Debian Security Advisory DSA 1927-1 (linux-2.6)

2009-11-11T00:00:00

Description

The remote host is missing an update to linux-2.6 announced via advisory DSA 1927-1.

{"id": "OPENVAS:66207", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1927-1 (linux-2.6)", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1927-1.", "published": "2009-11-11T00:00:00", "modified": "2017-07-07T00:00:00", "epss": [{"cve": "CVE-2009-3621", "epss": 0.00045, "percentile": 0.12758, "modified": "2023-11-22"}, {"cve": "CVE-2009-3638", "epss": 0.00043, "percentile": 0.08172, "modified": "2023-11-22"}, {"cve": "CVE-2009-3238", "epss": 0.00172, "percentile": 0.54251, "modified": "2023-11-22"}, {"cve": "CVE-2009-3547", "epss": 0.00042, "percentile": 0.0576, "modified": "2023-11-22"}, {"cve": "CVE-2009-3620", "epss": 0.00044, "percentile": 0.10886, "modified": "2023-11-22"}, {"cve": "CVE-2009-3228", "epss": 0.00044, "percentile": 0.0853, "modified": "2023-11-22"}, {"cve": "CVE-2009-3612", "epss": 0.00044, "percentile": 0.0853, "modified": "2023-11-22"}], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=66207", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-3621", "CVE-2009-3638", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3228", "CVE-2009-3612"], "immutableFields": [], "lastseen": "2017-07-24T12:56:38", "viewCount": 25, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "canvas", "idList": ["FS_PIPE_RACE_TO_NULL"]}, {"type": "centos", "idList": ["CESA-2009:1106", "CESA-2009:1438", "CESA-2009:1522", "CESA-2009:1541", "CESA-2009:1548", "CESA-2009:1550", "CESA-2009:1670", "CESA-2009:1671"]}, {"type": "cve", "idList": ["CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3638"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1927-1:8E712", "DEBIAN:DSA-1928-1:AD816", "DEBIAN:DSA-1929-1:8AEEF", "DEBIAN:DSA-1962-1:0E26D"]}, {"type": "exploitdb", "idList": ["EDB-ID:40812"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:587E07B26CFC9328AECA2A6FF11BCAF8"]}, {"type": "fedora", "idList": ["FEDORA:2478710F7EA", "FEDORA:2DF3C10F88B", "FEDORA:41D6810F891", "FEDORA:52EFE10F85C", "FEDORA:5AA2F10FA12", "FEDORA:B0F721107BF", "FEDORA:B3FC210F880", "FEDORA:C07E810F9BD", "FEDORA:F394810F8A0"]}, {"type": "kitploit", "idList": ["KITPLOIT:5310354020898253604"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2009-1106.NASL", "CENTOS_RHSA-2009-1438.NASL", "CENTOS_RHSA-2009-1522.NASL", "CENTOS_RHSA-2009-1541.NASL", "CENTOS_RHSA-2009-1548.NASL", "CENTOS_RHSA-2009-1550.NASL", "CENTOS_RHSA-2009-1670.NASL", "CENTOS_RHSA-2009-1671.NASL", "DEBIAN_DSA-1927.NASL", "DEBIAN_DSA-1928.NASL", "DEBIAN_DSA-1929.NASL", "DEBIAN_DSA-1962.NASL", "FEDORA_2009-10639.NASL", "FEDORA_2009-11032.NASL", "FEDORA_2009-11038.NASL", "MANDRIVA_MDVSA-2009-329.NASL", "MANDRIVA_MDVSA-2010-088.NASL", "MANDRIVA_MDVSA-2010-188.NASL", "MANDRIVA_MDVSA-2010-198.NASL", "ORACLELINUX_ELSA-2009-1106.NASL", "ORACLELINUX_ELSA-2009-1438.NASL", "ORACLELINUX_ELSA-2009-1522.NASL", "ORACLELINUX_ELSA-2009-1541.NASL", "ORACLELINUX_ELSA-2009-1548.NASL", "ORACLELINUX_ELSA-2009-1550.NASL", "ORACLELINUX_ELSA-2009-1670.NASL", "ORACLELINUX_ELSA-2009-1671.NASL", "ORACLEVM_OVMSA-2009-0033.NASL", "ORACLEVM_OVMSA-2013-0039.NASL", "REDHAT-RHSA-2009-1106.NASL", "REDHAT-RHSA-2009-1438.NASL", "REDHAT-RHSA-2009-1522.NASL", "REDHAT-RHSA-2009-1541.NASL", "REDHAT-RHSA-2009-1548.NASL", "REDHAT-RHSA-2009-1550.NASL", "REDHAT-RHSA-2009-1587.NASL", "REDHAT-RHSA-2009-1588.NASL", "REDHAT-RHSA-2009-1670.NASL", "REDHAT-RHSA-2009-1671.NASL", "REDHAT-RHSA-2009-1672.NASL", "SL_20091022_KERNEL_ON_SL4_X.NASL", "SL_20091103_KERNEL_ON_SL3_X.NASL", "SL_20091103_KERNEL_ON_SL4_X.NASL", "SL_20091103_KERNEL_ON_SL5_X.NASL", "SL_20091215_KERNEL_ON_SL4_X.NASL", "SL_20091215_KERNEL_ON_SL5_X.NASL", "SUSE9_12541.NASL", "SUSE9_12578.NASL", "SUSE_11_0_KERNEL-100203.NASL", "SUSE_11_0_KVM-091113.NASL", "SUSE_11_1_KERNEL-091123.NASL", "SUSE_11_1_KVM-091113.NASL", "SUSE_11_2_KERNEL-091218.NASL", "SUSE_11_KERNEL-091123.NASL", "SUSE_11_KVM-091116.NASL", "SUSE_KERNEL-6632.NASL", "SUSE_KERNEL-6636.NASL", "SUSE_KERNEL-6637.NASL", "SUSE_KERNEL-6641.NASL", "SUSE_KERNEL-6694.NASL", "SUSE_KERNEL-6697.NASL", "SUSE_KERNEL-6726.NASL", "SUSE_KERNEL-6730.NASL", "UBUNTU_USN-852-1.NASL", "UBUNTU_USN-864-1.NASL", "VMWARE_VMSA-2010-0004.NASL", "VMWARE_VMSA-2010-0004_REMOTE.NASL", "VMWARE_VMSA-2010-0009.NASL", "VMWARE_VMSA-2010-0009_REMOTE.NASL", "VMWARE_VMSA-2010-0010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103468", "OPENVAS:1361412562310103468", "OPENVAS:1361412562310122408", "OPENVAS:1361412562310122422", "OPENVAS:1361412562310122474", "OPENVAS:136141256231066082", "OPENVAS:136141256231066117", "OPENVAS:136141256231066133", "OPENVAS:136141256231066174", "OPENVAS:136141256231066175", "OPENVAS:136141256231066176", "OPENVAS:136141256231066178", "OPENVAS:136141256231066200", "OPENVAS:136141256231066202", "OPENVAS:136141256231066207", "OPENVAS:136141256231066208", "OPENVAS:136141256231066209", "OPENVAS:136141256231066217", "OPENVAS:136141256231066218", "OPENVAS:136141256231066219", "OPENVAS:136141256231066276", "OPENVAS:136141256231066280", "OPENVAS:136141256231066289", "OPENVAS:136141256231066313", "OPENVAS:136141256231066352", "OPENVAS:136141256231066452", "OPENVAS:136141256231066460", "OPENVAS:136141256231066509", "OPENVAS:136141256231066534", "OPENVAS:136141256231066535", "OPENVAS:136141256231066581", "OPENVAS:136141256231066618", "OPENVAS:136141256231066622", "OPENVAS:1361412562310830939", "OPENVAS:1361412562310831024", "OPENVAS:1361412562310831170", "OPENVAS:1361412562310831196", "OPENVAS:1361412562310850120", "OPENVAS:1361412562310850125", "OPENVAS:1361412562310861615", "OPENVAS:1361412562310861694", "OPENVAS:1361412562310861742", "OPENVAS:1361412562310880731", "OPENVAS:1361412562310880764", "OPENVAS:1361412562310880808", "OPENVAS:1361412562310880828", "OPENVAS:1361412562310880838", "OPENVAS:1361412562310880873", "OPENVAS:66082", "OPENVAS:66117", "OPENVAS:66133", "OPENVAS:66174", "OPENVAS:66175", "OPENVAS:66176", "OPENVAS:66178", "OPENVAS:66200", "OPENVAS:66202", "OPENVAS:66208", "OPENVAS:66209", "OPENVAS:66217", "OPENVAS:66218", "OPENVAS:66219", "OPENVAS:66276", "OPENVAS:66280", "OPENVAS:66289", "OPENVAS:66313", "OPENVAS:66352", "OPENVAS:66452", "OPENVAS:66460", "OPENVAS:66509", "OPENVAS:66534", "OPENVAS:66535", "OPENVAS:66581", "OPENVAS:66618", "OPENVAS:66622", "OPENVAS:830939", "OPENVAS:831024", "OPENVAS:831170", "OPENVAS:831196", "OPENVAS:850120", "OPENVAS:850125", "OPENVAS:861615", "OPENVAS:861694", "OPENVAS:861742", "OPENVAS:880731", "OPENVAS:880764", "OPENVAS:880808", "OPENVAS:880828", "OPENVAS:880838", "OPENVAS:880873"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1106", "ELSA-2009-1438", "ELSA-2009-1522", "ELSA-2009-1541", "ELSA-2009-1548", "ELSA-2009-1550", "ELSA-2009-1670", "ELSA-2009-1671", "ELSA-2010-0178"]}, {"type": "osv", "idList": ["OSV:DSA-1927-1", "OSV:DSA-1928-1", "OSV:DSA-1929-1", "OSV:DSA-1962-1"]}, {"type": "prion", "idList": ["PRION:CVE-2009-3228", "PRION:CVE-2009-3238", "PRION:CVE-2009-3547", "PRION:CVE-2009-3612", "PRION:CVE-2009-3620", "PRION:CVE-2009-3621", "PRION:CVE-2009-3638"]}, {"type": "redhat", "idList": ["RHSA-2009:1081", "RHSA-2009:1106", "RHSA-2009:1438", "RHSA-2009:1522", "RHSA-2009:1540", "RHSA-2009:1541", "RHSA-2009:1548", "RHSA-2009:1550", "RHSA-2009:1587", "RHSA-2009:1588", "RHSA-2009:1670", "RHSA-2009:1671", "RHSA-2009:1672", "RHSA-2009:1692", "RHSA-2010:0882"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22752", "SECURITYVULNS:DOC:22992", "SECURITYVULNS:DOC:28783", "SECURITYVULNS:VULN:10380", "SECURITYVULNS:VULN:10490"]}, {"type": "seebug", "idList": ["SSV:12365", "SSV:12509", "SSV:12576", "SSV:12593"]}, {"type": "suse", "idList": ["SUSE-SA:2009:054", "SUSE-SA:2009:055", "SUSE-SA:2009:056", "SUSE-SA:2009:060", "SUSE-SA:2009:061", "SUSE-SA:2009:064", "SUSE-SA:2010:001", "SUSE-SA:2010:012", "SUSE-SA:2010:013"]}, {"type": "threatpost", "idList": ["THREATPOST:9B247D64D74F86C01215CC8DF7D85698"]}, {"type": "ubuntu", "idList": ["USN-852-1", "USN-864-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-3228", "UB:CVE-2009-3238", "UB:CVE-2009-3547", "UB:CVE-2009-3612", "UB:CVE-2009-3620", "UB:CVE-2009-3621", "UB:CVE-2009-3638"]}, {"type": "veracode", "idList": ["VERACODE:23877", "VERACODE:23879", "VERACODE:23917", "VERACODE:23918", "VERACODE:23919"]}, {"type": "vmware", "idList": ["VMSA-2010-0004", "VMSA-2010-0004.5", "VMSA-2010-0009", "VMSA-2010-0009.2", "VMSA-2010-0010"]}, {"type": "zdt", "idList": ["1337DAY-ID-26409"]}]}, "backreferences": {"references": [{"type": "canvas", "idList": ["FS_PIPE_RACE_TO_NULL"]}, {"type": "centos", "idList": ["CESA-2009:1106", "CESA-2009:1438", "CESA-2009:1522", "CESA-2009:1541", "CESA-2009:1548", "CESA-2009:1550", "CESA-2009:1670", "CESA-2009:1671"]}, {"type": "cve", "idList": ["CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3638"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1928-1:AD816"]}, {"type": "exploitdb", "idList": ["EDB-ID:40812"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:587E07B26CFC9328AECA2A6FF11BCAF8"]}, {"type": "fedora", "idList": ["FEDORA:F394810F8A0"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1928.NASL", "MANDRIVA_MDVSA-2010-188.NASL", "ORACLELINUX_ELSA-2009-1670.NASL", "SUSE_11_0_KVM-091113.