DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562311220191535", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1535)", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "published": "2020-01-23T00:00:00", "modified": "2020-02-05T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191535", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["2019-1535", "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1535"], "cvelist": ["CVE-2015-4692", "CVE-2015-4177", "CVE-2016-9793", "CVE-2018-5333", "CVE-2014-1737", "CVE-2013-2929", "CVE-2013-7348", "CVE-2014-1738", "CVE-2019-9857", "CVE-2016-1583", "CVE-2013-6382", "CVE-2016-2064", "CVE-2016-5829", "CVE-2017-9986", "CVE-2016-3140", "CVE-2013-7271", "CVE-2016-7912", "CVE-2017-7487", "CVE-2014-8172", "CVE-2015-4167", "CVE-2017-16645"], "immutableFields": [], "lastseen": "2020-02-05T16:35:33", "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["0A73C01D4DA08B819B9C4B612AFC80EC"]}, {"type": "amazon", "idList": ["ALAS-2013-258", "ALAS-2017-782", "ALAS-2017-937"]}, {"type": "android", "idList": ["ANDROID:CVE-2016-7912"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-09-01", "ANDROID:2016-11-01", "ANDROID:2017-03-01", "ANDROID:2017-09-01"]}, {"type": "centos", "idList": ["CESA-2014:0159", "CESA-2014:0285", "CESA-2014:0740", "CESA-2014:0771", "CESA-2014:1971", "CESA-2015:0290", "CESA-2016:2006", "CESA-2016:2124", "CESA-2016:2574", "CESA-2016:2766", "CESA-2017:0933"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:10916BBD941416F67134F1200DE97709", "CFOUNDRY:3F54C95B87B9551DBB314C8164D88E3A", "CFOUNDRY:5EEA2226D4FCA4D50B918305E55569E8", "CFOUNDRY:6D0A7CF1EF35A1C96485B4FC10A51978", "CFOUNDRY:CAC337307F043175ACEEE3B0FD0416FF", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC"]}, {"type": "cve", "idList": ["CVE-2013-2929", "CVE-2013-6382", "CVE-2013-6463", "CVE-2013-7271", "CVE-2013-7348", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-8172", "CVE-2015-4167", "CVE-2015-4177", "CVE-2015-4692", "CVE-2016-1583", "CVE-2016-2064", "CVE-2016-3140", "CVE-2016-5829", "CVE-2016-7912", "CVE-2016-9793", "CVE-2017-16645", "CVE-2017-7487", "CVE-2017-9986", "CVE-2018-5333", "CVE-2019-9857"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-246-1:C824B", "DEBIAN:DLA-246-2:ABC0D", "DEBIAN:DLA-516-1:B66B7", "DEBIAN:DLA-609-1:1025A", "DEBIAN:DLA-772-1:EB721", "DEBIAN:DLA-993-1:71AF5", "DEBIAN:DSA-2906-1:5B9FC", "DEBIAN:DSA-2926-1:1D594", "DEBIAN:DSA-2928-1:6623C", "DEBIAN:DSA-3290-1:2369A", "DEBIAN:DSA-3290-1:6E148", "DEBIAN:DSA-3313-1:00F99", "DEBIAN:DSA-3313-1:C4641", "DEBIAN:DSA-3329-1:6C2DD", "DEBIAN:DSA-3329-1:93E26", "DEBIAN:DSA-3607-1:0BD6E", "DEBIAN:DSA-3607-1:29E1C", "DEBIAN:DSA-3616-1:690FB", "DEBIAN:DSA-3616-1:8F5D7", "DEBIAN:DSA-3886-1:89166", "DEBIAN:DSA-3886-1:F6458", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4187-1:E8170"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-2929", "DEBIANCVE:CVE-2013-6382", "DEBIANCVE:CVE-2013-7271", "DEBIANCVE:CVE-2013-7348", "DEBIANCVE:CVE-2014-1737", "DEBIANCVE:CVE-2014-1738", "DEBIANCVE:CVE-2014-8172", "DEBIANCVE:CVE-2015-4167", "DEBIANCVE:CVE-2015-4177", "DEBIANCVE:CVE-2015-4692", "DEBIANCVE:CVE-2016-1583", "DEBIANCVE:CVE-2016-3140", "DEBIANCVE:CVE-2016-5829", "DEBIANCVE:CVE-2016-7912", "DEBIANCVE:CVE-2016-9793", "DEBIANCVE:CVE-2017-16645", "DEBIANCVE:CVE-2017-7487", "DEBIANCVE:CVE-2017-9986", "DEBIANCVE:CVE-2018-5333", "DEBIANCVE:CVE-2019-9857"]}, {"type": "exploitdb", "idList": ["EDB-ID:41995", "EDB-ID:47957"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:7AD8D8301E32D30D80BF379536ECB19B"]}, {"type": "f5", "idList": ["F5:K10515241", "F5:K17321", "F5:K28056114", "SOL17121", "SOL17321", "SOL28056114"]}, {"type": "fedora", "idList": ["FEDORA:01C936061569", "FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:08D3760E6566", "FEDORA:0960721640", "FEDORA:10F7D6255145", "FEDORA:131186087E1C", "FEDORA:1317A20FE4", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1AE8521943", "FEDORA:1C7E86049D49", "FEDORA:1CAC0608E6F2", "FEDORA:1CCC322073", "FEDORA:1DA3D221C6", "FEDORA:229FE60419B9", "FEDORA:23B6E225A0", "FEDORA:25BDD6190ECF", "FEDORA:26C5127E25", "FEDORA:26DF321BA7", "FEDORA:2784A21C29", "FEDORA:2836F613193B", "FEDORA:28A7021A1E", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:2A0322BA2C", "FEDORA:2BA602158D", "FEDORA:2E40E608A4A7", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3060D60E9A21", "FEDORA:30991220A7", "FEDORA:30C5820E79", "FEDORA:3266960F0E44", "FEDORA:33D8860877E1", "FEDORA:39B5660877A6", "FEDORA:3C394606D98F", "FEDORA:4359160906D1", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:49E0B60427EC", "FEDORA:4B62F60A865A", "FEDORA:4CEF5610D7CA", "FEDORA:4CF35608BFEA", "FEDORA:4F34C605E513", "FEDORA:506B2608A4A8", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:547D9626ACA1", "FEDORA:578BF6049496", "FEDORA:5A4D662AE22C", "FEDORA:5A5412131D", "FEDORA:5D742610B071", "FEDORA:648496077DD1", "FEDORA:690DE6022BA8", "FEDORA:6A93C20D15", "FEDORA:6B6B360567FC", "FEDORA:6DBD2608A4A4", "FEDORA:6E67663233DB", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:756F822091", "FEDORA:7640C641CB61", "FEDORA:7734E613B647", "FEDORA:79EAC605FC25", "FEDORA:84C4E22D8F", "FEDORA:85FBF6076011", "FEDORA:87BD56087904", "FEDORA:89C9C6051B3A", "FEDORA:8C2D26090BD4", "FEDORA:8C61D2154D", "FEDORA:8E01360DC908", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:9330A21FE6", "FEDORA:936A4223EA", "FEDORA:98E8F6079A11", "FEDORA:9D83A60EFF4F", "FEDORA:9FA6021249", "FEDORA:A4C8660C350E", "FEDORA:A9A0D60DF38A", "FEDORA:AB52460321C9", "FEDORA:B26386079247", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:B83986079D12", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:BD41660BC2B1", "FEDORA:BFDA5602F059", "FEDORA:C26F460906BA", "FEDORA:C35B860CD859", "FEDORA:C4D496071279", "FEDORA:C56CF6087715", "FEDORA:C6AF860C4240", "FEDORA:CC8F4606D16C", "FEDORA:CE3236087E07", "FEDORA:CFDB8604972F", "FEDORA:D15E060F33C2", "FEDORA:D33DD608BFFE", "FEDORA:D69CC24B48", "FEDORA:D6F86601E6D9", "FEDORA:DA71D21D19", "FEDORA:DB49F219DE", "FEDORA:DF5176048167", "FEDORA:E37FD60924F1", "FEDORA:E6C59213CA", "FEDORA:E6F08605DCE7", "FEDORA:E7CE72245B", "FEDORA:E878E60F237D", "FEDORA:EE2EE6087A58", "FEDORA:F325C6013F0A"]}, {"type": "fortinet", "idList": ["FG-IR-16-052"]}, {"type": "ibm", "idList": ["1DD8AD31B2B7F723FCEA86A5AA6310F75AC2C26DE6A2D73D7EFE783E7CB3CB21", "2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "A3ECA2FADF3E248DCF026E08D24250DA5644166428EA8CC2D77F20F0FD2FCE99", "B13E9CABE04A3A8E052E5DD7075F194AB2BDBB1AA759BCA55EBEBB657F688C5F", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "DCF0785A8E04DB6808EC923041C1F99827C730DBA6770E63D5DA25D354F764EE", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484", "F3D623A09E7D0F54DD4072DEEB91BB4360FCB6F12BC404A385E6347E729DB982"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2013-0371", "MGASA-2013-0372", "MGASA-2013-0373", "MGASA-2013-0374", "MGASA-2013-0375", "MGASA-2014-0043", "MGASA-2014-0225", "MGASA-2014-0226", "MGASA-2014-0227", "MGASA-2014-0228", "MGASA-2014-0229", "MGASA-2014-0234", "MGASA-2014-0235", "MGASA-2014-0236", "MGASA-2014-0237", "MGASA-2014-0238", "MGASA-2015-0386", "MGASA-2015-0390", "MGASA-2016-0015", "MGASA-2016-0271", "MGASA-2016-0283", "MGASA-2016-0284", "MGASA-2016-0415", "MGASA-2017-0003", "MGASA-2017-0004", "MGASA-2017-0186", "MGASA-2017-0187", "MGASA-2017-0188"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-RDS_ATOMIC_FREE_OP_NULL_POINTER_DEREF_PRIV_ESC-"]}, {"type": "nessus", "idList": ["ALA_ALAS-2013-258.NASL", "ALA_ALAS-2017-782.NASL", "ALA_ALAS-2017-937.NASL", "CENTOS_RHSA-2014-0159.NASL", "CENTOS_RHSA-2014-0285.NASL", "CENTOS_RHSA-2014-0740.NASL", "CENTOS_RHSA-2014-0771.NASL", "CENTOS_RHSA-2014-1971.NASL", "CENTOS_RHSA-2015-0290.NASL", "CENTOS_RHSA-2016-2006.NASL", "CENTOS_RHSA-2016-2124.NASL", "CENTOS_RHSA-2016-2574.NASL", "CENTOS_RHSA-2016-2766.NASL", "CENTOS_RHSA-2017-0933.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-246.NASL", "DEBIAN_DLA-516.NASL", "DEBIAN_DLA-609.NASL", "DEBIAN_DLA-772.NASL", "DEBIAN_DLA-993.NASL", "DEBIAN_DSA-2906.NASL", "DEBIAN_DSA-2926.NASL", "DEBIAN_DSA-2928.NASL", "DEBIAN_DSA-3290.NASL", "DEBIAN_DSA-3313.NASL", "DEBIAN_DSA-3329.NASL", "DEBIAN_DSA-3607.NASL", "DEBIAN_DSA-3616.NASL", "DEBIAN_DSA-3886.NASL", "DEBIAN_DSA-4187.NASL", "EULEROS_SA-2017-1071.NASL", "EULEROS_SA-2017-1072.NASL", "EULEROS_SA-2017-1122.NASL", "EULEROS_SA-2017-1123.NASL", "EULEROS_SA-2017-1291.NASL", "EULEROS_SA-2017-1319.NASL", "EULEROS_SA-2018-1031.NASL", "EULEROS_SA-2018-1234.NASL", "EULEROS_SA-2019-1473.NASL", "EULEROS_SA-2019-1475.NASL", "EULEROS_SA-2019-1477.NASL", "EULEROS_SA-2019-1479.NASL", "EULEROS_SA-2019-1483.NASL", "EULEROS_SA-2019-1487.NASL", "EULEROS_SA-2019-1492.NASL", "EULEROS_SA-2019-1494.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1501.NASL", "EULEROS_SA-2019-1504.NASL", "EULEROS_SA-2019-1508.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1535.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2599.NASL", "EULEROS_SA-2020-2222.NASL", "EULEROS_SA-2021-2588.NASL", "F5_BIGIP_SOL28056114.NASL", "FEDORA_2013-22531.NASL", "FEDORA_2013-22669.NASL", "FEDORA_2013-22695.NASL", "FEDORA_2014-6354.NASL", "FEDORA_2014-6357.NASL", "FEDORA_2015-10677.NASL", "FEDORA_2015-10678.NASL", "FEDORA_2016-107F03CC00.NASL", "FEDORA_2016-1C409313F4.NASL", "FEDORA_2016-5AFF4A6BBC.NASL", "FEDORA_2016-5CB5B4082D.NASL", "FEDORA_2016-63EE0999E4.NASL", "FEDORA_2016-73A733F4D9.NASL", "FEDORA_2016-7E602C0E5E.NASL", "FEDORA_2016-81FD1B03AA.NASL", "FEDORA_2016-9A16B2E14E.NASL", "FEDORA_2016-ED5110C4BB.NASL", "FEDORA_2017-466D902289.NASL", "FEDORA_2017-E75602D3ED.NASL", "FEDORA_2018-262EB7C289.NASL", "FEDORA_2018-8DC60A4FEB.NASL", "FEDORA_2019-65C6D11EBA.NASL", "FEDORA_2019-961CDA41F0.NASL", "FEDORA_2019-BE9ADD5B77.NASL", "MANDRIVA_MDVSA-2013-291.NASL", "MANDRIVA_MDVSA-2014-001.NASL", "MANDRIVA_MDVSA-2014-124.NASL", "NEWSTART_CGSL_NS-SA-2019-0004_KERNEL.NASL", "OPENSUSE-2014-375.NASL", "OPENSUSE-2014-376.NASL", "OPENSUSE-2015-543.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1029.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-629.NASL", "OPENSUSE-2016-753.NASL", "OPENSUSE-2016-862.NASL", "OPENSUSE-2016-869.NASL", "OPENSUSE-2017-1390.NASL", "OPENSUSE-2017-1391.NASL", "OPENSUSE-2017-245.NASL", "OPENSUSE-2017-246.NASL", "OPENSUSE-2017-666.NASL", "OPENSUSE-2018-153.NASL", "ORACLELINUX_ELSA-2014-0159.NASL", "ORACLELINUX_ELSA-2014-0285-1.NASL", "ORACLELINUX_ELSA-2014-0285.NASL", "ORACLELINUX_ELSA-2014-0740-1.NASL", "ORACLELINUX_ELSA-2014-0740.NASL", "ORACLELINUX_ELSA-2014-0771.NASL", "ORACLELINUX_ELSA-2014-0786.NASL", "ORACLELINUX_ELSA-2014-1971.NASL", "ORACLELINUX_ELSA-2014-3009.NASL", "ORACLELINUX_ELSA-2014-3010.NASL", "ORACLELINUX_ELSA-2014-3011.NASL", "ORACLELINUX_ELSA-2014-3034.NASL", "ORACLELINUX_ELSA-2014-3041.NASL", "ORACLELINUX_ELSA-2014-3042.NASL", "ORACLELINUX_ELSA-2014-3043.NASL", "ORACLELINUX_ELSA-2014-3070.NASL", "ORACLELINUX_ELSA-2015-0290.NASL", "ORACLELINUX_ELSA-2016-2006.NASL", "ORACLELINUX_ELSA-2016-2124.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2016-2766.NASL", "ORACLELINUX_ELSA-2016-3623.NASL", "ORACLELINUX_ELSA-2016-3624.NASL", "ORACLELINUX_ELSA-2016-3625.NASL", "ORACLELINUX_ELSA-2016-3635.NASL", "ORACLELINUX_ELSA-2016-3636.NASL", "ORACLELINUX_ELSA-2016-3644.NASL", "ORACLELINUX_ELSA-2016-3646.NASL", "ORACLELINUX_ELSA-2017-0933-1.NASL", "ORACLELINUX_ELSA-2017-0933.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-3508.NASL", "ORACLELINUX_ELSA-2017-3509.NASL", "ORACLELINUX_ELSA-2017-3510.NASL", "ORACLELINUX_ELSA-2017-3533.NASL", "ORACLELINUX_ELSA-2017-3534.NASL", "ORACLELINUX_ELSA-2017-3535.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLELINUX_ELSA-2017-3597.NASL", "ORACLELINUX_ELSA-2017-3658.NASL", "ORACLELINUX_ELSA-2018-4084.NASL", "ORACLELINUX_ELSA-2018-4114.NASL", "ORACLELINUX_ELSA-2018-4193.NASL", "ORACLELINUX_ELSA-2018-4304.NASL", "ORACLELINUX_ELSA-2019-4644.NASL", "ORACLEVM_OVMSA-2016-0138.NASL", "ORACLEVM_OVMSA-2016-0139.NASL", "ORACLEVM_OVMSA-2016-0154.NASL", "ORACLEVM_OVMSA-2016-0155.NASL", "ORACLEVM_OVMSA-2016-0158.NASL", "ORACLEVM_OVMSA-2016-0162.NASL", "ORACLEVM_OVMSA-2016-0167.NASL", "ORACLEVM_OVMSA-2016-0181.NASL", "ORACLEVM_OVMSA-2017-0004.NASL", "ORACLEVM_OVMSA-2017-0005.NASL", "ORACLEVM_OVMSA-2017-0006.NASL", "ORACLEVM_OVMSA-2017-0056.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2017-0058.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "ORACLEVM_OVMSA-2018-0037.NASL", "ORACLEVM_OVMSA-2018-0223.NASL", "PHOTONOS_PHSA-2017-0001.NASL", "PHOTONOS_PHSA-2017-0001_LINUX.NASL", "PHOTONOS_PHSA-2017-0018.NASL", "PHOTONOS_PHSA-2019-3_0-0015_LINUX.NASL", "REDHAT-RHSA-2014-0100.NASL", "REDHAT-RHSA-2014-0159.NASL", "REDHAT-RHSA-2014-0285.NASL", "REDHAT-RHSA-2014-0557.NASL", "REDHAT-RHSA-2014-0740.NASL", "REDHAT-RHSA-2014-0771.NASL", "REDHAT-RHSA-2014-0772.NASL", "REDHAT-RHSA-2014-0786.NASL", "REDHAT-RHSA-2014-0800.NASL", "REDHAT-RHSA-2014-0801.NASL", "REDHAT-RHSA-2014-0815.NASL", "REDHAT-RHSA-2014-0900.NASL", "REDHAT-RHSA-2014-1971.NASL", "REDHAT-RHSA-2015-0290.NASL", "REDHAT-RHSA-2015-0694.NASL", "REDHAT-RHSA-2016-2006.NASL", "REDHAT-RHSA-2016-2124.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2016-2584.NASL", "REDHAT-RHSA-2016-2766.NASL", "REDHAT-RHSA-2017-0931.NASL", "REDHAT-RHSA-2017-0932.NASL", "REDHAT-RHSA-2017-0933.NASL", "REDHAT-RHSA-2017-2760.NASL", "REDHAT-RHSA-2018-0470.NASL", "SL_20140211_KERNEL_ON_SL6_X.NASL", "SL_20140312_KERNEL_ON_SL5_X.NASL", "SL_20140610_KERNEL_ON_SL5_X.NASL", "SL_20140619_KERNEL_ON_SL6_X.NASL", "SL_20141209_KERNEL_ON_SL7_X.NASL", "SL_20150305_KERNEL_ON_SL7_X.NASL", "SL_20161004_KERNEL_ON_SL6_X.NASL", "SL_20161028_KERNEL_ON_SL5_X.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SL_20161115_KERNEL_ON_SL6_X.NASL", "SL_20170412_KERNEL_ON_SL7_X.NASL", "SUSE_11_KERNEL-140116.NASL", "SUSE_11_KERNEL-140124.NASL", "SUSE_11_KERNEL-140125.NASL", "SUSE_11_KERNEL-140513.NASL", "SUSE_11_KERNEL-140709.NASL", "SUSE_SU-2014-0287-1.NASL", "SUSE_SU-2014-0772-1.NASL", "SUSE_SU-2014-0773-1.NASL", "SUSE_SU-2014-0832-1.NASL", "SUSE_SU-2014-1138-1.NASL", "SUSE_SU-2015-0481-1.NASL", "SUSE_SU-2015-1324-1.NASL", "SUSE_SU-2015-1611-1.NASL", "SUSE_SU-2015-1678-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-1596-1.NASL", "SUSE_SU-2016-1672-1.NASL", "SUSE_SU-2016-1690-1.NASL", "SUSE_SU-2016-1696-1.NASL", "SUSE_SU-2016-1995-1.NASL", "SUSE_SU-2016-2002-1.NASL", "SUSE_SU-2016-2005-1.NASL", "SUSE_SU-2016-2006-1.NASL", "SUSE_SU-2016-2010-1.NASL", "SUSE_SU-2016-2014-1.NASL", "SUSE_SU-2016-2018-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-2105-1.NASL", "SUSE_SU-2016-2245-1.NASL", "SUSE_SU-2017-0181-1.NASL", "SUSE_SU-2017-0333-1.NASL", "SUSE_SU-2017-0437-1.NASL", "SUSE_SU-2017-0464-1.NASL", "SUSE_SU-2017-0471-1.NASL", "SUSE_SU-2017-0494-1.NASL", "SUSE_SU-2017-1853-1.NASL", "SUSE_SU-2017-2389-1.NASL", "SUSE_SU-2017-2525-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2017-3398-1.NASL", "SUSE_SU-2017-3410-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0660-1.NASL", "SUSE_SU-2018-0834-1.NASL", "SUSE_SU-2018-0848-1.NASL", "UBUNTU_USN-2070-1.NASL", "UBUNTU_USN-2075-1.NASL", "UBUNTU_USN-2109-1.NASL", "UBUNTU_USN-2111-1.NASL", "UBUNTU_USN-2112-1.NASL", "UBUNTU_USN-2113-1.NASL", "UBUNTU_USN-2114-1.NASL", "UBUNTU_USN-2117-1.NASL", "UBUNTU_USN-2128-1.NASL", "UBUNTU_USN-2129-1.NASL", "UBUNTU_USN-2135-1.NASL", "UBUNTU_USN-2136-1.NASL", "UBUNTU_USN-2138-1.NASL", "UBUNTU_USN-2158-1.NASL", "UBUNTU_USN-2219-1.NASL", "UBUNTU_USN-2220-1.NASL", "UBUNTU_USN-2221-1.NASL", "UBUNTU_USN-2223-1.NASL", "UBUNTU_USN-2224-1.NASL", "UBUNTU_USN-2225-1.NASL", "UBUNTU_USN-2226-1.NASL", "UBUNTU_USN-2228-1.NASL", "UBUNTU_USN-2260-1.NASL", "UBUNTU_USN-2631-1.NASL", "UBUNTU_USN-2662-1.NASL", "UBUNTU_USN-2663-1.NASL", "UBUNTU_USN-2664-1.NASL", "UBUNTU_USN-2666-1.NASL", "UBUNTU_USN-2680-1.NASL", "UBUNTU_USN-2681-1.NASL", "UBUNTU_USN-2682-1.NASL", "UBUNTU_USN-2683-1.NASL", "UBUNTU_USN-2684-1.NASL", "UBUNTU_USN-2685-1.NASL", "UBUNTU_USN-2965-1.NASL", "UBUNTU_USN-2965-2.NASL", "UBUNTU_USN-2965-3.NASL", "UBUNTU_USN-2965-4.NASL", "UBUNTU_USN-2968-1.NASL", "UBUNTU_USN-2968-2.NASL", "UBUNTU_USN-2970-1.NASL", "UBUNTU_USN-2971-1.NASL", "UBUNTU_USN-2971-2.NASL", "UBUNTU_USN-2971-3.NASL", "UBUNTU_USN-2996-1.NASL", "UBUNTU_USN-2998-1.NASL", "UBUNTU_USN-2999-1.NASL", "UBUNTU_USN-3000-1.NASL", "UBUNTU_USN-3001-1.NASL", "UBUNTU_USN-3002-1.NASL", "UBUNTU_USN-3003-1.NASL", "UBUNTU_USN-3004-1.NASL", "UBUNTU_USN-3005-1.NASL", "UBUNTU_USN-3006-1.NASL", "UBUNTU_USN-3007-1.NASL", "UBUNTU_USN-3008-1.NASL", "UBUNTU_USN-3070-1.NASL", "UBUNTU_USN-3070-2.NASL", "UBUNTU_USN-3070-3.NASL", "UBUNTU_USN-3070-4.NASL", "UBUNTU_USN-3071-1.NASL", "UBUNTU_USN-3071-2.NASL", "UBUNTU_USN-3072-1.NASL", "UBUNTU_USN-3168-1.NASL", "UBUNTU_USN-3168-2.NASL", "UBUNTU_USN-3169-1.NASL", "UBUNTU_USN-3169-2.NASL", "UBUNTU_USN-3169-3.NASL", "UBUNTU_USN-3169-4.NASL", "UBUNTU_USN-3170-1.NASL", "UBUNTU_USN-3170-2.NASL", "UBUNTU_USN-3328-1.NASL", "UBUNTU_USN-3329-1.NASL", "UBUNTU_USN-3330-1.NASL", "UBUNTU_USN-3331-1.NASL", "UBUNTU_USN-3332-1.NASL", "UBUNTU_USN-3334-1.NASL", "UBUNTU_USN-3344-1.NASL", "UBUNTU_USN-3344-2.NASL", "UBUNTU_USN-3404-1.NASL", "UBUNTU_USN-3404-2.NASL", "UBUNTU_USN-3406-1.NASL", "UBUNTU_USN-3583-1.NASL", "UBUNTU_USN-3617-1.NASL", "UBUNTU_USN-3617-2.NASL", "UBUNTU_USN-3617-3.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3754-1.NASL", "VIRTUOZZO_VZA-2016-104.NASL", "VIRTUOZZO_VZA-2017-029.NASL", "VIRTUOZZO_VZA-2018-017.NASL", "VIRTUOZZO_VZLSA-2017-0933.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120543", "OPENVAS:1361412562310123167", "OPENVAS:1361412562310123230", "OPENVAS:1361412562310123354", "OPENVAS:1361412562310123388", "OPENVAS:1361412562310123389", "OPENVAS:1361412562310123390", "OPENVAS:1361412562310123391", "OPENVAS:1361412562310123392", "OPENVAS:1361412562310123393", "OPENVAS:1361412562310123448", "OPENVAS:1361412562310123451", "OPENVAS:1361412562310123463", "OPENVAS:1361412562310123464", "OPENVAS:1361412562310123466", "OPENVAS:1361412562310123469", "OPENVAS:1361412562310130003", "OPENVAS:1361412562310130007", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310702906", "OPENVAS:1361412562310702926", "OPENVAS:1361412562310702928", "OPENVAS:1361412562310703290", "OPENVAS:1361412562310703313", "OPENVAS:1361412562310703329", "OPENVAS:1361412562310703607", "OPENVAS:1361412562310703616", "OPENVAS:1361412562310703886", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310807779", "OPENVAS:1361412562310808522", "OPENVAS:1361412562310808556", "OPENVAS:1361412562310808716", "OPENVAS:1361412562310808914", "OPENVAS:1361412562310841670", "OPENVAS:1361412562310841679", "OPENVAS:1361412562310841713", "OPENVAS:1361412562310841715", "OPENVAS:1361412562310841716", "OPENVAS:1361412562310841717", "OPENVAS:1361412562310841719", "OPENVAS:1361412562310841721", "OPENVAS:1361412562310841724", "OPENVAS:1361412562310841725", "OPENVAS:1361412562310841726", "OPENVAS:1361412562310841739", "OPENVAS:1361412562310841740", "OPENVAS:1361412562310841743", "OPENVAS:1361412562310841744", "OPENVAS:1361412562310841747", "OPENVAS:1361412562310841748", "OPENVAS:1361412562310841749", "OPENVAS:1361412562310841766", "OPENVAS:1361412562310841831", "OPENVAS:1361412562310841832", "OPENVAS:1361412562310841834", "OPENVAS:1361412562310841835", "OPENVAS:1361412562310841836", "OPENVAS:1361412562310841837", "OPENVAS:1361412562310841838", "OPENVAS:1361412562310841839", "OPENVAS:1361412562310841840", "OPENVAS:1361412562310841870", "OPENVAS:1361412562310842234", "OPENVAS:1361412562310842241", "OPENVAS:1361412562310842269", "OPENVAS:1361412562310842270", "OPENVAS:1361412562310842271", "OPENVAS:1361412562310842275", "OPENVAS:1361412562310842379", "OPENVAS:1361412562310842380", "OPENVAS:1361412562310842381", "OPENVAS:1361412562310842383", "OPENVAS:1361412562310842384", "OPENVAS:1361412562310842451", "OPENVAS:1361412562310842734", "OPENVAS:1361412562310842736", "OPENVAS:1361412562310842738", "OPENVAS:1361412562310842739", "OPENVAS:1361412562310842742", "OPENVAS:1361412562310842743", "OPENVAS:1361412562310842744", "OPENVAS:1361412562310842755", "OPENVAS:1361412562310842759", "OPENVAS:1361412562310842762", "OPENVAS:1361412562310842786", "OPENVAS:1361412562310842787", "OPENVAS:1361412562310842788", "OPENVAS:1361412562310842789", "OPENVAS:1361412562310842790", "OPENVAS:1361412562310842791", "OPENVAS:1361412562310842792", "OPENVAS:1361412562310842793", "OPENVAS:1361412562310842794", "OPENVAS:1361412562310842795", "OPENVAS:1361412562310842796", "OPENVAS:1361412562310842797", "OPENVAS:1361412562310842798", "OPENVAS:1361412562310842871", "OPENVAS:1361412562310842872", "OPENVAS:1361412562310842873", "OPENVAS:1361412562310842874", "OPENVAS:1361412562310842875", "OPENVAS:1361412562310842876", "OPENVAS:1361412562310842877", "OPENVAS:1361412562310842878", "OPENVAS:1361412562310843009", "OPENVAS:1361412562310843010", "OPENVAS:1361412562310843011", "OPENVAS:1361412562310843013", "OPENVAS:1361412562310843014", "OPENVAS:1361412562310843015", "OPENVAS:1361412562310843017", "OPENVAS:1361412562310843018", "OPENVAS:1361412562310843209", "OPENVAS:1361412562310843213", "OPENVAS:1361412562310843215", "OPENVAS:1361412562310843216", "OPENVAS:1361412562310843217", "OPENVAS:1361412562310843222", "OPENVAS:1361412562310843228", "OPENVAS:1361412562310843231", "OPENVAS:1361412562310843295", "OPENVAS:1361412562310843296", "OPENVAS:1361412562310843297", "OPENVAS:1361412562310843461", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843628", "OPENVAS:1361412562310850586", "OPENVAS:1361412562310850587", "OPENVAS:1361412562310850675", "OPENVAS:1361412562310850807", "OPENVAS:1361412562310850818", "OPENVAS:1361412562310850821", "OPENVAS:1361412562310850840", "OPENVAS:1361412562310850881", "OPENVAS:1361412562310850918", "OPENVAS:1361412562310850975", "OPENVAS:1361412562310851057", "OPENVAS:1361412562310851080", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851320", "OPENVAS:1361412562310851342", "OPENVAS:1361412562310851349", "OPENVAS:1361412562310851358", "OPENVAS:1361412562310851367", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851388", "OPENVAS:1361412562310851489", "OPENVAS:1361412562310851506", "OPENVAS:1361412562310851566", "OPENVAS:1361412562310851666", "OPENVAS:1361412562310851667", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310867119", "OPENVAS:1361412562310867183", "OPENVAS:1361412562310867240", "OPENVAS:1361412562310867242", "OPENVAS:1361412562310867387", "OPENVAS:1361412562310867520", "OPENVAS:1361412562310867546", "OPENVAS:1361412562310867580", "OPENVAS:1361412562310867651", "OPENVAS:1361412562310867682", "OPENVAS:1361412562310867774", "OPENVAS:1361412562310867811", "OPENVAS:1361412562310867820", "OPENVAS:1361412562310867852", "OPENVAS:1361412562310867857", "OPENVAS:1361412562310867886", "OPENVAS:1361412562310867905", "OPENVAS:1361412562310867911", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310867967", "OPENVAS:1361412562310867986", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310869476", "OPENVAS:1361412562310869608", "OPENVAS:1361412562310871125", "OPENVAS:1361412562310871139", "OPENVAS:1361412562310871180", "OPENVAS:1361412562310871192", "OPENVAS:1361412562310871193", "OPENVAS:1361412562310871329", "OPENVAS:1361412562310871668", "OPENVAS:1361412562310871677", "OPENVAS:1361412562310871708", "OPENVAS:1361412562310871717", "OPENVAS:1361412562310871796", "OPENVAS:1361412562310872131", "OPENVAS:1361412562310872137", "OPENVAS:1361412562310872147", "OPENVAS:1361412562310872696", "OPENVAS:1361412562310872700", "OPENVAS:1361412562310874044", "OPENVAS:1361412562310874045", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875128", "OPENVAS:1361412562310875170", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310875558", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875560", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310876038", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876089", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310881879", "OPENVAS:1361412562310881900", "OPENVAS:1361412562310881954", "OPENVAS:1361412562310881955", "OPENVAS:1361412562310882574", "OPENVAS:1361412562310882585", "OPENVAS:1361412562310882598", "OPENVAS:1361412562310882694", "OPENVAS:1361412562310891369", "OPENVAS:1361412562311220171071", "OPENVAS:1361412562311220171072", "OPENVAS:1361412562311220171122", "OPENVAS:1361412562311220171123", "OPENVAS:1361412562311220171291", "OPENVAS:1361412562311220171319", "OPENVAS:1361412562311220181031", "OPENVAS:1361412562311220181234", "OPENVAS