2017-2596", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-07T10:24:28", "description": "The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.", "cvss3": {}, "published": "2014-06-23T11:21:00", "type": "debiancve", "title": "CVE-2014-1739", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739"], "modified": "2014-06-23T11:21:00", "id": "DEBIANCVE:CVE-2014-1739", "href": "https://security-tracker.debian.org/tracker/CVE-2014-1739", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-12-06T14:45:46", "description": "An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-21T16:29:00", "type": "cve", "title": "CVE-2018-16597", "cwe": ["CWE-863"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16597"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:netapp:active_iq_performance_analytics_services:-", "cpe:/a:netapp:element_software:-", "cpe:/o:opensuse:leap:42.3"], "id": "CVE-2018-16597", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16597", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}, "cpe23": ["cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:16:41", "description": "The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 2.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-28T11:59:00", "type": "cve", "title": "CVE-2015-7885", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7885"], "modified": "2016-12-07T18:25:00", "cpe": ["cpe:/o:linux:linux_kernel:4.3.2"], "id": "CVE-2015-7885", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7885", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.3.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:53:11", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-03T22:29:00", "type": "cve", "title": "CVE-2018-17972", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2023-11-07T02:54:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:linux:linux_kernel:4.18.11", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server:7.6", "cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:12.04"], "id": "CVE-2018-17972", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17972", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.18.11:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:12:49", "description": "The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-28T07:59:00", "type": "cve", "title": "CVE-2016-9755", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9755"], "modified": "2023-11-07T02:37:00", "cpe": ["cpe:/o:linux:linux_kernel:4.8.15"], "id": "CVE-2016-9755", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9755", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.8.15:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:08:30", "description": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-28T03:59:00", "type": "cve", "title": "CVE-2016-9083", "cwe": ["CWE-119", "CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9083"], "modified": "2023-01-17T21:05:00", "cpe": [], "id": "CVE-2016-9083", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9083", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-06T15:05:51", "description": "The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a \"page lock order bug in the XFS seek hole/data implementation.\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "cve", "title": "CVE-2016-8660", "cwe": ["CWE-19"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8660"], "modified": "2016-11-28T20:41:00", "cpe": ["cpe:/o:linux:linux_kernel:4.8.2"], "id": "CVE-2016-8660", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8660", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.8.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:38:21", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T06:29:00", "type": "cve", "title": "CVE-2017-15127", "cwe": ["CWE-460"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2023-02-12T23:28:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:redhat:enterprise_mrg:2.0"], "id": "CVE-2017-15127", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15127", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:45:04", "description": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2016-08-06T20:59:00", "type": "cve", "title": "CVE-2016-5412", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2023-02-12T23:24:00", "cpe": ["cpe:/o:linux:linux_kernel:4.7"], "id": "CVE-2016-5412", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5412", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.7:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:52:12", "description": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.", "cvss3": {}, "published": "2015-08-31T10:59:00", "type": "cve", "title": "CVE-2015-3290", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3290"], "modified": "2017-09-17T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.1.5"], "id": "CVE-2015-3290", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3290", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.1.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:24", "description": "Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "cve", "title": "CVE-2015-1339", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1339"], "modified": "2016-12-01T02:59:00", "cpe": ["cpe:/o:novell:suse_linux_enterprise_debuginfo:11", "cpe:/o:linux:linux_kernel:4.3.6", "cpe:/o:novell:suse_linux_enterprise_real_time_extension:11"], "id": "CVE-2015-1339", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1339", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:20:00", "description": "The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-02-08T03:59:00", "type": "cve", "title": "CVE-2015-8539", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8539"], "modified": "2022-01-31T17:51:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_real_time_extension:12", "cpe:/o:linux:linux_kernel:4.4", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2015-8539", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