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122422", "OPENVAS:136141256231066178", "OPENVAS:136141256231066218", "OPENVAS:1361412562310830939", "OPENVAS:1361412562310831170", "OPENVAS:66082", "OPENVAS:66452", "OPENVAS:831170", "OPENVAS:880731", "OPENVAS:880808"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1106", "ELSA-2009-1438", "ELSA-2009-1522", "ELSA-2009-1541", "ELSA-2009-1548", "ELSA-2009-1550", "ELSA-2009-1670", "ELSA-2009-1671"]}, {"type": "redhat", "idList": ["RHSA-2009:1106", "RHSA-2009:1438", "RHSA-2009:1522", "RHSA-2009:1541", "RHSA-2009:1548", "RHSA-2009:1588", "RHSA-2009:1670", "RHSA-2009:1671", "RHSA-2009:1692"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22752"]}, {"type": "seebug", "idList": ["SSV:12509", "SSV:12576"]}, {"type": "suse", "idList": ["SUSE-SA:2009:064"]}, {"type": "ubuntu", "idList": ["USN-864-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-3638"]}, {"type": "vmware", "idList": ["VMSA-2010-0010"]}, {"type": "zdt", "idList": ["1337DAY-ID-26409"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2009-3621", "epss": "0.000450000", "percentile": "0.123050000", "modified": "2023-03-15"}, {"cve": "CVE-2009-3638", "epss": "0.000430000", "percentile": "0.078230000", "modified": "2023-03-15"}, {"cve": "CVE-2009-3238", "epss": "0.001720000", "percentile": "0.525710000", "modified": "2023-03-15"}, {"cve": "CVE-2009-3547", "epss": "0.000420000", "percentile": "0.004980000", "modified": "2023-03-15"}, {"cve": "CVE-2009-3620", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2009-3228", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2009-3612", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}], "vulnersScore": 0.8}, "_state": {"dependencies": 1700686269, "score": 1700687045, "epss": 0}, "_internal": {"score_hash": "f429f4a61146707e9216f26be51f0489"}, "pluginID": "66207", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1927_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1927-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Notice: Debian 5.0.4, the next point release of Debian 'lenny', will\ninclude a new default value for the mmap_min_addr tunable. This\nchange will add an additional safeguard against a class of security\nvulnerabilities known as NULL pointer dereference vulnerabilities,\nbut it will need to be overridden when using certain applications.\nAdditional information about this change, including instructions for\nmaking this change locally in advance of 5.0.4 (recommended), can be\nfound at:\nhttp://wiki.debian.org/mmap_min_addr\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-3228\n\nEric Dumazet reported an instance of uninitialized kernel memory\nin the network packet scheduler. Local users may be able to\nexploit this issue to read the contents of sensitive kernel\nmemory.\n\nCVE-2009-3238\n\nLinus Torvalds provided a change to the get_random_int() function\nto increase its randomness.\n\nCVE-2009-3547\n\nEarl Chew discovered a NULL pointer dereference issue in the\npipe_rdwr_open function which can be used by local users to gain\nelevated privileges.\n\nCVE-2009-3612\n\nJiri Pirko discovered a typo in the initialization of a structure\nin the netlink subsystem that may allow local users to gain access\nto sensitive kernel memory.\n\nCVE-2009-3620\n\nBen Hutchings discovered an issue in the DRM manager for ATI Rage\n128 graphics adapters. Local users may be able to exploit this\nvulnerability to cause a denial of service (NULL pointer\ndereference).\n\nCVE-2009-3621\n\nTomoki Sekiyama discovered a deadlock condition in the UNIX domain\nsocket implementation. Local users can exploit this vulnerability\nto cause a denial of service (system hang).\n\nCVE-2009-3638\n\nDavid Wagner reported an overflow in the KVM subsystem on i386\nsystems. This issue is exploitable by local users with access to\nthe /dev/kvm device file.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-19lenny2.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in updates to linux-2.6 and linux-2.6.24.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1927-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201927-1\";\n\n\nif(description)\n{\n script_id(66207);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3638\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1927-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-19lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}