:1361412562311220191473", "OPENVAS:1361412562311220191475", "OPENVAS:1361412562311220191477", "OPENVAS:1361412562311220191479", "OPENVAS:1361412562311220191483", "OPENVAS:1361412562311220191487", "OPENVAS:1361412562311220191492", "OPENVAS:1361412562311220191494", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191501", "OPENVAS:1361412562311220191504", "OPENVAS:1361412562311220191508", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192599", "OPENVAS:702906", "OPENVAS:702926", "OPENVAS:702928", "OPENVAS:703290", "OPENVAS:703313", "OPENVAS:703329", "OPENVAS:703607", "OPENVAS:703616", "OPENVAS:703886", "OPENVAS:841670", "OPENVAS:841679", "OPENVAS:841713", "OPENVAS:841715", "OPENVAS:841716", "OPENVAS:841717", "OPENVAS:841719", "OPENVAS:841721", "OPENVAS:841724", "OPENVAS:841725", "OPENVAS:841726", "OPENVAS:841739", "OPENVAS:841740", "OPENVAS:841743", "OPENVAS:841744", "OPENVAS:841747", "OPENVAS:841748", "OPENVAS:841749", "OPENVAS:841766", "OPENVAS:867119", "OPENVAS:867183", "OPENVAS:867240", "OPENVAS:867242", "OPENVAS:867387", "OPENVAS:867520", "OPENVAS:867546", "OPENVAS:867580", "OPENVAS:867651", "OPENVAS:867682", "OPENVAS:867774", "OPENVAS:871125", "OPENVAS:871139", "OPENVAS:881879", "OPENVAS:881900"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0159", "ELSA-2014-0285", "ELSA-2014-0285-1", "ELSA-2014-0740", "ELSA-2014-0740-1", "ELSA-2014-0771", "ELSA-2014-0786", "ELSA-2014-0981", "ELSA-2014-1971", "ELSA-2014-3009", "ELSA-2014-3010", "ELSA-2014-3011", "ELSA-2014-3041", "ELSA-2014-3042", "ELSA-2014-3043", "ELSA-2015-0290", "ELSA-2016-2006", "ELSA-2016-2124", "ELSA-2016-2124-1", "ELSA-2016-2574", "ELSA-2016-2766", "ELSA-2016-3623", "ELSA-2016-3624", "ELSA-2016-3625", "ELSA-2016-3635", "ELSA-2016-3636", "ELSA-2016-3644", "ELSA-2016-3646", "ELSA-2017-0933", "ELSA-2017-0933-1", "ELSA-2017-3508", "ELSA-2017-3509", "ELSA-2017-3510", "ELSA-2017-3533", "ELSA-2017-3534", "ELSA-2017-3535", "ELSA-2017-3567", "ELSA-2017-3590", "ELSA-2017-3597", "ELSA-2017-3658", "ELSA-2018-4084", "ELSA-2018-4114", "ELSA-2018-4193", "ELSA-2018-4304", "ELSA-2019-4644"]}, {"type": "osv", "idList": ["OSV:DLA-1369-1", "OSV:DLA-246-1", "OSV:DLA-246-2", "OSV:DLA-516-1", "OSV:DLA-609-1", "OSV:DLA-772-1", "OSV:DLA-993-1", "OSV:DSA-2906-1", "OSV:DSA-2926-1", "OSV:DSA-2928-1", "OSV:DSA-3290-1", "OSV:DSA-3313-1", "OSV:DSA-3329-1", "OSV:DSA-3607-1", "OSV:DSA-3616-1", "OSV:DSA-3886-1", "OSV:DSA-3886-2", "OSV:DSA-4187-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:136144", "PACKETSTORM:142487", "PACKETSTORM:156053"]}, {"type": "photon", "idList": ["PHSA-2017-0018", "PHSA-2017-0044", "PHSA-2018-0015", "PHSA-2018-0031", "PHSA-2019-0015", "PHSA-2019-3.0-0015"]}, {"type": "redhat", "idList": ["RHSA-2014:0100", "RHSA-2014:0159", "RHSA-2014:0285", "RHSA-2014:0557", "RHSA-2014:0740", "RHSA-2014:0771", "RHSA-2014:0772", "RHSA-2014:0786", "RHSA-2014:0800", "RHSA-2014:0801", "RHSA-2014:0815", "RHSA-2014:0900", "RHSA-2014:1971", "RHSA-2015:0290", "RHSA-2015:0694", "RHSA-2016:2006", "RHSA-2016:2124", "RHSA-2016:2574", "RHSA-2016:2584", "RHSA-2016:2766", "RHSA-2017:0931", "RHSA-2017:0932", "RHSA-2017:0933", "RHSA-2017:2760", "RHSA-2018:0470", "RHSA-2018:1252"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-1583", "RH:CVE-2016-2064", "RH:CVE-2016-5829", "RH:CVE-2016-9793", "RH:CVE-2017-16645", "RH:CVE-2017-7487", "RH:CVE-2017-9986", "RH:CVE-2018-5333", "RH:CVE-2019-9857"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30130", "SECURITYVULNS:DOC:30152", "SECURITYVULNS:DOC:30233", "SECURITYVULNS:DOC:30721", "SECURITYVULNS:DOC:30730", "SECURITYVULNS:DOC:30757", "SECURITYVULNS:DOC:32205", "SECURITYVULNS:DOC:32230", "SECURITYVULNS:DOC:32314", "SECURITYVULNS:DOC:32350", "SECURITYVULNS:DOC:32352", "SECURITYVULNS:VULN:13438", "SECURITYVULNS:VULN:13475", "SECURITYVULNS:VULN:13706", "SECURITYVULNS:VULN:14531", "SECURITYVULNS:VULN:14579"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0677-1", "OPENSUSE-SU-2014:0678-1", "OPENSUSE-SU-2015:0566-1", "OPENSUSE-SU-2015:1382-1", "OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:1382-1", "OPENSUSE-SU-2016:1641-1", "OPENSUSE-SU-2016:1798-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:2184-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2017:0456-1", "OPENSUSE-SU-2017:0458-1", "OPENSUSE-SU-2017:1513-1", "OPENSUSE-SU-2017:3358-1", "OPENSUSE-SU-2017:3359-1", "OPENSUSE-SU-2018:0408-1", "SUSE-SU-2014:0667-1", "SUSE-SU-2014:0683-1", "SUSE-SU-2014:0696-1", "SUSE-SU-2014:0807-1", "SUSE-SU-2014:0908-1", "SUSE-SU-2014:0909-1", "SUSE-SU-2014:0910-1", "SUSE-SU-2014:0911-1", "SUSE-SU-2014:0912-1", "SUSE-SU-2014:1138-1", "SUSE-SU-2015:0481-1", "SUSE-SU-2015:1324-1", "SUSE-SU-2015:1592-1", "SUSE-SU-2015:1611-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1596-1", "SUSE-SU-2016:1672-1", "SUSE-SU-2016:1690-1", "SUSE-SU-2016:1696-1", "SUSE-SU-2016:1707-1", "SUSE-SU-2016:1764-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:1961-1", "SUSE-SU-2016:1985-1", "SUSE-SU-2016:1994-1", "SUSE-SU-2016:1995-1", "SUSE-SU-2016:2000-1", "SUSE-SU-2016:2002-1", "SUSE-SU-2016:2005-1", "SUSE-SU-2016:2006-1", "SUSE-SU-2016:2007-1", "SUSE-SU-2016:2009-1", "SUSE-SU-2016:2010-1", "SUSE-SU-2016:2014-1", "SUSE-SU-2016:2018-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:2105-1", "SUSE-SU-2016:2174-1", "SUSE-SU-2016:2175-1", "SUSE-SU-2016:2177-1", "SUSE-SU-2016:2178-1", "SUSE-SU-2016:2179-1", "SUSE-SU-2016:2180-1", "SUSE-SU-2016:2181-1", "SUSE-SU-2016:2245-1", "SUSE-SU-2017:0181-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2017:0407-1", "SUSE-SU-2017:0437-1", "SUSE-SU-2017:0464-1", "SUSE-SU-2017:0471-1", "SUSE-SU-2017:0494-1", "SUSE-SU-2017:1102-1", "SUSE-SU-2017:1853-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2342-1", "SUSE-SU-2017:2389-1", "SUSE-SU-2017:2525-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2017:3398-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0383-1", "SUSE-SU-2018:0416-1", "SUSE-SU-2018:0482-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0660-1", "SUSE-SU-2018:0834-1", "SUSE-SU-2018:0841-1", "SUSE-SU-2018:0848-1", "SUSE-SU-2018:0986-1"]}, {"type": "ubuntu", "idList": ["USN-2070-1", "USN-2075-1", "USN-2109-1", "USN-2110-1", "USN-2111-1", "USN-2112-1", "USN-2113-1", "USN-2114-1", "USN-2115-1", "USN-2116-1", "USN-2117-1", "USN-2128-1", "USN-2129-1", "USN-2135-1", "USN-2136-1", "USN-2138-1", "USN-2139-1", "USN-2141-1", "USN-2158-1", "USN-2219-1", "USN-2220-1", "USN-2221-1", "USN-2223-1", "USN-2224-1", "USN-2225-1", "USN-2226-1", "USN-2227-1", "USN-2228-1", "USN-2260-1", "USN-2631-1", "USN-2632-1", "USN-2662-1", "USN-2663-1", "USN-2664-1", "USN-2666-1", "USN-2680-1", "USN-2681-1", "USN-2682-1", "USN-2683-1", "USN-2684-1", "USN-2685-1", "USN-2965-1", "USN-2965-2", "USN-2965-3", "USN-2965-4", "USN-2968-1", "USN-2968-2", "USN-2970-1", "USN-2971-1", "USN-2971-2", "USN-2971-3", "USN-2996-1", "USN-2997-1", "USN-2998-1", "USN-2999-1", "USN-3000-1", "USN-3001-1", "USN-3002-1", "USN-3003-1", "USN-3004-1", "USN-3005-1", "USN-3006-1", "USN-3007-1", "USN-3008-1", "USN-3070-1", "USN-3070-2", "USN-3070-3", "USN-3070-4", "USN-3071-1", "USN-3071-2", "USN-3072-1", "USN-3072-2", "USN-3168-1", "USN-3168-2", "USN-3169-1", "USN-3169-2", "USN-3169-3", "USN-3169-4", "USN-3170-1", "USN-3170-2", "USN-3344-1", "USN-3344-2", "USN-3404-1", "USN-3404-2", "USN-3406-1", "USN-3406-2", "USN-3583-1", "USN-3583-2", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3632-1", "USN-3754-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-2929", "UB:CVE-2013-6382", "UB:CVE-2013-7271", "UB:CVE-2013-7348", "UB:CVE-2014-1737", "UB:CVE-2014-1738", "UB:CVE-2014-8172", "UB:CVE-2015-4167", "UB:CVE-2015-4177", "UB:CVE-2015-4692", "UB:CVE-2016-1583", "UB:CVE-2016-2064", "UB:CVE-2016-3140", "UB:CVE-2016-5829", "UB:CVE-2016-7912", "UB:CVE-2016-9793", "UB:CVE-2017-16645", "UB:CVE-2017-7487", "UB:CVE-2017-9986", "UB:CVE-2018-5333", "UB:CVE-2019-9857"]}, {"type": "veracode", "idList": ["VERACODE:15670"]}, {"type": "virtuozzo", "idList": ["VZA-2016-104", "VZA-2017-029", "VZA-2018-016", "VZA-2018-017"]}, {"type": "zdt", "idList": ["1337DAY-ID-25603", "1337DAY-ID-25872", "1337DAY-ID-27764", "1337DAY-ID-33849"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2013-258", "ALAS-2017-782"]}, {"type": "android", "idList": ["ANDROID:CVE-2016-7912"]}, {"type": "androidsecurity", "idList": ["ANDROID:2017-09-01"]}, {"type": "centos", "idList": ["CESA-2017:0933"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:10916BBD941416F67134F1200DE97709", "CFOUNDRY:5EEA2226D4FCA4D50B918305E55569E8", "CFOUNDRY:CAC337307F043175ACEEE3B0FD0416FF"]}, {"type": "cve", "idList": ["CVE-2013-2929", "CVE-2013-6382", "CVE-2013-7271", "CVE-2013-7348", "CVE-2016-1583", "CVE-2016-5829", "CVE-2017-7487", "CVE-2018-5333"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-993-1:71AF5", "DEBIAN:DSA-3616-1:8F5D7", "DEBIAN:DSA-3886-1:F6458", "DEBIAN:DSA-4187-1:481CA"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-2929", "DEBIANCVE:CVE-2013-6382", "DEBIANCVE:CVE-2013-7271", "DEBIANCVE:CVE-2013-7348", "DEBIANCVE:CVE-2014-1737", "DEBIANCVE:CVE-2014-1738", "DEBIANCVE:CVE-2014-8172", "DEBIANCVE:CVE-2015-4167", "DEBIANCVE:CVE-2015-4177", "DEBIANCVE:CVE-2015-4692", "DEBIANCVE:CVE-2016-1583", "DEBIANCVE:CVE-2016-3140", "DEBIANCVE:CVE-2016-5829", "DEBIANCVE:CVE-2016-7912", "DEBIANCVE:CVE-2016-9793", "DEBIANCVE:CVE-2017-16645", "DEBIANCVE:CVE-2017-7487", "DEBIANCVE:CVE-2017-9986", "DEBIANCVE:CVE-2018-5333", "DEBIANCVE:CVE-2019-9857"]}, {"type": "exploitdb", "idList": ["EDB-ID:41995", "EDB-ID:47957"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:7AD8D8301E32D30D80BF379536ECB19B"]}, {"type": "f5", "idList": ["SOL17121"]}, {"type": "fedora", "idList": ["FEDORA:01C936061569", "FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:1C7E86049D49", "FEDORA:229FE60419B9", "FEDORA:25BDD6190ECF", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:2E40E608A4A7", "FEDORA:3266960F0E44", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:49E0B60427EC", "FEDORA:4CF35608BFEA", "FEDORA:506B2608A4A8", "FEDORA:578BF6049496", "FEDORA:5D742610B071", "FEDORA:648496077DD1", "FEDORA:6B6B360567FC", "FEDORA:6DBD2608A4A4", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:87BD56087904", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:9D83A60EFF4F", "FEDORA:AB52460321C9", "FEDORA:B26386079247", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:B83986079D12", "FEDORA:BBFE360460D0", "FEDORA:BFDA5602F059", "FEDORA:D33DD608BFFE", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E6F08605DCE7", "FEDORA:E878E60F237D"]}, {"type": "fortinet", "idList": ["FG-IR-16-052"]}, {"type": "ibm", "idList": ["DCF0785A8E04DB6808EC923041C1F99827C730DBA6770E63D5DA25D354F764EE"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/RDS_ATOMIC_FREE_OP_NULL_POINTER_DEREF_PRIV_ESC"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2017-0933.NASL", "DEBIAN_DSA-2906.NASL", "DEBIAN_DSA-3616.NASL", "FEDORA_2016-73A733F4D9.NASL", "FEDORA_2017-466D902289.NASL", "FEDORA_2017-E75602D3ED.NASL", "OPENSUSE-2017-666.NASL", "ORACLELINUX_ELSA-2017-0933-1.NASL", "ORACLELINUX_ELSA-2017-0933.NASL", "ORACLELINUX_ELSA-2019-4644.NASL", "REDHAT-RHSA-2014-0900.NASL", "REDHAT-RHSA-2017-0931.NASL", "REDHAT-RHSA-2017-0932.NASL", "REDHAT-RHSA-2017-0933.NASL", "SL_20170412_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2016-1596-1.NASL", "UBUNTU_USN-2999-1.NASL", "UBUNTU_USN-3008-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120543", "OPENVAS:1361412562310842755", "OPENVAS:1361412562310842789", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310871717", "OPENVAS:1361412562310872131", "OPENVAS:1361412562310872137", "OPENVAS:1361412562310872147", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310876943", "OPENVAS:1361412562311220171319", "OPENVAS:1361412562311220181234", "OPENVAS:1361412562311220191512", "OPENVAS:841715", "OPENVAS:841744"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0933", "ELSA-2017-0933-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:142487", "PACKETSTORM:156053"]}, {"type": "photon", "idList": ["PHSA-2017-0018", "PHSA-2017-0044", "PHSA-2019-3.0-0015"]}, {"type": "redhat", "idList": ["RHSA-2014:0100", "RHSA-2017:0931", "RHSA-2017:0932"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9793", "RH:CVE-2017-7487", "RH:CVE-2017-9986"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30757"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:1513-1", "SUSE-SU-2016:1596-1", "SUSE-SU-2018:0841-1"]}, {"type": "ubuntu", "idList": ["USN-2070-1", "USN-2116-1", "USN-2631-1", "USN-2632-1", "USN-2662-1", "USN-2663-1", "USN-2664-1", "USN-2666-1", "USN-2968-1", "USN-2968-2", "USN-2970-1", "USN-2971-1", "USN-2971-2", "USN-2971-3", "USN-3168-1", "USN-3169-2", "USN-3169-4", "USN-3170-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-4177", "UB:CVE-2019-9857"]}, {"type": "virtuozzo", "idList": ["VZA-2017-029", "VZA-2018-016", "VZA-2018-017"]}, {"type": "zdt", "idList": ["1337DAY-ID-25603", "1337DAY-ID-27764"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2015-4692", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-4177", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2016-9793", "epss": "0.000450000", "percentile": "0.124350000", "modified": "2023-03-15"}, {"cve": "CVE-2018-5333", "epss": "0.000640000", "percentile": "0.261620000", "modified": "2023-03-15"}, {"cve": "CVE-2014-1737", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2013-2929", "epss": "0.000720000", "percentile": "0.294060000", "modified": "2023-03-15"}, {"cve": "CVE-2013-7348", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2014-1738", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2019-9857", "epss": "0.000450000", "percentile": "0.122320000", "modified": "2023-03-15"}, {"cve": "CVE-2016-1583", "epss": "0.000510000", "percentile": "0.176190000", "modified": "2023-03-15"}, {"cve": "CVE-2013-6382", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2016-2064", "epss": "0.001250000", "percentile": "0.453160000", "modified": "2023-03-15"}, {"cve": "CVE-2016-5829", "epss": "0.000440000", "percentile": "0.082980000", "modified": "2023-03-15"}, {"cve": "CVE-2017-9986", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2016-3140", "epss": "0.003370000", "percentile": "0.667400000", "modified": "2023-03-15"}, {"cve": "CVE-2013-7271", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2016-7912", "epss": "0.000820000", "percentile": "0.332050000", "modified": "2023-03-15"}, {"cve": "CVE-2017-7487", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2014-8172", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2015-4167", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2017-16645", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1678957314, "score": 1683999172, "epss": 1678957426}, "_internal": {"score_hash": "ef3270a01d02f235c5b16a93716150cb"}, "pluginID": "1361412562311220191535", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1535\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-2929\", \"CVE-2013-6382\", \"CVE-2013-7271\", \"CVE-2013-7348\", \"CVE-2014-1738\", \"CVE-2014-8172\", \"CVE-2015-4167\", \"CVE-2015-4177\", \"CVE-2015-4692\", \"CVE-2016-1583\", \"CVE-2016-2064\", \"CVE-2016-3140\", \"CVE-2016-5829\", \"CVE-2016-7912\", \"CVE-2016-9793\", \"CVE-2017-16645\", \"CVE-2017-7487\", \"CVE-2017-9986\", \"CVE-2018-5333\", \"CVE-2019-9857\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:07:51 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1535)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1535\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1535\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1535 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel, through 4.13.11, allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.(CVE-2017-16645)\n\nIt was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-8172)\n\nA flaw was discovered in the kernel's collect_mounts function. If the kernel's audit subsystem called collect_mounts to audit an unmounted path, it could panic the system. With this flaw, an unprivileged user could call umount(MNT_DETACH) to launch a denial-of-service attack.(CVE-2015-4177)\n\nA flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.(CVE-2014-1738)\n\nA reference counter leak in Linux kernel in ipxitf_ioctl function was found which results in a use after free vulnerability that's triggerable from unprivileged userspace when IPX interface is configured.(CVE-2017-7487)\n\nThe x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.(CVE-2013-7271)\n\nAn inode data validation error was found in Linux kernels built with UDF file system (CONFIG_UDF_FS) support. An attacker able to mount a corrupted/malicious UDF file system image could cause the kernel to crash.(CVE-2015-4167)\n\nDouble free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other imp ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Huawei EulerOS Local Security Checks"}

{"nessus": [{"lastseen": "2021-08-19T12:22:55", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel, through 4.13.11, allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.(CVE-2017-16645i1/4%0\n\n - It was found that due to excessive files_lock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-8172i1/4%0\n\n - A flaw was discovered in the kernel's collect_mounts function. If the kernel's audit subsystem called collect_mounts to audit an unmounted path, it could panic the system. With this flaw, an unprivileged user could call umount(MNT_DETACH) to launch a denial-of-service attack.(CVE-2015-4177i1/4%0\n\n - A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.(CVE-2014-1738i1/4%0\n\n - A reference counter leak in Linux kernel in ipxitf_ioctl function was found which results in a use after free vulnerability that's triggerable from unprivileged userspace when IPX interface is configured.(CVE-2017-7487i1/4%0\n\n - The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.(CVE-2013-7271i1/4%0\n\n - An inode data validation error was found in Linux kernels built with UDF file system (CONFIG_UDF_FS) support. An attacker able to mount a corrupted/malicious UDF file system image could cause the kernel to crash.(CVE-2015-4167i1/4%0\n\n - Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via vectors involving an error condition in the aio_setup_ring function.(CVE-2013-7348i1/4%0\n\n - A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative.\n This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption.(CVE-2016-9793i1/4%0\n\n - Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2016-7912i1/4%0\n\n - A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information.(CVE-2013-2929i1/4%0\n\n - A DoS flaw was found for a Linux kernel built for the x86 architecture which had the KVM virtualization support(CONFIG_KVM) enabled. The kernel would be vulnerable to a NULL pointer dereference flaw in Linux kernel's kvm_apic_has_events() function while doing an ioctl. An unprivileged user able to access the '/dev/kvm' device could use this flaw to crash the system kernel.(CVE-2015-4692i1/4%0\n\n - The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a 'double fetch' vulnerability.(CVE-2017-9986i1/4%0\n\n - sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands.(CVE-2016-2064i1/4%0\n\n - The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-3140i1/4%0\n\n - In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.(CVE-2018-5333i1/4%0\n\n - Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.(CVE-2013-6382i1/4%0\n\n - In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.(CVE-2019-9857i1/4%0\n\n - It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.(CVE-2016-1583i1/4%0\n\n - A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system.(CVE-2016-5829i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1535)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2929", "CVE-2013-6382", "CVE-2013-7271", "CVE-2013-7348", "CVE-2014-1738", "CVE-2014-8172", "CVE-2015-4167", "CVE-2015-4177", "CVE-2015-4692", "CVE-2016-1583", "CVE-2016-2064", "CVE-2016-3140", "CVE-2016-5829", "CVE-2016-7912", "CVE-2016-9793", "CVE-2017-16645", "CVE-2017-7487", "CVE-2017-9986", "CVE-2018-5333", "CVE-2019-9857"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1535.NASL", "href": "https://www.tenable.com/plugins/nessus/124988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124988);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-2929\",\n \"CVE-2013-6382\",\n \"CVE-2013-7271\",\n \"CVE-2013-7348\",\n \"CVE-2014-1738\",\n \"CVE-2014-8172\",\n \"CVE-2015-4167\",\n \"CVE-2015-4177\",\n \"CVE-2015-4692\",\n \"CVE-2016-1583\",\n \"CVE-2016-2064\",\n \"CVE-2016-3140\",\n \"CVE-2016-5829\",\n \"CVE-2016-7912\",\n \"CVE-2016-9793\",\n \"CVE-2017-16645\",\n \"CVE-2017-7487\",\n \"CVE-2017-9986\",\n \"CVE-2018-5333\",\n \"CVE-2019-9857\"\n );\n script_bugtraq_id(\n 63889,\n 64111,\n 64746,\n 66544,\n 67302,\n 72994,\n 74963,\n 75142\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1535)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - The ims_pcu_get_cdc_union_desc function in\n drivers/input/misc/ims-pcu.c in the Linux kernel,\n through 4.13.11, allows local users to cause a denial\n of service (ims_pcu_parse_cdc_data out-of-bounds read\n and system crash) or possibly have unspecified other\n impact via a crafted USB device.(CVE-2017-16645i1/4%0\n\n - It was found that due to excessive files_lock locking,\n a soft lockup could be triggered in the Linux kernel\n when performing asynchronous I/O operations. A local,\n unprivileged user could use this flaw to crash the\n system.(CVE-2014-8172i1/4%0\n\n - A flaw was discovered in the kernel's collect_mounts\n function. If the kernel's audit subsystem called\n collect_mounts to audit an unmounted path, it could\n panic the system. With this flaw, an unprivileged user\n could call umount(MNT_DETACH) to launch a\n denial-of-service attack.(CVE-2015-4177i1/4%0\n\n - A flaw was found in the way the Linux kernel's floppy\n driver handled user space provided data in certain\n error code paths while processing FDRAWCMD IOCTL\n commands. A local user with write access to /dev/fdX\n could use this flaw to free (using the kfree()\n function) arbitrary kernel memory. (CVE-2014-1737,\n Important) was found that the Linux kernel's floppy\n driver leaked internal kernel memory addresses to user\n space during the processing of the FDRAWCMD IOCTL\n command. A local user with write access to /dev/fdX\n could use this flaw to obtain information about the\n kernel heap arrangement. (CVE-2014-1738, Low)Note: A\n local user with write access to /dev/fdX could use\n these two flaws (CVE-2014-1737 in combination with\n CVE-2014-1738) to escalate their privileges on the\n system.(CVE-2014-1738i1/4%0\n\n - A reference counter leak in Linux kernel in\n ipxitf_ioctl function was found which results in a use\n after free vulnerability that's triggerable from\n unprivileged userspace when IPX interface is\n configured.(CVE-2017-7487i1/4%0\n\n - The x25_recvmsg function in net/x25/af_x25.c in the\n Linux kernel before 3.12.4 updates a certain length\n value without ensuring that an associated data\n structure has been initialized, which allows local\n users to obtain sensitive information from kernel\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\n system call.(CVE-2013-7271i1/4%0\n\n - An inode data validation error was found in Linux\n kernels built with UDF file system (CONFIG_UDF_FS)\n support. An attacker able to mount a\n corrupted/malicious UDF file system image could cause\n the kernel to crash.(CVE-2015-4167i1/4%0\n\n - Double free vulnerability in the ioctx_alloc function\n in fs/aio.c in the Linux kernel before 3.12.4 allows\n local users to cause a denial of service (system crash)\n or possibly have unspecified other impact via vectors\n involving an error condition in the aio_setup_ring\n function.(CVE-2013-7348i1/4%0\n\n - A flaw was found in the Linux kernel's implementation\n of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt()\n system call. Users with non-namespace CAP_NET_ADMIN are\n able to trigger this call and create a situation in\n which the sockets sendbuff data size could be negative.\n This could adversely affect memory allocations and\n create situations where the system could crash or cause\n memory corruption.(CVE-2016-9793i1/4%0\n\n - Use-after-free vulnerability in the\n ffs_user_copy_worker function in\n drivers/usb/gadget/function/f_fs.c in the Linux kernel\n before 4.5.3 allows local users to gain privileges by\n accessing an I/O data structure after a certain\n callback call. Due to the nature of the flaw, privilege\n escalation cannot be fully ruled out, although we\n believe it is unlikely.