8539", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"]}, {"lastseen": "2023-12-06T14:33:36", "description": "Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.", "cvss3": {}, "published": "2013-09-16T13:01:00", "type": "cve", "title": "CVE-2013-2897", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2897"], "modified": "2023-11-07T02:15:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.21"], "id": "CVE-2013-2897", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2897", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:40:28", "description": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-02T10:59:00", "type": "cve", "title": "CVE-2015-1350", "cwe": ["CWE-552"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1350"], "modified": "2021-07-15T19:16:00", "cpe": ["cpe:/o:linux:linux_kernel:3.19.8", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/o:redhat:enterprise_linux:5.0", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:redhat:enterprise_mrg:2.0"], "id": "CVE-2015-1350", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1350", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.19.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:32:09", "description": "The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.", "cvss3": {}, "published": "2015-03-02T11:59:00", "type": "cve", "title": "CVE-2015-0239", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0239"], "modified": "2023-02-13T00:45:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:oracle:linux:7", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:oracle:linux:5"], "id": "CVE-2015-0239", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0239", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:06:18", "description": "The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2017-02-06T06:59:00", "type": "cve", "title": "CVE-2017-2596", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2596"], "modified": "2023-02-12T23:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.9.8"], "id": "CVE-2017-2596", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2596", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.9.8:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-07T10:26:39", "description": "The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.", "cvss3": {}, "published": "2014-06-07T14:55:00", "type": "cve", "title": "CVE-2014-3153", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3153"], "modified": "2023-11-07T02:19:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_aus:6.2", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:suse:linux_enterprise_real_time_extension:11", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:suse:linux_enterprise_high_availability_extension:11"], "id": "CVE-2014-3153", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3153", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*"]}, {"lastseen": "2023-12-07T10:26:35", "description": "The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.", "cvss3": {}, "published": "2014-05-11T21:55:00", "type": "cve", "title": "CVE-2014-3144", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3144"], "modified": "2023-11-07T02:19:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:linux:linux_kernel:3.14.3", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:oracle:linux:7", "cpe:/o:canonical:ubuntu_linux:13.10"], "id": "CVE-2014-3144", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3144", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-07T10:19:02", "description": "The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.", "cvss3": {}, "published": "2014-06-23T11:21:00", "type": "cve", "title": "CVE-2014-1739", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1739"], "modified": "2023-11-07T02:19:00", "cpe": ["cpe:/o:suse:suse_linux_enterprise_desktop:11", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:suse_linux_enterprise_server:11", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:suse:linux_enterprise_high_availability_extension:11"], "id": "CVE-2014-1739", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1739", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*"]}], "thn": [{"lastseen": "2018-01-27T09:17:49", "description": "[](<https://2.bp.blogspot.com/-pxMyh-8rhv0/U5L2SbAMTZI/AAAAAAAAb_I/A-iqdubuyv8/s1600/linux-kernel-hacking.jpg>)\n\nMultiple flaws have been identified in Linux Kernel and related software could allow hackers to hack your Linux machines, shared hosting and websites hosted on them.\n\n \n\n\n**PRIVILEGE ESCALATION VULNERABILITY IN LINUX KERNEL**\n\nA privilege escalation vulnerability has been [identified](<https://lists.debian.org/debian-security-announce/2014/msg00130.html>) in the widely used Linux kernel that could allow an attackers to take the control of users\u2019 system.\n\n \n\n\nOn Thursday, the most popular distributor of open source Linux OS, Debian warned about this vulnerability (CVE-2014-3153) in a security update, along with some other vulnerabilities in the Linux kernel that may lead to a denial of service attack.\n\n \n\n\nThe most critical one is the flaw (CVE-2014-3153) discovered by Pinkie Pie which resides in the futex subsystem call of _[Linux Kernel](<https://thehackernews.com/search/label/Linux%20kernel>) 2.6.32.62/3.2.59/3.4.91/3.10.41/3.12.21/3.14.5 versions_, leaving a queued kernel waiter on the stack, which can be exploited to potentially execute arbitrary code with kernel mode privileges.\n\n> \"_Pinkie Pie discovered an issue in the futex subsystem that allows a local user to gain ring 0 control via the futex syscall,_\" reads the advisory. \"_An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation.\"_\n\n[Pinkie Pie](<https://thehackernews.com/search/label/Pinkie%20Pie%20hacker>) is the anonymous teenage ethical and skilled hacker who scooped at least $100,000 for bypassing the security features of Google's Chrome, many of them sandbox exploits, at both Pwnium and Pwn2Own competitions every year since 2012.