{"securityvulns": [{"lastseen": "2018-08-31T11:10:32", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-1927-1 security@debian.org\r\nhttp://www.debian.org/security/ dann frazier\r\nNovember 5, 2009 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : privilege escalation/denial of service/sensitive memory leak\r\nProblem type : local\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2009-3228 CVE-2009-3238 CVE-2009-3547 CVE-2009-3612\r\n CVE-2009-3620 CVE-2009-3621 CVE-2009-3638\r\n\r\nNotice: Debian 5.0.4, the next point release of Debian 'lenny', will\r\ninclude a new default value for the mmap_min_addr tunable. This\r\nchange will add an additional safeguard against a class of security\r\nvulnerabilities known as "NULL pointer dereference" vulnerabilities,\r\nbut it will need to be overridden when using certain applications.\r\nAdditional information about this change, including instructions for\r\nmaking this change locally in advance of 5.0.4 (recommended), can be\r\nfound at:\r\n http://wiki.debian.org/mmap_min_addr\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that\r\nmay lead to a denial of service, sensitive memory leak or privilege\r\nescalation. The Common Vulnerabilities and Exposures project\r\nidentifies the following problems:\r\n\r\nCVE-2009-3228\r\n\r\n Eric Dumazet reported an instance of uninitialized kernel memory\r\n in the network packet scheduler. Local users may be able to\r\n exploit this issue to read the contents of sensitive kernel\r\n memory.\r\n \r\nCVE-2009-3238\r\n\r\n Linus Torvalds provided a change to the get_random_int() function\r\n to increase its randomness.\r\n\r\nCVE-2009-3547\r\n\r\n Earl Chew discovered a NULL pointer dereference issue in the\r\n pipe_rdwr_open function which can be used by local users to gain\r\n elevated privileges.\r\n\r\nCVE-2009-3612\r\n\r\n Jiri Pirko discovered a typo in the initialization of a structure\r\n in the netlink subsystem that may allow local users to gain access\r\n to sensitive kernel memory.\r\n\r\nCVE-2009-3620\r\n\r\n Ben Hutchings discovered an issue in the DRM manager for ATI Rage\r\n 128 graphics adapters. Local users may be able to exploit this\r\n vulnerability to cause a denial of service (NULL pointer\r\n dereference).\r\n\r\nCVE-2009-3621\r\n\r\n Tomoki Sekiyama discovered a deadlock condition in the UNIX domain\r\n socket implementation. Local users can exploit this vulnerability\r\n to cause a denial of service (system hang).\r\n\r\nCVE-2009-3638\r\n\r\n David Wagner reported an overflow in the KVM subsystem on i386\r\n systems. This issue is exploitable by local users with access to\r\n the /dev/kvm device file.\r\n\r\nFor the stable distribution (lenny), this problem has been fixed in\r\nversion 2.6.26-19lenny2.\r\n\r\nFor the oldstable distribution (etch), these problems, where\r\napplicable, will be fixed in updates to linux-2.6 and linux-2.6.24.\r\n\r\nWe recommend that you upgrade your linux-2.6 and user-mode-linux\r\npackages.\r\n\r\nNote: Debian carefully tracks all known security issues across every\r\nlinux kernel package in all releases under active security support.\r\nHowever, given the high frequency at which low-severity security\r\nissues are discovered in the kernel and the resource requirements of\r\ndoing an update, updates for lower priority issues will normally not\r\nbe released for all kernels at the same time. Rather, they will be\r\nreleased in a staggered or "leap-frog" fashion.\r\n\r\nThe following matrix lists additional source packages that were\r\nrebuilt for compatibility with or to take advantage of this update:\r\n\r\n Debian 5.0 (lenny)\r\n user-mode-linux 2.6.26-1um-2+19lenny2\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, armel, hppa, i386,\r\nia64, and powerpc. Updates for other architectures will be released\r\nas they become available.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.dsc\r\n Size/MD5 checksum: 5778 8ea6c47c6f227f855a41deea57d988d8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.diff.gz\r\n Size/MD5 checksum: 7651053 5cf749f9817436c544df97bc0217f125\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz\r\n Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-19lenny2_all.deb\r\n Size/MD5 checksum: 106866 d25eeb65132ec68406d8fdf7ea340274\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-19lenny2_all.deb\r\n Size/MD5 checksum: 4627374 196ffe954d4e906638c7eb2bd22e310d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-19lenny2_all.deb\r\n Size/MD5 checksum: 2565284 0682418bd83f755a17a71435e535f91a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-19lenny2_all.deb\r\n Size/MD5 checksum: 48672074 5aa4d0110919b100a772509455b22757\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-19lenny2_all.deb\r\n Size/MD5 checksum: 1768032 cb95ea5101339c35d425ac1ba2f0ff02\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-19lenny2_all.deb\r\n Size/MD5 checksum: 