(CVE-2016-7912i1/4%0\n\n - A flaw was found in the way the get_dumpable() function\n return value was interpreted in the ptrace subsystem of\n the Linux kernel. When 'fs.suid_dumpable' was set to 2,\n a local, unprivileged local user could use this flaw to\n bypass intended ptrace restrictions and obtain\n potentially sensitive information.(CVE-2013-2929i1/4%0\n\n - A DoS flaw was found for a Linux kernel built for the\n x86 architecture which had the KVM virtualization\n support(CONFIG_KVM) enabled. The kernel would be\n vulnerable to a NULL pointer dereference flaw in Linux\n kernel's kvm_apic_has_events() function while doing an\n ioctl. An unprivileged user able to access the\n '/dev/kvm' device could use this flaw to crash the\n system kernel.(CVE-2015-4692i1/4%0\n\n - The intr function in sound/oss/msnd_pinnacle.c in the\n Linux kernel through 4.11.7 allows local users to cause\n a denial of service (over-boundary access) or possibly\n have unspecified other impact by changing the value of\n a message queue head pointer between two kernel reads\n of that value, aka a 'double fetch'\n vulnerability.(CVE-2017-9986i1/4%0\n\n - sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the\n MSM QDSP6 audio driver for the Linux kernel 3.x, as\n used in Qualcomm Innovation Center (QuIC) Android\n contributions for MSM devices and other products,\n allows attackers to cause a denial of service (buffer\n over-read) or possibly have unspecified other impact\n via a crafted application that makes an ioctl call\n specifying many commands.(CVE-2016-2064i1/4%0\n\n - The digi_port_init function in\n drivers/usb/serial/digi_acceleport.c in the Linux\n kernel before 4.5.1 allows physically proximate\n attackers to cause a denial of service (NULL pointer\n dereference and system crash) via a crafted endpoints\n value in a USB device descriptor.(CVE-2016-3140i1/4%0\n\n - In the Linux kernel through 4.14.13, the\n rds_cmsg_atomic function in net/rds/rdma.c mishandles\n cases where page pinning fails or an invalid address is\n supplied, leading to an rds_atomic_free_op NULL pointer\n dereference.(CVE-2018-5333i1/4%0\n\n - Multiple buffer underflows in the XFS implementation in\n the Linux kernel through 3.12.1 allow local users to\n cause a denial of service (memory corruption) or\n possibly have unspecified other impact by leveraging\n the CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2)\n XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted\n length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the\n xfs_compat_attrlist_by_handle function in\n fs/xfs/xfs_ioctl32.c.(CVE-2013-6382i1/4%0\n\n - In the Linux kernel through 5.0.2, the function\n inotify_update_existing_watch() in\n fs/notify/inotify/inotify_user.c neglects to call\n fsnotify_put_mark() with IN_MASK_CREATE after\n fsnotify_find_mark(), which will cause a memory leak\n (aka refcount leak). Finally, this will cause a denial\n of service.(CVE-2019-9857i1/4%0\n\n - It was found that stacking a file system over procfs in\n the Linux kernel could lead to a kernel stack overflow\n due to deep nesting, as demonstrated by mounting\n ecryptfs over procfs and creating a recursion by\n mapping /proc/environ. An unprivileged, local user\n could potentially use this flaw to escalate their\n privileges on the system.(CVE-2016-1583i1/4%0\n\n - A heap-based buffer overflow vulnerability was found in\n the Linux kernel's hiddev driver. This flaw could allow\n a local attacker to corrupt kernel memory, possible\n privilege escalation or crashing the\n system.(CVE-2016-5829i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1535\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5fa4244\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-19T14:26:50", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3041 advisory.\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (CVE-2014-1738)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2014-06-23T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-35.1.2.el6uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2014-3041.NASL", "href": "https://www.tenable.com/plugins/nessus/76184", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3041.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76184);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(67300, 67302);\n\n script_name(english:\"Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2014-3041)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2014-3041 advisory.\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly\n handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger\n kfree operations and gain privileges by leveraging write access to a /dev/fd device. (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not\n properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows\n local users to obtain sensitive information from kernel heap memory by leveraging write access to a\n /dev/fd device. (CVE-2014-1738)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-3041.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1737\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-35.1.2.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-35.1.2.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-3041');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-35.1.2.el6uek-0.4.3-4.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-35.1.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-35.1.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-35.1.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-35.1.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-35.1.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-35.1.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-35.1.2.el6uek / kernel-uek / kernel-uek-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:02", "description": "Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5.6 Long Life.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\nRed Hat would like to thank Matthew Daley for reporting these issues.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-11-17T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2014:0801)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5.6"], "id": "REDHAT-RHSA-2014-0801.NASL", "href": "https://www.tenable.com/plugins/nessus/79290", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0801. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79290);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\");\n script_xref(name:\"RHSA\", value:\"2014:0801\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:0801)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 5.6 Long Life.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\nRed Hat would like to thank Matthew Daley for reporting these issues.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1738\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5\\.6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.6\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0801\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", reference:\"kernel-doc-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-238.53.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-238.53.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:23", "description": "The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs.\n\nThe following security issues have been addressed :\n\nCVE-2013-6382: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\n(bnc#852553)\n\nCVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\nCVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643)\n\nCVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643)\n\nCVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798)\n\nCVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.\n(bnc#875798)\n\nAdditionally, the following non-security bugs have been fixed :\n\n - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968).\n\n - tcp: syncookies: reduce mss table to four values (bnc#833968).\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum #237) (bnc#874108).\n\n - tty: fix up atime/mtime mess, take three (bnc#797175).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0772-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6382", "CVE-2013-7263", "CVE-2013-7264", "CVE-2013-7265", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-bigsmp", "p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-kdump", "p-cpe:/a:novell:suse_linux:kernel-kdumppae", "p-cpe:/a:novell:suse_linux:kernel-smp", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vmi", "p-cpe:/a:novell:suse_linux:kernel-vmipae", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xenpae", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2014-0772-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83626", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:0772-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83626);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(63889, 64677, 64685, 64686, 67300, 67302);\n\n script_name(english:\"SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0772-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has\nbeen updated to fix various security issues and several bugs.\n\nThe following security issues have been addressed :\n\nCVE-2013-6382: Multiple buffer underflows in the XFS implementation in\nthe Linux kernel through 3.12.1 allow local users to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact\nby leveraging the CAP_SYS_ADMIN capability for a (1)\nXFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl\ncall with a crafted length value, related to the\nxfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the\nxfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\n(bnc#852553)\n\nCVE-2013-7263: The Linux kernel before 3.12.4 updates\ncertain length values before ensuring that associated data\nstructures have been initialized, which allows local users\nto obtain sensitive information from kernel stack memory via\na (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call,\nrelated to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\nnet/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\nCVE-2013-7264: The l2tp_ip_recvmsg function in\nnet/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates\na certain length value before ensuring that an associated\ndata structure has been initialized, which allows local\nusers to obtain sensitive information from kernel stack\nmemory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\nsystem call. (bnc#857643)\n\nCVE-2013-7265: The pn_recvmsg function in\nnet/phonet/datagram.c in the Linux kernel before 3.12.4\nupdates a certain length value before ensuring that an\nassociated data structure has been initialized, which allows\nlocal users to obtain sensitive information from kernel\nstack memory via a (1) recvfrom, (2) recvmmsg, or (3)\nrecvmsg system call. (bnc#857643)\n\nCVE-2014-1737: The raw_cmd_copyin function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly handle error conditions during processing\nof an FDRAWCMD ioctl call, which allows local users to\ntrigger kfree operations and gain privileges by leveraging\nwrite access to a /dev/fd device. (bnc#875798)\n\nCVE-2014-1738: The raw_cmd_copyout function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly restrict access to certain pointers during\nprocessing of an FDRAWCMD ioctl call, which allows local\nusers to obtain sensitive information from kernel heap\nmemory by leveraging write access to a /dev/fd device.\n(bnc#875798)\n\nAdditionally, the following non-security bugs have been fixed :\n\n - tcp: syncookies: reduce cookie lifetime to 128 seconds\n (bnc#833968).\n\n - tcp: syncookies: reduce mss table to four values\n (bnc#833968).\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum\n #237) (bnc#874108).\n\n - tty: fix up atime/mtime mess, take three (bnc#797175).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=00bbe32fc40478b12864bce2c72e300b\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7573fea8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/797175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/833968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/852553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/857643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/874108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/875798\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20140772-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a2ef7088\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kdumppae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vmipae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^4$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-bigsmp-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-kdumppae-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-vmi-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-vmipae-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xenpae-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-kdumppae-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.107.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:12:50", "description": "The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs.\n\nThe following security issues have been addressed :\n\nCVE-2013-6382: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\n(bnc#852553)\n\nCVE-2013-7263: The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\nCVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643)\n\nCVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. (bnc#857643)\n\nCVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798)\n\nCVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.\n(bnc#875798)\n\nAdditionally, the following non-security bugs have been fixed :\n\n - tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968).\n\n - tcp: syncookies: reduce mss table to four values (bnc#833968).\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum #237) (bnc#874108).\n\n - tty: fix up atime/mtime mess, take three (bnc#797175).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0773-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6382", "CVE-2013-7263", "CVE-2013-7264", "CVE-2013-7265", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-kdump", "p-cpe:/a:novell:suse_linux:kernel-smp", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2014-0773-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83627", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:0773-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83627);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-6382\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(63889, 64677, 64685, 64686, 67300, 67302);\n\n script_name(english:\"SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0773-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has\nbeen updated to fix various security issues and several bugs.\n\nThe following security issues have been addressed :\n\nCVE-2013-6382: Multiple buffer underflows in the XFS implementation in\nthe Linux kernel through 3.12.1 allow local users to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact\nby leveraging the CAP_SYS_ADMIN capability for a (1)\nXFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl\ncall with a crafted length value, related to the\nxfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the\nxfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\n(bnc#852553)\n\nCVE-2013-7263: The Linux kernel before 3.12.4 updates\ncertain length values before ensuring that associated data\nstructures have been initialized, which allows local users\nto obtain sensitive information from kernel stack memory via\na (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call,\nrelated to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\nnet/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\nCVE-2013-7264: The l2tp_ip_recvmsg function in\nnet/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates\na certain length value before ensuring that an associated\ndata structure has been initialized, which allows local\nusers to obtain sensitive information from kernel stack\nmemory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\nsystem call. (bnc#857643)\n\nCVE-2013-7265: The pn_recvmsg function in\nnet/phonet/datagram.c in the Linux kernel before 3.12.4\nupdates a certain length value before ensuring that an\nassociated data structure has been initialized, which allows\nlocal users to obtain sensitive information from kernel\nstack memory via a (1) recvfrom, (2) recvmmsg, or (3)\nrecvmsg system call. (bnc#857643)\n\nCVE-2014-1737: The raw_cmd_copyin function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly handle error conditions during processing\nof an FDRAWCMD ioctl call, which allows local users to\ntrigger kfree operations and gain privileges by leveraging\nwrite access to a /dev/fd device. (bnc#875798)\n\nCVE-2014-1738: The raw_cmd_copyout function in\ndrivers/block/floppy.c in the Linux kernel through 3.14.3\ndoes not properly restrict access to certain pointers during\nprocessing of an FDRAWCMD ioctl call, which allows local\nusers to obtain sensitive information from kernel heap\nmemory by leveraging write access to a /dev/fd device.\n(bnc#875798)\n\nAdditionally, the following non-security bugs have been fixed :\n\n - tcp: syncookies: reduce cookie lifetime to 128 seconds\n (bnc#833968).\n\n - tcp: syncookies: reduce mss table to four values\n (bnc#833968).\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum\n #237) (bnc#874108).\n\n - tty: fix up atime/mtime mess, take three (bnc#797175).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=92e5a7d9af3ca4f050703bcbf2268c9e\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8dcfc9e3\"\n );\n # http://download.suse.com/patch/finder/?keywords=a9f7b560616d678d5217f211234abdba\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d177dbf3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6382.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7263.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7264.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1737.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1738.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/797175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/833968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/852553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/857643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/874108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/875798\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20140773-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98cc8d90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x|x86_64\") audit(AUDIT_ARCH_NOT, \"s390x / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^4$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-source-2.6.16.60-0.107.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-syms-2.6.16.60-0.107.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:14", "description": "- A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n - It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n - A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\nThis update also fixes the following bugs :\n\n - A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately.\n A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value.\n\n - A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module.\n This update fixes the relevant code and ensures that the kernel handles this warning message correctly.\n\n - Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot.\n\n - A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur.\n\n - When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario.\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-06-12T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140610)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-pae", "p-cpe:/a:fermilab:scientific_linux:kernel-pae-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-pae-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-xen", "p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20140610_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/74489", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74489);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140610)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - A flaw was found in the way the Linux kernel's floppy\n driver handled user space provided data in certain error\n code paths while processing FDRAWCMD IOCTL commands. A\n local user with write access to /dev/fdX could use this\n flaw to free (using the kfree() function) arbitrary\n kernel memory. (CVE-2014-1737, Important)\n\n - It was found that the Linux kernel's floppy driver\n leaked internal kernel memory addresses to user space\n during the processing of the FDRAWCMD IOCTL command. A\n local user with write access to /dev/fdX could use this\n flaw to obtain information about the kernel heap\n arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n - A NULL pointer dereference flaw was found in the\n rds_ib_laddr_check() function in the Linux kernel's\n implementation of Reliable Datagram Sockets (RDS). A\n local, unprivileged user could use this flaw to crash\n the system. (CVE-2013-7339, Moderate)\n\nThis update also fixes the following bugs :\n\n - A bug in the futex system call could result in an\n overflow when passing a very large positive timeout. As\n a consequence, the FUTEX_WAIT operation did not work as\n intended and the system call was timing out immediately.\n A backported patch fixes this bug by limiting very large\n positive timeouts to the maximal supported value.\n\n - A new Linux Security Module (LSM) functionality related\n to the setrlimit hooks should produce a warning message\n when used by a third party module that could not cope\n with it. However, due to a programming error, the kernel\n could print this warning message when a process was\n setting rlimits for a different process, or if rlimits\n were modified by another than the main thread even\n though there was no incompatible third party module.\n This update fixes the relevant code and ensures that the\n kernel handles this warning message correctly.\n\n - Previously, the kernel was unable to detect KVM on\n system boot if the Hyper-V emulation was enabled. A\n patch has been applied to ensure that both KVM and\n Hyper-V hypervisors are now correctly detected during\n system boot.\n\n - A function in the RPC code responsible for verifying\n whether cached credentials match the current process did\n not perform the check correctly. The code checked only\n whether the groups in the current process credentials\n appear in the same order as in the cached credentials\n but did not ensure that no other groups are present in\n the cached credentials. As a consequence, when accessing\n files in NFS mounts, a process with the same UID and GID\n as the original process but with a non-matching group\n list could have been granted an unauthorized access to a\n file, or under certain circumstances, the process could\n have been wrongly prevented from accessing the file. The\n incorrect test condition has been fixed and the problem\n can no longer occur.\n\n - When being under heavy load, some Fibre Channel storage\n devices, such as Hitachi and HP Open-V series, can send\n a logout (LOGO) message to the host system. However, due\n to a bug in the lpfc driver, this could result in a loss\n of active paths to the storage and the paths could not\n be recovered without manual intervention. This update\n corrects the lpfc driver to ensure automatic recovery of\n the lost paths to the storage in this scenario.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1406&L=scientific-linux-errata&T=0&P=1720\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1277e16a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-debuginfo-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-debuginfo-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-common-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-debuginfo-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-371.9.