\n\n \n\n\n**RESEARCHER\u2019S ADVICE**\n\n_Kees Cook_, a Google Chrome OS security researcher and Ubuntu contributor said that the latest flaw found by Pinkie Pie is \"urgent to fix.\"\n\n> \"_Specifically, the futex syscall can leave a queued kernel waiter hanging on the stack. By manipulating the stack with further syscalls, the waiter structure can be altered. When later woken up, the altered waiter can result in arbitrary code execution in ring 0,_\" Cook [wrote](<http://seclists.org/oss-sec/2014/q2/469>) Thursday on Seclists.org. \"_This flaw is especially urgent to fix because futex tends to be available within most Linux sandboxes (because it is used as a glibc pthread primitive)._\"\n\n**CHKROOTKIT - ANOTHER CRITICAL FLAW**\n\nThe vulnerability highlighted two days after Thomas Stangner [reported](<http://www.openwall.com/lists/oss-security/2014/06/04/9>) a serious flaw in the chkrootkit (Check Rootkit), a rootkit detector, that allows a local attacker to gain root access to gain root control by executing malicious code inside the_ /tmp_ directory.\n\n \n\n\nA common Unix-based program, chkrootkit helps system administrators to check their systems for known rootkits. The vulnerability in the chkrootkit, assigned **_CVE-2014-0476_** ID, actually resides in the slapper() function in the shell script chkrootkit package. A non-root user can place any malicious executable file named 'update' in _/tmp_ folder, which will get executed as root whenever chkrootkit will scan this directory for rootkits.\n\n \n\n\n**OTHER VULNERABILITIES IN LINUX KERNEL**\n\nAnother security issues (_**CVE-2014-3144 and CVE-2014-3145**_) also have been discovered in the Linux kernel that could allow any local user to cause a [Denial of Service (DoS) attack](<https://thehackernews.com/search/label/dos%20attack>) via crafted BPF instructions.\n\n \n\n\nDebian has issued the patches for these vulnerabilities and encouraged Linux users to upgrade their Linux packages highlighting that the issue has been fixed in the stable distribution, version 3.2.57-3+deb7u2, and will be fixed in the unstable distribution as soon as possible.\n", "cvss3": {}, "published": "2014-06-07T00:29:00", "type": "thn", "title": "Linux Kernel Vulnerable to Privilege Escalation and DoS Attack", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-3145", "CVE-2014-3144", "CVE-2014-3153", "CVE-2014-0476"], "modified": "2014-06-07T11:43:57", "id": "THN:B13AEDC0DAC18F19211BE2B4BE0C4787", "href": "https://thehackernews.com/2014/06/linux-kernel-vulnerable-to-privilege_7.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:45:47", "description": "This kernel live patch for Linux Kernel 3.12.51-60.20.1 fixes security\n issues and bugs:\n\n Security issues fixed:\n - CVE-2015-8539: A negatively instantiated user key could have been used\n by a local user to leverage privileges (bnc#958601).\n\n", "cvss3": {}, "published": "2016-02-04T19:17:20", "type": "suse", "title": "Security update for kernel live patch SP1 1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-8539"], "modified": "2016-02-04T19:17:20", "id": "SUSE-SU-2016:0339-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00011.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:50:51", "description": "This kernel live patch for Linux Kernel 3.12.51-52.31.1 fixes a security\n issue:\n\n Security issues fixed:\n - CVE-2015-8539: A negatively instantiated user key could have been used\n by a local user to leverage privileges (bnc#958601).\n\n", "cvss3": {}, "published": "2016-02-04T19:14:06", "type": "suse", "title": "Security update for kernel live patch 9 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-8539"], "modified": "2016-02-04T19:14:06", "id": "SUSE-SU-2016:0336-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00008.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:14:55", "description": "The SUSE Linux Enterprise 11 Service Pack 3 RealTime Extension kernel was\n updated to fix a critical privilege escalation security issue:\n\n * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be\n used to gain ring0 access via the futex syscall. This could be used\n for privilege escalation by non-root users. (bnc#880892)\n", "cvss3": {}, "published": "2014-06-14T02:04:20", "type": "suse", "title": "Security update for Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2014-06-14T02:04:20", "id": "SUSE-SU-2014:0796-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00018.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:49:16", "description": "The SUSE Linux Enterprise 11 Service Pack 2 LTSS kernel was updated to fix\n a critical security issue:\n\n * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be\n used to gain ring0 access via the futex syscall. This could be used\n for privilege escalation by non-root users. (bnc#880892)\n", "cvss3": {}, "published": "2014-06-24T20:04:13", "type": "suse", "title": "Security update for Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-3153"], "modified": "2014-06-24T20:04:13", "id": "SUSE-SU-2014:0837-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00025.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "veracode": [{"lastseen": "2023-04-18T13:25:46", "description": "kernel-rt is vulnerable to denial of service (DoS) attacks. The vulnerability exists as the KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-15T09:20:34", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8539"], "modified": "2022-01-31T20:45:26", "id": "VERACODE:12700", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-12700/summary", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-04-18T13:24:42", "description": "Linux kernel is vulnerable to memory corruption vulnerability. A remote, unauthenticated attacker could bypass integer overflow checks, and cause a denial of service via memory corruption. Affected is the file, `drivers/vfio/pci/vfio_pci.c`.