122160 0d3dd77a86989aa6e6bdfbbf548d22a6\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 106376 891beea699175e77b6f4cdb1dbbd2377\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 363880 278fefb639e7029af6d5017dedefb500\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 28487296 beb21f0f222b507898406b051d161c25\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 106358 b4c10db49252b22e7019746743624712\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 741234 b08b288693ab9d0d3fa1e8141ba4f038\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 28471478 f412fb78f0dfac51f6e39a035538fe91\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 365312 9147bf190b4dce64fb4783b0c0aba8be\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 364408 66cd6736f72c0eedabbad596baac8888\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 29177668 abb9bcc21a5fcb0a7352a30fb7209ca1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_alpha.deb\r\n Size/MD5 checksum: 3543732 d84be29426f1d706617a6ad91d3b6109\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 389134 2ac60b6aaece8351c023cecbb4bd41ee\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 749556 c994eeb54dd967b5255448e80fa4911c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 389740 8b6b5b10fe023670ca8cf9326d46ccd0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 394262 8398b2d9ce752ffa39ac55b8f55fa1b7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 3719144 1fa20cc556fbfecdf0c2335a3c9edeee\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 106352 edb758613531f5c655c8451f1136b62a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 106378 dd749481c75a66f517551c6b21b3bbbb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 19274410 21621e01b880d1f222007e3101d255c6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 21053742 015990eedbce234dfa4facdf02f6ad60\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 3851500 355a9cc7757195196006160929313e78\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 20902812 3af1d1431ff5674b7aeaf41c784d3ba6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 3751848 f5289bf2c22a6112d13a9af6d4291226\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 1804900 8ea5afa2f5e29175e92975ef93144b9a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 106334 2620974dbbc17bbab4aefe183584a6da\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 3774804 8fa1254acec879820c17dd8e2e4eee56\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 20886016 71a1f29b66ee30cf7a63b77cddc71ec7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\r\n Size/MD5 checksum: 383280 0d0cad637c14a594b3ae424abf824608\r\n\r\narmel architecture (ARM EABI)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 365550 f97d5bcae3c5c5957781e6507d730780\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 12396344 04df2ffe832cba3ea1e299701069ca96\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 335184 ff1387cae5afb9c7b2d8b20ab546293f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 4136850 e7e7742e3ead70e194f540432bf93ba6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 747792 89242eec0e6f453f37b228ddb49e4e26\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 11680082 d9133e003cd603924930f1db870c6d46\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 106354 fce271c39eaa874f6a570b9298a13836\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 9575158 d8c6ec6842339c8d8391916c7b4a25c2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 11371016 edc9b10b99e73302ef1853db546ed6bb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 363118 ca61af313ac3687b042c82e4c56bd078\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 106390 d14317d669c70ea8458b0138105be3e0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb\r\n Size/MD5 checksum: 360844 1c7437e1e4de9358f7975feae74501f0\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 17070158 92d872205303ea622d1419d074b54737\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 296434 df3ddd0a0dbfa712201ff031bfc109c0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 16323830 9998a4deead3033e07f28a1cd0816136\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 297894 8cace7fc519c562d4b8657c75d230815\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 3594236 8d621635c43fb9540d4a68ef6d891a57\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 106356 f967499d62622f5f0833539c9eaf2359\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 106380 f518c1de9ce8dd272db1afa30e38999a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 15731364 d50829b0556bc7fef6e8c505db959ee2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 759840 