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:51", "description": "Updated kernel packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important)\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\nRed Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153.\n\nThis update also fixes the following bug :\n\n* A previous change that introduced global clock updates caused guest machines to boot slowly when the host Time Stamp Counter (TSC) was marked as unstable. The slow down increased with the number of vCPUs allocated. To resolve this problem, a patch has been applied to limit the rate of the global clock updates. (BZ#1102253)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2014:0900)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.4"], "id": "REDHAT-RHSA-2014-0900.NASL", "href": "https://www.tenable.com/plugins/nessus/79035", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0900. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79035);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-3153\");\n script_xref(name:\"RHSA\", value:\"2014:0900\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0900)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated kernel packages that fix three security issues and one bug are\nnow available for Red Hat Enterprise Linux 6.4 Extended Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem\nhandled the requeuing of certain Priority Inheritance (PI) futexes. A\nlocal, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-3153, Important)\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\nRed Hat would like to thank Kees Cook of Google for reporting\nCVE-2014-3153, and Matthew Daley for reporting CVE-2014-1737 and\nCVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter\nof CVE-2014-3153.\n\nThis update also fixes the following bug :\n\n* A previous change that introduced global clock updates caused guest\nmachines to boot slowly when the host Time Stamp Counter (TSC) was\nmarked as unstable. The slow down increased with the number of vCPUs\nallocated. To resolve this problem, a patch has been applied to limit\nthe rate of the global clock updates. (BZ#1102253)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2014:0900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2014-1737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2014-1738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2014-3153\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3153\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Towelroot Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-3153\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2014:0900\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0900\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.46.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:33", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-06-12T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2014:0740)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2014-0740.NASL", "href": "https://www.tenable.com/plugins/nessus/74471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0740 and \n# CentOS Errata and Security Advisory 2014:0740 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74471);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(66351, 67300, 67302);\n script_xref(name:\"RHSA\", value:\"2014:0740\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2014:0740)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737\nand CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when\npassing a very large positive timeout. As a consequence, the\nFUTEX_WAIT operation did not work as intended and the system call was\ntiming out immediately. A backported patch fixes this bug by limiting\nvery large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the\nsetrlimit hooks should produce a warning message when used by a third\nparty module that could not cope with it. However, due to a\nprogramming error, the kernel could print this warning message when a\nprocess was setting rlimits for a different process, or if rlimits\nwere modified by another than the main thread even though there was no\nincompatible third party module. This update fixes the relevant code\nand ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if\nthe Hyper-V emulation was enabled. A patch has been applied to ensure\nthat both KVM and Hyper-V hypervisors are now correctly detected\nduring system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached\ncredentials match the current process did not perform the check\ncorrectly. The code checked only whether the groups in the current\nprocess credentials appear in the same order as in the cached\ncredentials but did not ensure that no other groups are present in the\ncached credentials. As a consequence, when accessing files in NFS\nmounts, a process with the same UID and GID as the original process\nbut with a non-matching group list could have been granted an\nunauthorized access to a file, or under certain circumstances, the\nprocess could have been wrongly prevented from accessing the file. The\nincorrect test condition has been fixed and the problem can no longer\noccur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices,\nsuch as Hitachi and HP Open-V series, can send a logout (LOGO) message\nto the host system. However, due to a bug in the lpfc driver, this\ncould result in a loss of active paths to the storage and the paths\ncould not be recovered without manual intervention. This update\ncorrects the lpfc driver to ensure automatic recovery of the lost\npaths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-June/020363.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84e9c7b7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1737\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-371.9.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:14", "description": "From Red Hat Security Advisory 2014:0740 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2014-0740-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-0740-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74505", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0740 and \n# Oracle Linux Security Advisory ELSA-2014-0740-1 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74505);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(66351, 67300, 67302);\n script_xref(name:\"RHSA\", value:\"2014:0740\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2014-0740-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0740 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737\nand CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when\npassing a very large positive timeout. As a consequence, the\nFUTEX_WAIT operation did not work as intended and the system call was\ntiming out immediately. A backported patch fixes this bug by limiting\nvery large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the\nsetrlimit hooks should produce a warning message when used by a third\nparty module that could not cope with it. However, due to a\nprogramming error, the kernel could print this warning message when a\nprocess was setting rlimits for a different process, or if rlimits\nwere modified by another than the main thread even though there was no\nincompatible third party module. This update fixes the relevant code\nand ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if\nthe Hyper-V emulation was enabled. A patch has been applied to ensure\nthat both KVM and Hyper-V hypervisors are now correctly detected\nduring system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached\ncredentials match the current process did not perform the check\ncorrectly. The code checked only whether the groups in the current\nprocess credentials appear in the same order as in the cached\ncredentials but did not ensure that no other groups are present in the\ncached credentials. As a consequence, when accessing files in NFS\nmounts, a process with the same UID and GID as the original process\nbut with a non-matching group list could have been granted an\nunauthorized access to a file, or under certain circumstances, the\nprocess could have been wrongly prevented from accessing the file. The\nincorrect test condition has been fixed and the problem can no longer\noccur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices,\nsuch as Hitachi and HP Open-V series, can send a logout (LOGO) message\nto the host system. However, due to a bug in the lpfc driver, this\ncould result in a loss of active paths to the storage and the paths\ncould not be recovered without manual intervention. This update\ncorrects the lpfc driver to ensure automatic recovery of the lost\npaths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-June/004195.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-371.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-371.9.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:41", "description": "Updated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important)\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\nRed Hat would like to thank Kees Cook of Google for reporting CVE-2014-3153, and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of CVE-2014-3153.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2014:0800)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-3153"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6.2"], "id": "REDHAT-RHSA-2014-0800.NASL", "href": "https://www.tenable.com/plugins/nessus/79032", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0800. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79032);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-3153\");\n script_xref(name:\"RHSA\", value:\"2014:0800\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/15\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0800)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated kernel packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 6.2 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem\nhandled the requeuing of certain Priority Inheritance (PI) futexes. A\nlocal, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-3153, Important)\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\nRed Hat would like to thank Kees Cook of Google for reporting\nCVE-2014-3153, and Matthew Daley for reporting CVE-2014-1737 and\nCVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter\nof CVE-2014-3153.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2014:0800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2014-1737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2014-1738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2014-3153\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3153\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Towelroot Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.2\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-3153\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2014:0800\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0800\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", reference:\"kernel-doc-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", reference:\"kernel-firmware-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"perf-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-220.52.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-220.52.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:32", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-06-11T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2014:0740)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2014-0740.NASL", "href": "https://www.tenable.com/plugins/nessus/74458", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0740. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74458);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(66351, 67300, 67302);\n script_xref(name:\"RHSA\", value:\"2014:0740\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:0740)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737\nand CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when\npassing a very large positive timeout. As a consequence, the\nFUTEX_WAIT operation did not work as intended and the system call was\ntiming out immediately. A backported patch fixes this bug by limiting\nvery large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the\nsetrlimit hooks should produce a warning message when used by a third\nparty module that could not cope with it. However, due to a\nprogramming error, the kernel could print this warning message when a\nprocess was setting rlimits for a different process, or if rlimits\nwere modified by another than the main thread even though there was no\nincompatible third party module. This update fixes the relevant code\nand ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if\nthe Hyper-V emulation was enabled. A patch has been applied to ensure\nthat both KVM and Hyper-V hypervisors are now correctly detected\nduring system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached\ncredentials match the current process did not perform the check\ncorrectly. The code checked only whether the groups in the current\nprocess credentials appear in the same order as in the cached\ncredentials but did not ensure that no other groups are present in the\ncached credentials. As a consequence, when accessing files in NFS\nmounts, a process with the same UID and GID as the original process\nbut with a non-matching group list could have been granted an\nunauthorized access to a file, or under certain circumstances, the\nprocess could have been wrongly prevented from accessing the file. The\nincorrect test condition has been fixed and the problem can no longer\noccur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices,\nsuch as Hitachi and HP Open-V series, can send a logout (LOGO) message\nto the host system. However, due to a bug in the lpfc driver, this\ncould result in a loss of active paths to the storage and the paths\ncould not be recovered without manual intervention. This update\ncorrects the lpfc driver to ensure automatic recovery of the lost\npaths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-7339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1738\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0740\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-371.9.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-371.9.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:52", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues :\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798).\n (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.\n (bnc#875798). (CVE-2014-1738)\n\n - The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the 'LECHO &amp; !OPOST' case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (bnc#875690).\n (CVE-2014-0196)", "cvss3": {}, "published": "2014-05-16T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0196", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default", "p-cpe:/a:novell:suse_linux:11:xen-kmp-pae", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-140513.NASL", "href": "https://www.tenable.com/plugins/nessus/74033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74033);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SuSE 11 host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix\nthe following severe security issues :\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in\n the Linux kernel through 3.14.3 does not properly handle\n error conditions during processing of an FDRAWCMD ioctl\n call, which allows local users to trigger kfree\n operations and gain privileges by leveraging write\n access to a /dev/fd device. (bnc#875798).\n (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c\n in the Linux kernel through 3.14.3 does not properly\n restrict access to certain pointers during processing of\n an FDRAWCMD ioctl call, which allows local users to\n obtain sensitive information from kernel heap memory by\n leveraging write access to a /dev/fd device.\n (bnc#875798). (CVE-2014-1738)\n\n - The n_tty_write function in drivers/tty/n_tty.c in the\n Linux kernel through 3.14.3 does not properly manage tty\n driver access in the 'LECHO &amp; !OPOST' case, which\n allows local users to cause a denial of service (memory\n corruption and system crash) or gain privileges by\n triggering a race condition involving read and write\n operations with long strings. (bnc#875690).\n (CVE-2014-0196)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=875690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=875798\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2014-0196.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2014-1737.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2014-1738.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply SAT patch number 9233 / 9236 / 9237 as appropriate.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-source-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-syms-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.29-0.7.24\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.4_02_3.0.101_0.29-0.7.24\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.29-0.7.24\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-source-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-syms-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.29-0.7.24\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.4_02_3.0.101_0.29-0.7.24\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.29-0.7.24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:51", "description": "Updated kernel packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 5.9 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled TCP packets with both the SYN and FIN flags set. A remote attacker could use this flaw to consume an excessive amount of resources on the target system, potentially resulting in a denial of service. (CVE-2012-6638, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* While under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096060)\n\n* A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value.\n(BZ#1091831)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2014:0772)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6638", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5.9"], "id": "REDHAT-RHSA-2014-0772.NASL", "href": "https://www.tenable.com/plugins/nessus/79031", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0772. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79031);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-6638\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_xref(name:\"RHSA\", value:\"2014:0772\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:0772)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and two bugs\nare now available for Red Hat Enterprise Linux 5.9 Extended Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled TCP packets with both the SYN and FIN flags\nset. A remote attacker could use this flaw to consume an excessive\namount of resources on the target system, potentially resulting in a\ndenial of service. (CVE-2012-6638, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737\nand CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* While under heavy load, some Fibre Channel storage devices, such as\nHitachi and HP Open-V series, can send a logout (LOGO) message to the\nhost system. However, due to a bug in the lpfc driver, this could\nresult in a loss of active paths to the storage and the paths could\nnot be recovered without manual intervention. This update corrects the\nlpfc driver to ensure automatic recovery of the lost paths to the\nstorage in this scenario. (BZ#1096060)\n\n* A bug in the futex system call could result in an overflow when\npassing a very large positive timeout. As a consequence, the\nFUTEX_WAIT operation did not work as intended and the system call was\ntiming out immediately. A backported patch fixes this bug by limiting\nvery large positive timeouts to the maximal supported value.\n(BZ#1091831)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1738\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5\\.9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.9\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0772\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", reference:\"kernel-doc-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-348.27.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-348.27.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:43", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to a denial of service or privilege escalation.\n\n - CVE-2014-1737 CVE-2014-1738 Matthew Daley discovered an information leak and missing input sanitising in the FDRAWCMD ioctl of the floppy driver. This could result in a privilege escalation.", "cvss3": {}, "published": "2014-05-16T00:00:00", "type": "nessus", "title": "Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0196", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2928.NASL", "href": "https://www.tenable.com/plugins/nessus/74027", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2928. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74027);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(67199, 67300, 67302);\n script_xref(name:\"DSA\", value:\"2928\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2014-0196\n Jiri Slaby discovered a race condition in the pty layer,\n which could lead to a denial of service or privilege\n escalation.\n\n - CVE-2014-1737 CVE-2014-1738\n Matthew Daley discovered an information leak and missing\n input sanitising in the FDRAWCMD ioctl of the floppy\n driver. This could result in a privilege escalation.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-0196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-1737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-1738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze/linux-2.6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2014/dsa-2928\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the oldstable distribution (squeeze), this problem has been fixed\nin version 2.6.32-48squeeze6.