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-02T06:32:55", "type": "veracode", "title": "Memory Corruption", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9083"], "modified": "2023-01-17T23:43:27", "id": "VERACODE:18219", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-18219/summary", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-04-18T14:00:04", "description": "Linux kernel is vulnerable to denial of service(DoS) attacks. An attacker could exploit a flaw in the `hugetlb_mcopy_atomic_pte` function in `mm/hugetlb.c`. This occurs when freeing pages in hugetlbfs. An attacker could trigger a local denial of service by crashing the kernel.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-16T02:50:24", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15127"], "modified": "2023-02-13T01:48:33", "id": "VERACODE:19171", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-19171/summary", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-04-18T14:00:23", "description": "Linux kernel is vulnerable to information disclosure vulnerability. The vulnerability exists in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. Local attackers could obtain kernel task stack contents that may lead to further attacks.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-16T03:58:18", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2020-10-15T15:09:53", "id": "VERACODE:20131", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-20131/summary", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-07-27T10:55:29", "description": "kernel is vulnerable to information disclosure. The vulnerability exists through an Information leak in cdrom_ioctl_drive_status.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-08-08T00:07:16", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16658"], "modified": "2022-04-19T18:34:17", "id": "VERACODE:21048", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-21048/summary", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-04-18T13:59:57", "description": "Linux kernel is vulnerable to denial of service (DoS) attacks. This occurs while emulating VMXON instruction in 'handle_vmon' improperly. An L1 guest user could use this flaw to leak host memory potentially resulting in a system crash.\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2019-05-02T06:36:12", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2596"], "modified": "2023-02-13T01:49:38", "id": "VERACODE:18241", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-18241/summary", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "virtuozzo": [{"lastseen": "2023-12-06T18:28:25", "description": "This update provides a new Virtuozzo 6.0 kernel 2.6.32-042stab120.18 based on the Red Hat Enterprise Linux 6.8 kernel 2.6.32-642.6.1.el6. The new kernel provides security and stability fixes.\n**Vulnerability id:** CVE-2015-8539\nFixed handling of stored error in a negatively instantiated user key. Key management subsystems could be abused to escalate privileges through memory corruption. All kernels were affected.\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-18T00:00:00", "type": "virtuozzo", "title": "Important kernel security update: vulnerability fix for CVE-2015-8539, new kernel 2.6.32-042stab120.18; Virtuozzo 6.0 Update 12 Hotfix 1 (6.0.12-3656)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8539"], "modified": "2017-01-18T00:00:00", "id": "VZA-2017-001", "href": "https://help.virtuozzo.com/customer/en/portal/articles/2718897", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-30T17:45:14", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.18.13-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2018-10-30T17:45:14", "id": "FEDORA:28A8366B1094", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CZG6KDGEE7JPWCJRGXKTMUM7LJVFLRHI/", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2018-09-14T23:14:35", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-headers-4.18.7-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16658"], "modified": "2018-09-14T23:14:35", "id": "FEDORA:E819660C68EA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PSJQRK7HAG7GPOSBCZZMP4LFXYQ7Z5PP/", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2018-09-14T23:14:36", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-tools-4.18.7-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16658"], "modified": "2018-09-14T23:14:36", "id": "FEDORA:28CF260C68EC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3WA5I2MFZHPHJLXIJ5447WI4JFYPYPUR/", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-16T12:10:24", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-headers-4.18.13-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2018-10-16T12:10:24", "id": "FEDORA:6F57B601CED2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FFY7M6MQMHNRHFXRTDRHOKQMOJ3FLCF6/", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2016-08-15T21:28:30", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kernel-4.6.6-300.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2016-08-15T21:28:30", "id": "FEDORA:F39746087895", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HIECVMGNK64CYF6KY336Z36H62ICGRYI/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2016-08-16T00:51:10", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: kernel-4.6.6-200.fc23", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5412"], "modified": "2016-08-16T00:51:10", "id": "FEDORA:0FB9F605F1E0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VHQTHD35KRH2KATKNWYFEX5PHTCYRNPU/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-14T23:43:25", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-tools-4.18.13-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17972"], "modified": "2018-10-14T23:43:25", "id": "FEDORA:E17EC601FD8F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QOHPEYAZQ23NZYZGXSTHYE6VSC5LXAMM/", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/