faab7849f3cef86fbebc037cbd00fd76\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 17614856 6311929870350217721f7f194b6ff585\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 299160 57fd97b01842bbe74e37f443e346d695\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb\r\n Size/MD5 checksum: 298110 631076db8957d15ab8b0161a60e31734\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 398182 6f93bf37534bcfb9162b9985b83ee38f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20502134 d39255c90c67fddda4c3cb49ce6c93e1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20235868 99b3ed110df3b6b2bb6b06feb9d30b72\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 106354 835280ec5ad990b0bcebb988953bd5d9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20326344 9192cd01f84e7192159aefec2c4f8fb9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20208578 c118b5d6fc4f5007728d1ab804624cd8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 398052 88be8c6ce0726c87f3127e1ea8b1a382\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20175038 ee7bf2ce4d4557f9fdfb53790627ebac\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 3719206 0d8393bd6245aa3d23ef8938477d5f63\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20353680 67f48fcd0835fd230e8583cf2676cf09\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 398494 bf4ef1c3e9f35ec4dc0bfaeda1ee5516\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 3851592 94a16944e91f5594a6fa02115b680434\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 400332 d734fb2f035f0a6a041d13f5a3d95c6c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 749582 26580da1f40ffeeb17146765bbe241f8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 106348 b76709d63441fcc3e285d2a6dc999890\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 20864938 cc5255ece9764242c63b522abfd8a517\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 399328 c929aa19b40e7eea5ea885148c645a17\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 3751908 3b936dbeaf13b730ab8dd56e5ab726f9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 387338 03fd54819fb7176a176eeb4c2ff0209c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 403790 efa7179643f2f709cace01bb3f4a5580\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 3774936 088f38a8e9c79bb4ddc67e200ebee754\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 1591850 93ad5d17c9e8ac22c3544c8a9ad9eabd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 384698 5cc9137a10772a48628b0014e0dbbc15\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 106404 04d07f928e22a2150a2bb9188c6f1257\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\r\n Size/MD5 checksum: 18035618 641b34424aad0e9291713bd9e2bf96e5\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 355640 2bce0c1faefc019460e3eebca333a5fc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 3654768 d8fb31f9660b7c0ab42c77e89bf82f1f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 355064 cfb3eee78e3860b2e650716d5032bf5d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 3687386 2980814479dbd08d39bd9f92d3005838\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 355046 62fc734ea7fe9bc4bef1f8d8b65cc027\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 34349456 5cfb3ccf034f0ce13a5861507c4cb758\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 34103026 3cee486177d22e2fcd816b536d7ac3d3\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 106350 6265837dd3c0105bcba9d40c5b6966f9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 355698 27152c116ad66c7862f3890d36ac80ab\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 34288678 1540b7be96fbb68e4cc01d858c5ef5a4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 106384 bfb7eeaec3d89587561c56afec1816e9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 34165098 7a4fbe457d07807a74e9950a47975d49\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_ia64.deb\r\n Size/MD5 checksum: 748220 03f583157c7eef60269042b9a5a6d0bc\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 106358 5431bb9d2abe49fc1b186f44bf440cba\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 756032 fb287119a4cf07ef9d6d633ad30f7236\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 372504 9c0501a81bf32b1d0b8c939830d9789b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 23650232 ece0b68e6c9baa2e0f964d2bc7da21a2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 3856256 5a6eb8c2fe7930456cf5f3a1c257fed1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 23514630 0aa445df9e479dc6e266a97658c5c675\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 23453120 7fdf0e57cb3324433e8f5d3e71c5cb7c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 