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update :\n\n Debian 6.0 (squeeze) \n user-mode-linux 2.6.32-1um-4+48squeeze6 \nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"firmware-linux-free\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-base\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-doc-2.6.32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-486\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-4kc-malta\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-5kc-malta\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-armel\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-i386\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-ia64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-mips\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-mipsel\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-powerpc\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-s390\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-sparc\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-openvz\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-vserver\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-xen\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-iop32x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-itanium\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-ixp4xx\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-kirkwood\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-mckinley\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-orion5x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-powerpc\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-powerpc-smp\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-powerpc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-r4k-ip22\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-r5k-cobalt\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-r5k-ip32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-s390x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sb1-bcm91250a\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sb1a-bcm91480b\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sparc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-sparc64-smp\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-versatile\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-itanium\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-mckinley\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-powerpc\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-powerpc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-s390x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-sparc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-486\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-4kc-malta\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-5kc-malta\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-iop32x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-itanium\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-ixp4xx\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-kirkwood\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-mckinley\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-orion5x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-powerpc\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-powerpc-smp\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-powerpc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-r4k-ip22\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-r5k-cobalt\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-r5k-ip32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-s390x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-s390x-tape\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sb1-bcm91250a\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sb1a-bcm91480b\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sparc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-sparc64-smp\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-versatile\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-itanium\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-mckinley\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-powerpc\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-powerpc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-s390x\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-sparc64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64-dbg\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-libc-dev\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-manual-2.6.32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-patch-debian-2.6.32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-source-2.6.32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-support-2.6.32-5\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-tools-2.6.32\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:33", "description": "From Red Hat Security Advisory 2014:0740 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessing files in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2014-06-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2014-0740)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-0740.NASL", "href": "https://www.tenable.com/plugins/nessus/74482", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0740 and \n# Oracle Linux Security Advisory ELSA-2014-0740 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74482);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_bugtraq_id(66351, 67300, 67302);\n script_xref(name:\"RHSA\", value:\"2014:0740\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2014-0740)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0740 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's floppy driver handled\nuser space provided data in certain error code paths while processing\nFDRAWCMD IOCTL commands. A local user with write access to /dev/fdX\ncould use this flaw to free (using the kfree() function) arbitrary\nkernel memory. (CVE-2014-1737, Important)\n\n* It was found that the Linux kernel's floppy driver leaked internal\nkernel memory addresses to user space during the processing of the\nFDRAWCMD IOCTL command. A local user with write access to /dev/fdX\ncould use this flaw to obtain information about the kernel heap\narrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737\nand CVE-2014-1738.\n\nThis update also fixes the following bugs :\n\n* A bug in the futex system call could result in an overflow when\npassing a very large positive timeout. As a consequence, the\nFUTEX_WAIT operation did not work as intended and the system call was\ntiming out immediately. A backported patch fixes this bug by limiting\nvery large positive timeouts to the maximal supported value.\n(BZ#1091832)\n\n* A new Linux Security Module (LSM) functionality related to the\nsetrlimit hooks should produce a warning message when used by a third\nparty module that could not cope with it. However, due to a\nprogramming error, the kernel could print this warning message when a\nprocess was setting rlimits for a different process, or if rlimits\nwere modified by another than the main thread even though there was no\nincompatible third party module. This update fixes the relevant code\nand ensures that the kernel handles this warning message correctly.\n(BZ#1092869)\n\n* Previously, the kernel was unable to detect KVM on system boot if\nthe Hyper-V emulation was enabled. A patch has been applied to ensure\nthat both KVM and Hyper-V hypervisors are now correctly detected\nduring system boot. (BZ#1094152)\n\n* A function in the RPC code responsible for verifying whether cached\ncredentials match the current process did not perform the check\ncorrectly. The code checked only whether the groups in the current\nprocess credentials appear in the same order as in the cached\ncredentials but did not ensure that no other groups are present in the\ncached credentials. As a consequence, when accessing files in NFS\nmounts, a process with the same UID and GID as the original process\nbut with a non-matching group list could have been granted an\nunauthorized access to a file, or under certain circumstances, the\nprocess could have been wrongly prevented from accessing the file. The\nincorrect test condition has been fixed and the problem can no longer\noccur. (BZ#1095062)\n\n* When being under heavy load, some Fibre Channel storage devices,\nsuch as Hitachi and HP Open-V series, can send a logout (LOGO) message\nto the host system. However, due to a bug in the lpfc driver, this\ncould result in a loss of active paths to the storage and the paths\ncould not be recovered without manual intervention. This update\ncorrects the lpfc driver to ensure automatic recovery of the lost\npaths to the storage in this scenario. (BZ#1096061)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-June/004191.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2014-0740\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-371.9.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-371.9.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:24:11", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-05-27T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2678"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2220-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74183", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2220-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74183);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n script_bugtraq_id(66351, 66543, 67300, 67302);\n script_xref(name:\"USN\", value:\"2220-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS\ntransports. An unprivileged local user could exploit this flaw to\ncause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2220-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2220-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-364-ec2\", pkgver:\"2.6.32-364.77\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:26:49", "description": "The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3042 advisory.\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (CVE-2014-1738)\n\n - The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero- length write operation. (CVE-2013-6378)\n\n - The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. (CVE-2014-1874)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2014-06-23T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3042)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6378", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2014-3042.NASL", "href": "https://www.tenable.com/plugins/nessus/76185", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3042.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76185);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2013-6378\",\n \"CVE-2014-1737\",\n \"CVE-2014-1738\",\n \"CVE-2014-1874\"\n );\n script_bugtraq_id(\n 63886,\n 65459,\n 67300,\n 67302\n );\n\n script_name(english:\"Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3042)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2014-3042 advisory.\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly\n handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger\n kfree operations and gain privileges by leveraging write access to a /dev/fd device. (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not\n properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows\n local users to obtain sensitive information from kernel heap memory by leveraging write access to a\n /dev/fd device. (CVE-2014-1738)\n\n - The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through\n 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-\n length write operation. (CVE-2013-6378)\n\n - The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before\n 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN\n capability to set a zero-length security context. (CVE-2014-1874)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-3042.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1737\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 5 / 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.39-400.215.3.el5uek', '2.6.39-400.215.3.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-3042');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.39-400.215.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.215.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.215.3.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.215.3.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.215.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.215.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.215.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.215.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.215.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.215.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.215.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:43", "description": "The 3.14.4 stable update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-05-19T00:00:00", "type": "nessus", "title": "Fedora 20 : kernel-3.14.4-200.fc20 (2014-6357)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-6357.NASL", "href": "https://www.tenable.com/plugins/nessus/74049", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-6357.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74049);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_bugtraq_id(67300, 67302, 67309, 67321);\n script_xref(name:\"FEDORA\", value:\"2014-6357\");\n\n script_name(english:\"Fedora 20 : kernel-3.14.4-200.fc20 (2014-6357)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.14.4 stable update contains a number of important fixes across\nthe tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1094299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096775\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-May/133350.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?15536929\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.14.4-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:05", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-05-27T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2678"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2219-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74182", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2219-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74182);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n script_bugtraq_id(66351, 66543, 67300, 67302);\n script_xref(name:\"USN\", value:\"2219-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS\ntransports. An unprivileged local user could exploit this flaw to\ncause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2219-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2219-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-386\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-generic\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-generic-pae\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-lpia\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-preempt\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-server\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-versatile\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-virtual\", pkgver:\"2.6.32-60.122\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:24:10", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-05-28T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2226-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0077", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2226-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2226-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74214);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0077\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2851\");\n script_bugtraq_id(66678, 66779, 67300, 67302);\n script_xref(name:\"USN\", value:\"2226-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2226-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the handling of network packets when\nmergeable buffers are disabled for virtual machines in the Linux\nkernel. Guest OS users may exploit this flaw to cause a denial of\nservice (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's ping sockets. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or possibly gain privileges via a crafted\napplication. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2226-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-0077\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2851\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2226-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-27-generic\", pkgver:\"3.13.0-27.50\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-27-generic-lpae\", pkgver:\"3.13.0-27.50\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-27-lowlatency\", pkgver:\"3.13.0-27.50\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:27", "description": "The 4.10.16 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "nessus", "title": "Fedora 24 : kernel (2017-e75602d3ed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-E75602D3ED.NASL", "href": "https://www.tenable.com/plugins/nessus/100337", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-e75602d3ed.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100337);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-7487\");\n script_xref(name:\"FEDORA\", value:\"2017-e75602d3ed\");\n\n script_name(english:\"Fedora 24 : kernel (2017-e75602d3ed)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.10.16 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-e75602d3ed\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-7487\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-e75602d3ed\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.10.16-100.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:33", "description": "USN-3404-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.04.\nThis update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.\n\nA reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-29T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-hwe vulnerability (USN-3404-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3404-2.NASL", "href": "https://www.tenable.com/plugins/nessus/102817", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3404-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102817);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-7487\");\n script_xref(name:\"USN\", value:\"3404-2\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-hwe vulnerability (USN-3404-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3404-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.04.\nThis update provides the corresponding updates for the Linux Hardware\nEnablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.\n\nA reference count bug was discovered in the Linux kernel ipx protocol\nstack. A local attacker could exploit this flaw to cause a denial of\nservice or possibly other unspecified problems.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3404-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-7487\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3404-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.10.0-33-generic\", pkgver:\"4.10.0-33.37~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.10.0-33-generic-lpae\", pkgver:\"4.10.0-33.37~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.10.0-33-lowlatency\", pkgver:\"4.10.0-33.37~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.10.0.33.35\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.10.0.33.35\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.10.0.33.35\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.10-generic / linux-image-4.10-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:09", "description": "A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-08-29T00:00:00", "type": "nessus", "title": "Ubuntu 17.04 : linux, linux-raspi2 vulnerability (USN-3404-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:17.04"], "id": "UBUNTU_USN-3404-1.NASL", "href": "https://www.tenable.com/plugins/nessus/102816", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3404-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102816);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-7487\");\n script_xref(name:\"USN\", value:\"3404-1\");\n\n script_name(english:\"Ubuntu 17.04 : linux, linux-raspi2 vulnerability (USN-3404-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A reference count bug was discovered in the Linux kernel ipx protocol\nstack. A local attacker could exploit this flaw to cause a denial of\nservice or possibly other unspecified problems.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3404-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.10-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(17\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 17.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-7487\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3404-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-1016-raspi2\", pkgver:\"4.10.0-1016.19\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-33-generic\", pkgver:\"4.10.0-33.37\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-33-generic-lpae\", pkgver:\"4.10.0-33.37\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-4.10.0-33-lowlatency\", pkgver:\"4.10.0-33.37\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-generic\", pkgver:\"4.10.0.33.33\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.10.0.33.33\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.10.0.33.33\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.10.0.1016.17\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.10-generic / linux-image-4.10-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:20:11", "description": "The 4.10.16 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "nessus", "title": "Fedora 25 : kernel (2017-466d902289)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-466D902289.NASL", "href": "https://www.tenable.com/plugins/nessus/100332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-466d902289.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100332);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-7487\");\n script_xref(name:\"FEDORA\", value:\"2017-466d902289\");\n\n script_name(english:\"Fedora 25 : kernel (2017-466d902289)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.10.16 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-466d902289\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-7487\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-466d902289\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.10.16-200.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:30", "description": "The 4.0.6 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "nessus", "title": "Fedora 21 : kernel-4.0.6-200.fc21 (2015-10678)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4692"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-10678.NASL", "href": "https://www.tenable.com/plugins/nessus/84480", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-10678.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84480);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-4692\");\n script_xref(name:\"FEDORA\", value:\"2015-10678\");\n\n script_name(english:\"Fedora 21 : kernel-4.0.6-200.fc21 (2015-10678)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.0.6 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1230770\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b19c45c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-4.0.6-200.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:20", "description": "The 4.0.6 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-06-29T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.0.6-300.fc22 (2015-10677)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4692"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-10677.NASL", "href": "https://www.tenable.com/plugins/nessus/84437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-10677.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84437);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-4692\");\n script_xref(name:\"FEDORA\", value:\"2015-10677\");\n\n script_name(english:\"Fedora 22 : kernel-4.0.6-300.fc22 (2015-10677)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.0.6 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1230770\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3cbb559\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.0.6-300.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:26:17", "description": "The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3043 advisory.\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (CVE-2014-1738)\n\n - The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero- length write operation. (CVE-2013-6378)\n\n - The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context. (CVE-2014-1874)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2014-06-23T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6378", "CVE-2014-0203", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el5uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el5uekdebug", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el6uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el6uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el5uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el5uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el6uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el6uekdebug"], "id": "ORACLELINUX_ELSA-2014-3043.NASL", "href": "https://www.tenable.com/plugins/nessus/76186", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3043.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76186);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2013-6378\",\n \"CVE-2014-0203\",\n \"CVE-2014-1737\",\n \"CVE-2014-1738\",\n \"CVE-2014-1874\"\n );\n script_bugtraq_id(\n 63886,\n 65459,\n 67300,\n 67302,\n 68125\n );\n\n script_name(english:\"Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2014-3043)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2014-3043 advisory.\n\n - The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly\n handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger\n kfree operations and gain privileges by leveraging write access to a /dev/fd device. (CVE-2014-1737)\n\n - The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not\n properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows\n local users to obtain sensitive information from kernel heap memory by leveraging write access to a\n /dev/fd device. (CVE-2014-1738)\n\n - The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through\n 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-\n length write operation. (CVE-2013-6378)\n\n - The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before\n 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN\n capability to set a zero-length security context. (CVE-2014-1874)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-3043.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1737\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.3.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.3.el6uekdebug\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 5 / 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-400.36.3.el5uek', '2.6.32-400.36.3.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-3043');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.32-400.36.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-2.6.32-400.36.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-doc-2.6.32-400.36.3.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.32'},\n {'reference':'kernel-uek-firmware-2.6.32-400.36.3.el5uek', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.3.el5uek', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.3.el5uek', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'mlnx_en-2.6.32-400.36.3.el5uek-1.5.7-2', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.3.el5uek-1.5.7-2', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.3.el5uekdebug-1.5.7-2', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.3.el5uekdebug-1.5.7-2', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el5uek-1.5.1-4.0.58', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el5uek-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el5uekdebug-1.5.1-4.0.58', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el5uekdebug-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-2.6.32-400.36.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-2.6.32-400.36.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-2.6.32-400.36.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-debug-devel-2.6.32-400.36.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-devel-2.6.32-400.36.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.32'},\n {'reference':'kernel-uek-doc-2.6.32-400.36.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.32'},\n {'reference':'kernel-uek-firmware-2.6.32-400.36.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.3.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'kernel-uek-headers-2.6.32-400.36.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-2.6.32'},\n {'reference':'mlnx_en-2.6.32-400.36.3.el6uek-1.5.7-0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.3.el6uek-1.5.7-0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.3.el6uekdebug-1.5.7-0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mlnx_en-2.6.32-400.36.3.el6uekdebug-1.5.7-0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el6uek-1.5.1-4.0.58', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el6uek-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el6uekdebug-1.5.1-4.0.58', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ofa-2.6.32-400.36.3.el6uekdebug-1.5.1-4.0.58', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:24:13", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation :\n\n - CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation.\n\n - CVE-2014-1737 / CVE-2014-1738 Matthew Daley discovered that missing input sanitising in the FDRAWCMD ioctl and an information leak could result in privilege escalation.\n\n - CVE-2014-2851 Incorrect reference counting in the ping_init_sock() function allows denial of service or privilege escalation.\n\n - CVE-2014-3122 Incorrect locking of memory can result in local denial of service.", "cvss3": {}, "published": "2014-05-13T00:00:00", "type": "nessus", "title": "Debian DSA-2926-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0196", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-3122"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2926.NASL", "href": "https://www.tenable.com/plugins/nessus/73971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2926. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73971);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\n \"CVE-2014-0196\",\n \"CVE-2014-1737\",\n \"CVE-2014-1738\",\n \"CVE-2014-2851\",\n \"CVE-2014-3122\"\n );\n script_bugtraq_id(\n 66779,\n 67162,\n 67282,\n 67300,\n 67302\n );\n script_xref(name:\"DSA\", value:\"2926\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Debian DSA-2926-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leaks or privilege\nescalation :\n\n - CVE-2014-0196\n Jiri Slaby discovered a race condition in the pty layer,\n which could lead to denial of service or privilege\n escalation.\n\n - CVE-2014-1737 / CVE-2014-1738\n Matthew Daley discovered that missing input sanitising\n in the FDRAWCMD ioctl and an information leak could\n result in privilege escalation.\n\n - CVE-2014-2851\n Incorrect reference counting in the ping_init_sock()\n function allows denial of service or privilege\n escalation.\n\n - CVE-2014-3122\n Incorrect locking of memory can result in local denial\n of service.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-0196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-1737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-1738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-2851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-3122\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2014/dsa-2926\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.2.57-3+deb7u1. This update also fixes a regression in the\nisci driver and suspend problems with certain AMD CPUs (introduced in\nthe updated kernel from the Wheezy 7.5 point release).\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.57-3+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:22", "description": "Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. (CVE-2016-5829)", "cvss3": {}, "published": "2017-03-01T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K28056114)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5829"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL28056114.NASL", "href": "https://www.tenable.com/plugins/nessus/97445", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K28056114.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97445);\n script_version(\"3.7\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2016-5829\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K28056114)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple heap-based buffer overflows in the hiddev_ioctl_usage\nfunction in drivers/hid/usbhid/hiddev.c in the Linux kernel through\n4.6.3 allow local users to cause a denial of service or possibly have\nunspecified other impact via a crafted (1) HIDIOCGUSAGES or (2)\nHIDIOCSUSAGES ioctl call. (CVE-2016-5829)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K28056114\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K28056114.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K28056114\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.4.0-11.6.1\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.4HF3\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.2HF1\",\"11.6.2\",\"11.5.4HF3\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:28", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - sched: panic on corrupted stack end (Jann Horn) [Orabug:\n 24971921] (CVE-2016-1583)\n\n - ecryptfs: forbid opening files without mmap handler (Jann Horn) [Orabug: 24971921] (CVE-2016-1583)\n\n - proc: prevent stacking filesystems on top (Jann Horn) [Orabug: 24971921] (CVE-2016-1583)", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0154)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2016-0154.NASL", "href": "https://www.tenable.com/plugins/nessus/94534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0154.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94534);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1583\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0154)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - sched: panic on corrupted stack end (Jann Horn) [Orabug:\n 24971921] (CVE-2016-1583)\n\n - ecryptfs: forbid opening files without mmap handler\n (Jann Horn) [Orabug: 24971921] (CVE-2016-1583)\n\n - proc: prevent stacking filesystems on top (Jann Horn)\n [Orabug: 24971921] (CVE-2016-1583)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-November/000576.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8380846\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-61.1.17.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-61.1.17.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:43", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3636 advisory.\n\n - The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. (CVE-2016-1583)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.14.1.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.14.1.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2016-3636.NASL", "href": "https://www.tenable.com/plugins/nessus/94533", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2016-3636.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94533);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2016-1583\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3636)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2016-3636 advisory.\n\n - The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows\n local users to gain privileges or cause a denial of service (stack memory consumption) via vectors\n involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. (CVE-2016-1583)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2016-3636.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1583\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.14.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.14.1.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-118.14.1.el6uek', '3.8.13-118.14.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2016-3636');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-118.14.1.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.14.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.14.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.14.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.14.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.14.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.14.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},\n {'reference':'dtrace-modules-3.8.13-118.14.1.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.14.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.14.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.14.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.14.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.14.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.14.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.14.1.el6uek / dtrace-modules-3.8.13-118.14.1.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:30:18", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - ecryptfs: forbid opening files without mmap handler (Jann Horn) [Orabug: 24971919] (CVE-2016-1583)\n\n - RDS: IB: fix panic with handlers running post teardown (Santosh Shilimkar) [Orabug: 24395795]", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0155)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2016-0155.NASL", "href": "https://www.tenable.com/plugins/nessus/94535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0155.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94535);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1583\");\n\n script_name(english:\"OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0155)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - ecryptfs: forbid opening files without mmap handler\n (Jann Horn) [Orabug: 24971919] (CVE-2016-1583)\n\n - RDS: IB: fix panic with handlers running post teardown\n (Santosh Shilimkar) [Orabug: 24395795]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-November/000577.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c34a2e30\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-3.8.13-118.14.1.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-firmware-3.8.13-118.14.1.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:07:55", "description": "Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-06-10T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerability (USN-2999-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2999-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91561", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2999-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91561);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-1583\");\n script_xref(name:\"USN\", value:\"2999-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerability (USN-2999-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jann Horn discovered that eCryptfs improperly attempted to use the\nmmap() handler of a lower filesystem that did not implement one,\ncausing a recursive page fault to occur. A local unprivileged attacker\ncould use to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2999-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-1583\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2999-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-88-generic\", pkgver:\"3.13.0-88.135\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-88-generic-lpae\", pkgver:\"3.13.0-88.135\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-88-lowlatency\", pkgver:\"3.13.0-88.135\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:56", "description": "The SUSE Linux Enterprise 12 GA kernel was updated to fix one security issue.\n\nThe following security bug was fixed :\n\n - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid (bsc#983143).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-06-17T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1596-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-1596-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91669", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1596-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91669);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-1583\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1596-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 GA kernel was updated to fix one security\nissue.\n\nThe following security bug was fixed :\n\n - CVE-2016-1583: Prevent the usage of mmap when the lower\n file system does not allow it. This could have lead to\n local privilege escalation when ecryptfs-utils was\n installed and /sbin/mount.ecryptfs_private was setuid\n (bsc#983143).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=983143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-1583/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161596-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2cdc9436\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2016-944=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-944=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-944=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-944=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2016-944=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-944=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.55-52.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.55-52.45.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:30", "description": "Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-06-10T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3008-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3008-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91570", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3008-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91570);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-1583\");\n script_xref(name:\"USN\", value:\"3008-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3008-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jann Horn discovered that eCryptfs improperly attempted to use the\nmmap() handler of a lower filesystem that did not implement one,\ncausing a recursive page fault to occur. A local unprivileged attacker\ncould use to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3008-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected linux-image-4.4-snapdragon package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-1583\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3008-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1015-snapdragon\", pkgver:\"4.4.0-1015.18\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-snapdragon\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:22:50", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/ environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.\n(CVE-2016-1583, Important)\n\nBug Fix(es) :\n\n* Previously, while the MAP_GROWSDOWN flag was set, writing to the memory which was mapped with the mmap system call failed with the SIGBUS signal. This update fixes memory management in the Linux kernel by backporting an upstream patch that enlarges the stack guard page gap. As a result, mmap now works as expected under the described circumstances. (BZ#1474721)", "cvss3": {}, "published": "2017-09-20T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2017:2760)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6.7"], "id": "REDHAT-RHSA-2017-2760.NASL", "href": "https://www.tenable.com/plugins/nessus/103350", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2760. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103350);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2016-1583\");\n script_xref(name:\"RHSA\", value:\"2017:2760\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2017:2760)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.7\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* It was found that stacking a file system over procfs in the Linux\nkernel could lead to a kernel stack overflow due to deep nesting, as\ndemonstrated by mounting ecryptfs over procfs and creating a recursion\nby mapping /proc/ environ. An unprivileged, local user could\npotentially use this flaw to escalate their privileges on the system.\n(CVE-2016-1583, Important)\n\nBug Fix(es) :\n\n* Previously, while the MAP_GROWSDOWN flag was set, writing to the\nmemory which was mapped with the mmap system call failed with the\nSIGBUS signal. This update fixes memory management in the Linux kernel\nby backporting an upstream patch that enlarges the stack guard page\ngap. As a result, mmap now works as expected under the described\ncircumstances. (BZ#1474721)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:2760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-1583\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.7\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-1583\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2017:2760\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:2760\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"kernel-abi-whitelists-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"kernel-doc-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", reference:\"kernel-firmware-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"perf-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"perf-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"perf-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"python-perf-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"python-perf-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-573.47.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:28", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3635 advisory.\n\n - The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. (CVE-2016-1583)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-11-04T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3635)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1583"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-61.1.17.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-61.1.17.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2016-3635.NASL", "href": "https://www.tenable.com/plugins/nessus/94532", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2016-3635.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94532);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2016-1583\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3635)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2016-3635 advisory.\n\n - The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows\n local users to gain privileges or cause a denial of service (stack memory consumption) via vectors\n involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. (CVE-2016-1583)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2016-3635.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1583\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-61.1.17.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-61.1.17.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-61.1.17.el6uek', '4.1.12-61.1.17.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2016-3635');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-4.1.12-61.1.17.el6uek-0.5.3-2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-4.1.12-61.1.17.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-61.1.17.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-61.1.17.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-61.1.17.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-61.1.17.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-61.1.17.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'dtrace-modules-4.1.12-61.1.17.el7uek-0.5.3-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-4.1.12-61.1.17.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-61.1.17.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-61.1.17.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-61.1.17.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-61.1.17.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-61.1.17.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-4.1.12-61.1.17.el6uek / dtrace-modules-4.1.12-61.1.17.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:35", "description": "The 4.5.7-202 kernel update contains a number of important security fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-07-15T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel (2016-73a733f4d9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1237", "CVE-2016-1583", "CVE-2016-4470", "CVE-2016-4998", "CVE-2016-5728", "CVE-2016-5829"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-73A733F4D9.NASL", "href": "https://www.tenable.com/plugins/nessus/92256", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-73a733f4d9.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92256);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1237\", \"CVE-2016-1583\", \"CVE-2016-4470\", \"CVE-2016-4998\", \"CVE-2016-5728\", \"CVE-2016-5829\");\n script_xref(name:\"FEDORA\", value:\"2016-73a733f4d9\");\n\n script_name(english:\"Fedora 23 : kernel (2016-73a733f4d9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.5.7-202 kernel update contains a number of important security\nfixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-73a733f4d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel 4.6.3 Netfilter Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-1237\", \"CVE-2016-1583\", \"CVE-2016-4470\", \"CVE-2016-4998\", \"CVE-2016-5728\", \"CVE-2016-5829\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-73a733f4d9\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.5.7-202.