23619598 7eb565a76c6ab3318d32c134f7da26b0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 366586 3e8f8e0d8d9dc83a3e009bbdcca04d21\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 3890668 a75da89a00e2b5118869888ea03580ae\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 373766 78d152d9edb14f5d179dde50a0131ea7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 366686 4b13a456e727a9259685b74132c5b730\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 106396 33f493756428189d3acc36bde21631ed\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 365950 4149c4f9e6f3e0dc0fbb639a2f962cf8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb\r\n Size/MD5 checksum: 23216978 b0034a3be5877f2edebf6ec71c70a83e\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niD8DBQFK8vsShuANDBmkLRkRAuztAKCAAmojb32U5ekaEbI3lWTPLYayHQCfQwhe\r\nvHrSbR3EZNHJzNEAXPK0XqY=\r\n=Synp\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2009-11-08T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3638", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3228", "CVE-2009-3612"], "modified": "2009-11-08T00:00:00", "id": "SECURITYVULNS:DOC:22752", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22752", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:34", "description": "Information leakage, DoS conditions, privilege escalation.", "cvss3": {}, "published": "2009-11-08T00:00:00", "type": "securityvulns", "title": "Linux kernel multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-1883", "CVE-2009-3638", "CVE-2009-2910", "CVE-2009-3238", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3228", "CVE-2009-3612"], "modified": "2009-11-08T00:00:00", "id": "SECURITYVULNS:VULN:10380", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10380", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:32", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1962 security@debian.org\r\nhttp://www.debian.org/security/ Giuseppe Iuculano\r\nDecember 23, 2009 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : kvm\r\nVulnerability : several vulnerabilities\r\nProblem type : local\r\nDebian-specific: no\r\nDebian bugs : 557739 562075 562076\r\nCVE Ids : CVE-2009-3638 CVE-2009-3722 CVE-2009-4031\r\n\r\n\r\nSeveral vulnerabilities have been discovered in kvm, a full virtualization system.\r\nThe Common Vulnerabilities and Exposures project identifies the\r\nfollowing problems:\r\n\r\nCVE-2009-3638\r\n\r\nIt was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuid\r\nfunction. This allows local users to have an unspecified impact via a\r\nKVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.\r\n\r\n\r\nCVE-2009-3722\r\n\r\nIt was discovered that the handle_dr function in the KVM subsystem does not\r\nproperly verify the Current Privilege Level (CPL) before accessing a debug\r\nregister, which allows guest OS users to cause a denial of service (trap) on the\r\nhost OS via a crafted application.\r\n\r\n\r\nCVE-2009-4031\r\n\r\nIt was discovered that the do_insn_fetch function in the x86 emulator in the KVM\r\nsubsystem tries to interpret instructions that contain too many bytes to be\r\nvalid, which allows guest OS users to cause a denial of service (increased\r\nscheduling latency) on the host OS via unspecified manipulations related to SMP\r\nsupport.\r\n\r\n\r\nFor the stable distribution (lenny), these problems have been fixed in version\r\n72+dfsg-5~lenny4.\r\n\r\nFor the testing distribution (squeeze), and the unstable distribution (sid),\r\nthese problems will be fixed soon.\r\n\r\n\r\nWe recommend that you upgrade your kvm package.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,\r\nmips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg.orig.tar.gz\r\n Size/MD5 checksum: 3250251 899a66ae2ea94e994e06f637e1afef4a\r\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4.diff.gz\r\n Size/MD5 checksum: 42354 12a3490ebcba2c1e9aa2a86140eaa2e3\r\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4.dsc\r\n Size/MD5 checksum: 1349 95ea1b5511954549694e198b838e308c\r\n\r\nArchitecture independent packages:\r\n\r\n\r\nhttp://security.debian.org/pool/updates/main/k/kvm/kvm-source_72+dfsg-5~lenny4_all.deb\r\n Size/MD5 checksum: 158524 70f46f694afd3169ce16a4c84ee32eb6\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4_amd64.deb\r\n Size/MD5 checksum: 1105892 22f218058f3cc3f8d40ca9069ff151f9\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4_i386.deb\r\n Size/MD5 checksum: 1030580 