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:27:17", "description": "The 5.0.6 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-02T00:00:00", "type": "nessus", "title": "Fedora 30 : kernel / kernel-headers / kernel-tools (2019-961cda41f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3882", "CVE-2019-9857"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-961CDA41F0.NASL", "href": "https://www.tenable.com/plugins/nessus/124518", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-961cda41f0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124518);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\");\n script_xref(name:\"FEDORA\", value:\"2019-961cda41f0\");\n\n script_name(english:\"Fedora 30 : kernel / kernel-headers / kernel-tools (2019-961cda41f0)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.0.6 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-961cda41f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-3882\", \"CVE-2019-9857\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-961cda41f0\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kernel-5.0.6-300.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"kernel-headers-5.0.6-300.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"kernel-tools-5.0.6-300.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-29T14:17:22", "description": "The 5.0.6 update contains a number of important fixes a cross the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2019-65c6d11eba)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3882", "CVE-2019-9857"], "modified": "2020-01-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-65C6D11EBA.NASL", "href": "https://www.tenable.com/plugins/nessus/123839", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-65c6d11eba.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123839);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/23\");\n\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\");\n script_xref(name:\"FEDORA\", value:\"2019-65c6d11eba\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2019-65c6d11eba)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.0.6 update contains a number of important fixes a cross the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-65c6d11eba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-3882\", \"CVE-2019-9857\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-65c6d11eba\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-5.0.6-100.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-5.0.6-100.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-5.0.6-100.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:26", "description": "The 5.0.6 update contains a number of importnat fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-be9add5b77)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3882", "CVE-2019-9857"], "modified": "2020-01-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-BE9ADD5B77.NASL", "href": "https://www.tenable.com/plugins/nessus/123841", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-be9add5b77.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123841);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/23\");\n\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\");\n script_xref(name:\"FEDORA\", value:\"2019-be9add5b77\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-be9add5b77)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.0.6 update contains a number of importnat fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-be9add5b77\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-3882\", \"CVE-2019-9857\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-be9add5b77\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.0.6-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.0.6-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-5.0.6-200.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:18", "description": "kernel-uek\n[3.8.13-35.1.2.el6uek]\n- floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028443] {CVE-2014-1738}\n- floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028436] {CVE-2014-1737}", "cvss3": {}, "published": "2014-06-20T00:00:00", "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738"], "modified": "2014-06-20T00:00:00", "id": "ELSA-2014-3041", "href": "http://linux.oracle.com/errata/ELSA-2014-3041.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-30T19:19:27", "description": "kernel\n[2.6.18-371.9.1.0.1]\n- i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]", "cvss3": {}, "published": "2014-06-11T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339"], "modified": "2014-06-11T00:00:00", "id": "ELSA-2014-0740-1", "href": "http://linux.oracle.com/errata/ELSA-2014-0740-1.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:09", "description": "kernel\n[2.6.18-371.9.1]\n- [nfs] sunrpc: don't use a credential with extra groups (Mateusz Guzik) [1095062 976201]\n- [scsi] lpfc: Remove NDLP reference put in lpfc_cmpl_els_logo_acc (Rob Evers) [1096061 1075228]\n- [infiniband] rds: dereference of a NULL device (Jacob Tanenbaum) [1079216 1079217] {CVE-2013-7339}\n- [kernel] futex: check relative timeouts for overflow (Denys Vlasenko) [1091832 1084168]\n- [virt] kvm: correctly detect KVM when hv emulation is enalbed (Jason Wang) [1094152 985767]\n- [security] Fix spurious warnings in security_ops_task_setrlimit (Mateusz Guzik) [1092869 916235]\n- [block] floppy: don't write kernel-only members to FDRAWCMD output (Denys Vlasenko) [1094302 1094303] {CVE-2014-1738 CVE-2014-1737}\n- [block] floppy: ignore kernel-only members in FDRAWCMD input (Denys Vlasenko) [1094302 1094303] {CVE-2014-1738 CVE-2014-1737}", "cvss3": {}, "published": "2014-06-11T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339"], "modified": "2014-06-11T00:00:00", "id": "ELSA-2014-0740", "href": "http://linux.oracle.com/errata/ELSA-2014-0740.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:25", "description": "[2.6.39-400.215.3]\n- SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028380] {CVE-2014-1874}\n- floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028444] {CVE-2014-1738}\n- floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028438] {CVE-2014-1737}\n- libertas: potential oops in debugfs (Dan Carpenter) [Orabug: 19028416] {CVE-2013-6378}", "cvss3": {}, "published": "2014-06-20T00:00:00", "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2013-6378", "CVE-2014-1874", "CVE-2014-1738"], "modified": "2014-06-20T00:00:00", "id": "ELSA-2014-3042", "href": "http://linux.oracle.com/errata/ELSA-2014-3042.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:12", "description": "kernel-uek\n[2.6.32-400.36.3uek]\n- fix autofs/afs/etc. magic mountpoint breakage (Al Viro) [Orabug: 19028505] {CVE-2014-0203}\n- SELinux: Fix kernel BUG on empty security contexts. (Stephen Smalley) [Orabug: 19028381] {CVE-2014-1874}\n- floppy: don't write kernel-only members to FDRAWCMD ioctl output (Matthew Daley) [Orabug: 19028446] {CVE-2014-1738}\n- floppy: ignore kernel-only members in FDRAWCMD ioctl input (Matthew Daley) [Orabug: 19028439] {CVE-2014-1737}\n- libertas: potential oops in debugfs (Dan Carpenter) [Orabug: 19028417] {CVE-2013-6378}", "cvss3": {}, "published": "2014-06-20T00:00:00", "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2013-6378", "CVE-2014-1874", "CVE-2014-1738", "CVE-2014-0203"], "modified": "2014-06-20T00:00:00", "id": "ELSA-2014-3043", "href": "http://linux.oracle.com/errata/ELSA-2014-3043.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:43", "description": "kernel-uek\n[4.1.12-61.1.17]\n- sched: panic on corrupted stack end (Jann Horn) [Orabug: 24971921] {CVE-2016-1583}\n- ecryptfs: forbid opening files without mmap handler (Jann Horn) [Orabug: 24971921] {CVE-2016-1583}\n- proc: prevent stacking filesystems on top (Jann Horn) [Orabug: 24971921] {CVE-2016-1583}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-03T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1583"], "modified": "2016-11-03T00:00:00", "id": "ELSA-2016-3635", "href": "http://linux.oracle.com/errata/ELSA-2016-3635.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:44", "description": "kernel-uek\n[3.8.13-118.14.1]\n- ecryptfs: forbid opening files without mmap handler (Jann Horn) [Orabug: 24971919] {CVE-2016-1583}\n- RDS: IB: fix panic with handlers running post teardown (Santosh Shilimkar) [Orabug: 24395795] ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-03T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1583"], "modified": "2016-11-03T00:00:00", "id": "ELSA-2016-3636", "href": "http://linux.oracle.com/errata/ELSA-2016-3636.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:52", "description": "\r\n\r\nHi,\r\n\r\nAs this was posted to linux-distros, and was supposed to be made public\r\nearlier this week, but so far wasn&#39;t published on oss-sec ...\r\n\r\nReported by Matthew Daley to security@kernel.org.\r\n\r\nThere apparently exists a proof of concept root exploit, that allows\r\nlocal users with access to a floppy device to execute code in the linux\r\nkernel.\r\n\r\n&#40;I think this needs a floppy driver to actually allow access to a floppy\r\n device. My machine only says &quot;floppy0: no floppy controllers found&quot; today.&#41;\r\n\r\nLinux Kernel Mainline commits:\r\n\r\n2145e15e0557a01b9195d1c7199a1b92cb9be81f\r\nAuthor: Matthew Daley &lt;mattd@bugfuzz.com&gt;\r\nDate: Mon Apr 28 19:05:21 2014 +1200\r\n\r\n floppy: don&#39;t write kernel-only members to FDRAWCMD ioctl output\r\n\r\n Do not leak kernel-only floppy_raw_cmd structure members to userspace.\r\n This includes the linked-list pointer and the pointer to the allocated\r\n DMA space.\r\n\r\n Signed-off-by: Matthew Daley &lt;mattd@bugfuzz.com&gt;\r\n References: CVE-2014-1738\r\n Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;\r\n\r\ncommit ef87dbe7614341c2e7bfe8d32fcb7028cc97442c\r\nAuthor: Matthew Daley &lt;mattd@bugfuzz.com&gt;\r\nDate: Mon Apr 28 19:05:20 2014 +1200\r\n\r\n floppy: ignore kernel-only members in FDRAWCMD ioctl input\r\n\r\n Always clear out these floppy_raw_cmd struct members after copying the\r\n entire structure from userspace so that the in-kernel version is always\r\n valid and never left in an interdeterminate state.\r\n\r\n Signed-off-by: Matthew Daley &lt;mattd@bugfuzz.com&gt;\r\n References: CVE-2014-1737\r\n Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;\r\n\r\nCiao, Marcus\r\n\r\n", "cvss3": {}, "published": "2014-05-10T00:00:00", "type": "securityvulns", "title": "[oss-security] Linux kernel floppy ioctl kernel code execution", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738"], "modified": "2014-05-10T00:00:00", "id": "SECURITYVULNS:DOC:30721", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30721", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:52", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2926-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nMay 12, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : linux\r\nCVE ID : CVE-2014-0196 CVE-2014-1737 CVE-2014-1738 CVE-2014-2851 \r\n CVE-2014-3122\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that \r\nmay lead to a denial of service, information leaks or privilege \r\nescalation:\r\n\r\nCVE-2014-0196\r\n\r\n Jiri Slaby discovered a race condition in the pty layer, which could\r\n lead to denial of service or privilege escalation.\r\n\r\nCVE-2014-1737 / CVE-2014-1738\r\n\r\n Matthew Daley discovered that missing input sanitising in the\r\n FDRAWCMD ioctl and an information leak could result in privilege\r\n escalation.\r\n\r\nCVE-2014-2851\r\n\r\n Incorrect reference counting in the ping_init_sock&#40;&#41; function allows\r\n denial of service or privilege escalation.\r\n\r\nCVE-2014-3122\r\n\r\n Incorrect locking of memory can result in local denial of service.\r\n\r\nFor the stable distribution &#40;wheezy&#41;, these problems have been fixed in\r\nversion 3.2.57-3+deb7u1. This update also fixes a regression in the isci\r\ndriver and suspend problems with certain AMD CPUs &#40;introduced in the\r\nupdated kernel from the Wheezy 7.5 point release&#41;.\r\n\r\nFor the unstable distribution &#40;sid&#41;, these problems will be fixed soon.\r\n\r\nWe recommend that you upgrade your linux packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n\r\n\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBAgAGBQJTcO+9AAoJEBDCk7bDfE421QQP/j08SKXHiHXcdZmtcP1ifE9P\r\nfBvddKDd9thLxec1bn4VhFDsDMMESvMGV4S62FaAuet7OU8GpX899ctGeZiR4YM6\r\nEKpd86hwWiChs+PPhyEpae9/gX0ZDGJLToE5PyggOa/anpZ39yHT6rDccl/H9rIc\r\nOgFE7ru8je/I1jdeOlqdJLZ2YicM/xLy1gF6WwZFvfKUXHbeJ9cnz5VZR/R1aJCb\r\nYs/rj2QjKDaXvDuW+l+ybQOL6nqevH1upFL4u+kkiOk78q2UoJdyYSeKGLrtIYBW\r\n3SRnY8xHNAtHrldzDjXdFaTqd880/ter5l9OXo9zcR8wUojAqWbSDW+0TC/5CmRL\r\noWa72DuCoxdulsmZQZydxB0U87pudsI2Ez5wiXVXfPWD7Ykwad+j/AV3EBaUEKwi\r\nhnWt+9IFWgIjnVnDbPbwfUkmzRCa58ewo10alxEq/supTrkAU/5xQbEtejt4MYtq\r\nTGy8b51aWg5VYpEze5HrPBPyl2szdOF+j9OhNF08Rh/RMGbzSi3Qamr/xsG1PhBx\r\n+93FcjfembChbPihpUQp7by/2xtT3Td1TA1Q7o3vgKk/bdcmsI1JMdPs46H+AFpi\r\nxRgd1dxxPpCaTTCgVHkp6uykWhQcW+nI87OEv/Ibxdch+qrlPs4BxxTk9uL0OHGa\r\nmlcOLozLVQLTcPYUAGL6\r\n=AqGQ\r\n-----END PGP SIGNATURE-----\r\n\r\n", "cvss3": {}, "published": "2014-05-15T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 2926-1] linux security update", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196", "CVE-2014-2851"], "modified": "2014-05-15T00:00:00", "id": "SECURITYVULNS:DOC:30730", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30730", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:35:56", "description": "Oracle Linux Local Security Checks ELSA-2014-3041", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-3041", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123389", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123389", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3041.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123389\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:09 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3041\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3041 - unbreakable enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3041\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3041.html\");\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~35.1.2.el6uek~0.4.3~4.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~35.1.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~35.1.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~35.1.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~35.1.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~35.1.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~35.1.2.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-17T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2014:0740-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0740-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871180\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-17 10:07:11 +0530 (Tue, 17 Jun 2014)\");\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0740-01\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A flaw was found in the way the Linux kernel's floppy driver handled user\nspace provided data in certain error code paths while processing FDRAWCMD\nIOCTL commands. A local user with write access to /dev/fdX could use this\nflaw to free (using the kfree() function) arbitrary kernel memory.\n(CVE-2014-1737, Important)\n\n * It was found that the Linux kernel's floppy driver leaked internal kernel\nmemory addresses to user space during the processing of the FDRAWCMD IOCTL\ncommand. A local user with write access to /dev/fdX could use this flaw to\nobtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws\n(CVE-2014-1737 in combination with CVE-2014-1738) to escalate their\nprivileges on the system.\n\n * A NULL pointer dereference flaw was found in the rds_ib_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and\nCVE-2014-1738.\n\nThis update also fixes the following bugs:\n\n * A bug in the futex system call could result in an overflow when passing\na very large positive timeout. As a consequence, the FUTEX_WAIT operation\ndid not work as intended and the system call was timing out immediately.\nA backported patch fixes this bug by limiting very large positive timeouts\nto the maximal supported value. (BZ#1091832)\n\n * A new Linux Security Module (LSM) functionality related to the setrlimit\nhooks should produce a warning message when used by a third party module\nthat could not cope with it. However, due to a programming error, the\nkernel could print this warning message when a process was setting rlimits\nfor a different process, or if rlimits were modified by another than the\nmain thread even though there was no incompatible third party module. This\nupdate fixes the relevant code and ensures that the kernel handles this\nwarning message correctly. (BZ#1092869)\n\n * Previously, the kernel was unable to detect KVM on system boot if the\nHyper-V emulation was enabled. A patch has been applied to ensure that\nboth KVM and Hyper-V hypervisors are now correctly detected during system\nboot. (BZ#1094152)\n\n * A function in the RPC code responsible for verifying whether cached\ncredentials match the current process did not perform the check correctly.\nThe code checked only whether the groups in the current process\ncredentials ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0740-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-June/msg00029.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.9.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:08", "description": "Oracle Linux Local Security Checks ELSA-2014-0740", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0740", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123392", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123392", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0740.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123392\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:12 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0740\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0740 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0740\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0740.html\");\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.9.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-17T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2014:0740 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881954", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881954", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0740 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881954\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-17 10:04:18 +0530 (Tue, 17 Jun 2014)\");\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0740 centos5\");\n\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n * A flaw was found in the way the Linux kernel's floppy driver handled user\nspace provided data in certain error code paths while processing FDRAWCMD\nIOCTL commands. A local user with write access to /dev/fdX could use this\nflaw to free (using the kfree() function) arbitrary kernel memory.\n(CVE-2014-1737, Important)\n\n * It was found that the Linux kernel's floppy driver leaked internal kernel\nmemory addresses to user space during the processing of the FDRAWCMD IOCTL\ncommand. A local user with write access to /dev/fdX could use this flaw to\nobtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws\n(CVE-2014-1737 in combination with CVE-2014-1738) to escalate their\nprivileges on the system.\n\n * A NULL pointer dereference flaw was found in the rds_ib_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-7339, Moderate)\n\nRed Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and\nCVE-2014-1738.\n\nThis update also fixes the following bugs:\n\n * A bug in the futex system call could result in an overflow when passing\na very large positive timeout. As a consequence, the FUTEX_WAIT operation\ndid not work as intended and the system call was timing out immediately.\nA backported patch fixes this bug by limiting very large positive timeouts\nto the maximal supported value. (BZ#1091832)\n\n * A new Linux Security Module (LSM) functionality related to the setrlimit\nhooks should produce a warning message when used by a third party module\nthat could not cope with it. However, due to a programming error, the\nkernel could print this warning message when a process was setting rlimits\nfor a different process, or if rlimits were modified by another than the\nmain thread even though there was no incompatible third party module. This\nupdate fixes the relevant code and ensures that the kernel handles this\nwarning message correctly. (BZ#1092869)\n\n * Previously, the kernel was unable to detect KVM on system boot if the\nHyper-V emulation was enabled. A patch has been applied to ensure that\nboth KVM and Hyper-V hypervisors are now correctly detected during system\nboot. (BZ#1094152)\n\n * A function in the RPC code responsible for verifying whether cached\ncredentials match the current process did not perform the check correctly.\nThe code checked only whether the groups in the current process\ncredentials appear in the same order as i ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0740\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-June/020363.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:20", "description": "Oracle Linux Local Security Checks ELSA-2014-0740-1", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0740-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123393", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0740-1.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123393\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:13 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0740-1\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0740-1 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0740-1\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0740-1.html\");\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.0.1.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.0.1.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.0.1.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.9.1.0.1.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.9.1.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-28T10:48:44", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service, information leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-0196 \nJiri Slaby discovered a race condition in the pty layer, which could lead\nto a denial of service or privilege escalation.\n\nCVE-2014-1737 CVE-2014-1738 \nMatthew Daley discovered an information leak and missing input\nsanitising in the FDRAWCMD ioctl of the floppy driver. This could result\nin a privilege escalation.", "cvss3": {}, "published": "2014-05-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2928-1 (linux-2.6 - privilege escalation/denial of service/information leak)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196"], "modified": "2017-07-13T00:00:00", "id": "OPENVAS:702928", "href": "http://plugins.openvas.org/nasl.php?oid=702928", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2928.nasl 6715 2017-07-13 09:57:40Z teissa $\n# Auto-generated from advisory DSA 2928-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"linux-2.6 on Debian Linux\";\ntag_insight = \"The Linux kernel is the core of the Linux operating system.\";\ntag_solution = \"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 2.6.32-48squeeze6.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n?Debian 6.0 (squeeze)user-mode-linux2.6.32-1um-4+48squeeze6 \nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote \n: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\";\ntag_summary = \"Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service, information leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-0196 \nJiri Slaby discovered a race condition in the pty layer, which could lead\nto a denial of service or privilege escalation.\n\nCVE-2014-1737 CVE-2014-1738 \nMatthew Daley discovered an information leak and missing input\nsanitising in the FDRAWCMD ioctl of the floppy driver. This could result\nin a privilege escalation.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702928);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_name(\"Debian Security Advisory DSA 2928-1 (linux-2.6 - privilege escalation/denial of service/information leak)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-05-14 00:00:00 +0200 (Wed, 14 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2928.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"firmware-linux-free\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-base\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-486\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-armel\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-i386\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-ia64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mips\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mipsel\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-s390\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-sparc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-openvz\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-vserver\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-xen\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-486\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x-tape\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.32-5\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:34", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service, information leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-0196\nJiri Slaby discovered a race condition in the pty layer, which could lead\nto a denial of service or privilege escalation.\n\nCVE-2014-1737 CVE-2014-1738\nMatthew Daley discovered an information leak and missing input\nsanitising in the FDRAWCMD ioctl of the floppy driver. This could result\nin a privilege escalation.", "cvss3": {}, "published": "2014-05-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2928-1 (linux-2.6 - privilege escalation/denial of service/information leak)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310702928", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702928", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2928.nasl 14277 2019-03-18 14:45:38Z cfischer $\n# Auto-generated from advisory DSA 2928-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702928\");\n script_version(\"$Revision: 14277 $\");\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_name(\"Debian Security Advisory DSA 2928-1 (linux-2.6 - privilege escalation/denial of service/information leak)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:45:38 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-14 00:00:00 +0200 (Wed, 14 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2928.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"linux-2.6 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 2.6.32-48squeeze6.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n?Debian 6.0 (squeeze)user-mode-linux2.6.32-1um-4+48squeeze6\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote\n: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service, information leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-0196\nJiri Slaby discovered a race condition in the pty layer, which could lead\nto a denial of service or privilege escalation.\n\nCVE-2014-1737 CVE-2014-1738\nMatthew Daley discovered an information leak and missing input\nsanitising in the FDRAWCMD ioctl of the floppy driver. This could result\nin a privilege escalation.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"firmware-linux-free\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-base\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-doc-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-486\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-armel\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-i386\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-ia64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mips\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-mipsel\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-s390\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-all-sparc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-openvz\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-vserver\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-common-xen\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-486\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-4kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-5kc-malta\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-686-bigmem-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-iop32x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-ixp4xx\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-kirkwood\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-686-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-openvz-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-orion5x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r4k-ip22\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-cobalt\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-r5k-ip32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-s390x-tape\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1-bcm91250a\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sb1a-bcm91480b\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-sparc64-smp\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-versatile\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-itanium\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-mckinley\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-powerpc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-s390x\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-vserver-sparc64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-686-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.32-5-xen-amd64-dbg\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-2.6.32-5\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-tools-2.6.32\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-686\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.32-5-xen-amd64\", ver:\"2.6.32-48squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:38:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0667-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850807", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850807", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850807\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 18:35:01 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0667-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the\n following severe security issues:\n\n *\n\n CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c\n in the Linux kernel through 3.14.3 does not properly handle error\n conditions during processing of an FDRAWCMD ioctl call, which allows local\n users to trigger kfree operations and gain privileges by leveraging write\n access to a /dev/fd device. (bnc#875798)\n\n *\n\n CVE-2014-1738: The raw_cmd_copyout function in\n drivers/block/floppy.c in the Linux kernel through 3.14.3 does not\n properly restrict access to certain pointers during processing of an\n FDRAWCMD ioctl call, which allows local users to obtain sensitive\n information from kernel heap memory by leveraging write access to a\n /dev/fd device. (bnc#875798)\n\n *\n\n CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in\n the Linux kernel through 3.14.3 does not properly manage tty driver access\n in the 'LECHO &amp !OPOST' case, which allows local users to cause a denial\n of service (memory corruption and system crash) or gain privileges by\n triggering a race condition involving read and write operations with long\n strings. (bnc#875690)\n\n Security Issues references:\n\n * CVE-2014-0196\n\n * CVE-2014-1737\n\n * CVE-2014-1738\n\n Indications:\n\n Everyone using the Linux Kernel on x86_64 architecture should update.\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0667-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.2.4_02_3.0.101_0.29~0.7.24\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ppc64-devel\", rpm:\"kernel-ppc64-devel~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.0.101~0.29.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.2.4_02_3.0.101_0.29~0.7.24\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:53", "description": "Oracle Linux Local Security Checks ELSA-2014-3042", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-3042", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2013-6378", "CVE-2014-1874", "CVE-2014-1738"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123390", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123390", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3042.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123390\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:10 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3042\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3042 - unbreakable enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3042\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3042.html\");\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2013-6378\", \"CVE-2014-1874\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2219-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339", "CVE-2014-2678"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2219_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2219-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841831\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 14:24:17 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-7339\", \"CVE-2014-2678\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2219-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS transports. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2219-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2219-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-386\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-generic\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-generic-pae\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-ia64\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-lpia\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-powerpc\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-powerpc-smp\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-powerpc64-smp\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-preempt\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-server\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-sparc64\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-sparc64-smp\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-versatile\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-virtual\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-2220-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339", "CVE-2014-2678"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841837", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841837", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2220_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ec2 USN-2220-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841837\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 16:10:59 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-7339\", \"CVE-2014-2678\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ec2 USN-2220-1\");\n\n script_tag(name:\"affected\", value:\"linux-ec2 on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS transports. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2220-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2220-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ec2'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-364-ec2\", ver:\"2.6.32-364.77\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2226-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-0077"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841835", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841835", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2226_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2226-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841835\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 15:35:18 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2014-0077\", \"CVE-2014-2851\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2226-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged\nlocal user could exploit this flaw to cause a denial of service (system\ncrash) or possibly gain privileges via a crafted application.\n(CVE-2014-2851)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2226-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2226-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-generic\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-generic-lpae\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-lowlatency\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-powerpc-e500\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-powerpc-e500mc\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-powerpc-smp\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-powerpc64-emb\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-27-powerpc64-smp\", ver:\"3.13.0-27.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:49", "description": "Oracle Linux Local Security Checks ELSA-2014-3043", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-3043", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2013-6378", "CVE-2014-1874", "CVE-2014-1738"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123388", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3043.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123388\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:08 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3043\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3043 - unbreakable enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3043\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3043.html\");\n script_cve_id(\"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2013-6378\", \"CVE-2014-1874\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.36.3.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.3.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.3.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.3.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.3.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.36.3.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.3.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.3.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.3.el6uek~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.3.el6uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T23:02:11", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-258)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6382"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120543", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120543", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120543\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:29:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-258)\");\n script_tag(name:\"insight\", value:\"Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-258.html\");\n script_cve_id(\"CVE-2013-6382\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.4.73~64.112.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-29T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3404-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843296", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843296", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3404_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3404-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843296\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-29 08:05:43 +0200 (Tue, 29 Aug 2017)\");\n script_cve_id(\"CVE-2017-7487\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3404-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"A reference count bug was discovered in the\n Linux kernel ipx protocol stack. A local attacker could exploit this flaw to\n cause a denial of service or possibly other unspecified problems.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 17.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3404-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3404-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU17\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-1016-raspi2\", ver:\"4.10.0-1016.19\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-33-generic\", ver:\"4.10.0-33.37\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-33-generic-lpae\", ver:\"4.10.0-33.37\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-33-lowlatency\", ver:\"4.10.0-33.37\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.10.0.33.33\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.10.0.33.33\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.10.0.33.33\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.10.0.1016.17\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-e75602d3ed", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872700", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872700", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-e75602d3ed\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872700\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-23 07:14:58 +0200 (Tue, 23 May 2017)\");\n script_cve_id(\"CVE-2017-7487\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-e75602d3ed\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-e75602d3ed\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDMNEV4PDNDPYZ5VTQ25KWMXC34PXLDY\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.10.16~100.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-23T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-466d902289", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-466d902289\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872696\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-23 07:14:25 +0200 (Tue, 23 May 2017)\");\n script_cve_id(\"CVE-2017-7487\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-466d902289\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-466d902289\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EO5VSD2HZAYN4VH5X7ORVIFHQMAUF2HQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.10.16~200.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-29T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-hwe USN-3404-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7487"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3404_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-hwe USN-3404-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843295\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-29 08:05:40 +0200 (Tue, 29 Aug 2017)\");\n script_cve_id(\"CVE-2017-7487\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-hwe USN-3404-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-hwe'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3404-1 fixed a vulnerability in the\n Linux kernel for Ubuntu 17.04. This update provides the corresponding updates\n for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu\n 16.04 LTS. A reference count bug was discovered in the Linux kernel ipx protocol\n stack. A local attacker could exploit this flaw to cause a denial of service or\n possibly other unspecified problems.\");\n script_tag(name:\"affected\", value:\"linux-hwe on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3404-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3404-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-33-generic\", ver:\"4.10.0-33.37~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-33-generic-lpae\", ver:\"4.10.0-33.37~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-33-lowlatency\", ver:\"4.10.0-33.37~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.10.0.33.35\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.10.0.33.35\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.10.0.33.35\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:31", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leaks or privilege\nescalation:\n\nCVE-2014-0196\nJiri Slaby discovered a race condition in the pty layer, which could\nlead to denial of service or privilege escalation.\n\nCVE-2014-1737 /\nCVE-2014-1738\nMatthew Daley discovered that missing input sanitising in the\nFDRAWCMD ioctl and an information leak could result in privilege\nescalation.\n\nCVE-2014-2851\nIncorrect reference counting in the ping_init_sock() function allows\ndenial of service or privilege escalation.\n\nCVE-2014-3122\nIncorrect locking of memory can result in local denial of service.", "cvss3": {}, "published": "2014-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2926-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196", "CVE-2014-2851"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310702926", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702926", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2926.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2926-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702926\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n script_name(\"Debian Security Advisory DSA 2926-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 00:00:00 +0200 (Mon, 12 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2926.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u1. This update also fixes a regression in the isci\ndriver and suspend problems with certain AMD CPUs (introduced in the\nupdated kernel from the Wheezy 7.5 point release).\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leaks or privilege\nescalation:\n\nCVE-2014-0196\nJiri Slaby discovered a race condition in the pty layer, which could\nlead to denial of service or privilege escalation.\n\nCVE-2014-1737 /\nCVE-2014-1738\nMatthew Daley discovered that missing input sanitising in the\nFDRAWCMD ioctl and an information leak could result in privilege\nescalation.\n\nCVE-2014-2851\nIncorrect reference counting in the ping_init_sock() function allows\ndenial of service or privilege escalation.\n\nCVE-2014-3122\nIncorrect locking of memory can result in local denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-31T10:48:59", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leaks or privilege\nescalation:\n\nCVE-2014-0196 \nJiri Slaby discovered a race condition in the pty layer, which could\nlead to denial of service or privilege escalation.\n\nCVE-2014-1737 /\nCVE-2014-1738 \nMatthew Daley discovered that missing input sanitising in the\nFDRAWCMD ioctl and an information leak could result in privilege\nescalation.\n\nCVE-2014-2851 \nIncorrect reference counting in the ping_init_sock() function allows\ndenial of service or privilege escalation.\n\nCVE-2014-3122 \nIncorrect locking of memory can result in local denial of service.", "cvss3": {}, "published": "2014-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2926-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196", "CVE-2014-2851"], "modified": "2017-07-14T00:00:00", "id": "OPENVAS:702926", "href": "http://plugins.openvas.org/nasl.php?oid=702926", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2926.nasl 6724 2017-07-14 09:57:17Z teissa $\n# Auto-generated from advisory DSA 2926-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"linux on Debian Linux\";\ntag_insight = \"The Linux kernel is the core of the Linux operating system.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.57-3+deb7u1. This update also fixes a regression in the isci\ndriver and suspend problems with certain AMD CPUs (introduced in the\nupdated kernel from the Wheezy 7.5 point release).\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your linux packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leaks or privilege\nescalation:\n\nCVE-2014-0196 \nJiri Slaby discovered a race condition in the pty layer, which could\nlead to denial of service or privilege escalation.\n\nCVE-2014-1737 /\nCVE-2014-1738 \nMatthew Daley discovered that missing input sanitising in the\nFDRAWCMD ioctl and an information leak could result in privilege\nescalation.\n\nCVE-2014-2851 \nIncorrect reference counting in the ping_init_sock() function allows\ndenial of service or privilege escalation.\n\nCVE-2014-3122 \nIncorrect locking of memory can result in local denial of service.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702926);\n script_version(\"$Revision: 6724 $\");\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n script_name(\"Debian Security Advisory DSA 2926-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-14 11:57:17 +0200 (Fri, 14 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-05-12 00:00:00 +0200 (Mon, 12 May 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2926.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.57-3+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-