ffdfcfce508514828bf455183e45f581\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAksyBNkACgkQNxpp46476ap5xwCfbTk6nO2gXApyg8SeYy/rSSzm\r\ndWoAoJonUeEVRVri9aWncSkWJ16w9CSU\r\n=HM9K\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2009-12-23T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-3638", "CVE-2009-3722", "CVE-2009-4031"], "modified": "2009-12-23T00:00:00", "id": "SECURITYVULNS:DOC:22992", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22992", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:35", "description": "Privilege escalation, DoS.", "cvss3": {}, "published": "2009-12-23T00:00:00", "type": "securityvulns", "title": "kvm virtualization multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-3638", "CVE-2009-3722", "CVE-2009-4031"], "modified": "2009-12-23T00:00:00", "id": "SECURITYVULNS:VULN:10490", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10490", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2023-11-29T12:48:50", "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1927-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nNovember 5, 2009 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/sensitive memory leak\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2009-3228 CVE-2009-3238 CVE-2009-3547 CVE-2009-3612\n CVE-2009-3620 CVE-2009-3621 CVE-2009-3638\n\nNotice: Debian 5.0.4, the next point release of Debian 'lenny', will\ninclude a new default value for the mmap_min_addr tunable. This\nchange will add an additional safeguard against a class of security\nvulnerabilities known as "NULL pointer dereference" vulnerabilities,\nbut it will need to be overridden when using certain applications.\nAdditional information about this change, including instructions for\nmaking this change locally in advance of 5.0.4 (recommended), can be\nfound at:\n http://wiki.debian.org/mmap_min_addr\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-3228\n\n Eric Dumazet reported an instance of uninitialized kernel memory\n in the network packet scheduler. Local users may be able to\n exploit this issue to read the contents of sensitive kernel\n memory.\n \nCVE-2009-3238\n\n Linus Torvalds provided a change to the get_random_int() function\n to increase its randomness.\n\nCVE-2009-3547\n\n Earl Chew discovered a NULL pointer dereference issue in the\n pipe_rdwr_open function which can be used by local users to gain\n elevated privileges.\n\nCVE-2009-3612\n\n Jiri Pirko discovered a typo in the initialization of a structure\n in the netlink subsystem that may allow local users to gain access\n to sensitive kernel memory.\n\nCVE-2009-3620\n\n Ben Hutchings discovered an issue in the DRM manager for ATI Rage\n 128 graphics adapters. Local users may be able to exploit this\n vulnerability to cause a denial of service (NULL pointer\n dereference).\n\nCVE-2009-3621\n\n Tomoki Sekiyama discovered a deadlock condition in the UNIX domain\n socket implementation. Local users can exploit this vulnerability\n to cause a denial of service (system hang).\n\nCVE-2009-3638\n\n David Wagner reported an overflow in the KVM subsystem on i386\n systems. This issue is exploitable by local users with access to\n the /dev/kvm device file.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-19lenny2.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in updates to linux-2.6 and linux-2.6.24.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux\npackages.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or "leap-frog" fashion.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update:\n\n Debian 5.0 (lenny)\n user-mode-linux 2.6.26-1um-2+19lenny2\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, armel, hppa, i386,\nia64, and powerpc. Updates for other architectures will be released\nas they become available.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.dsc\n Size/MD5 checksum: 5778 8ea6c47c6f227f855a41deea57d988d8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-19lenny2.diff.gz\n Size/MD5 checksum: 7651053 5cf749f9817436c544df97bc0217f125\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz\n Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-19lenny2_all.deb\n Size/MD5 checksum: 106866 d25eeb65132ec68406d8fdf7ea340274\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-19lenny2_all.deb\n Size/MD5 checksum: 4627374 196ffe954d4e906638c7eb2bd22e310d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-19lenny2_all.deb\n Size/MD5 checksum: 2565284 0682418bd83f755a17a71435e535f91a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-19lenny2_all.deb\n Size/MD5 checksum: 48672074 5aa4d0110919b100a772509455b22757\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-19lenny2_all.deb\n Size/MD5 checksum: 1768032 cb95ea5101339c35d425ac1ba2f0ff02\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-19lenny2_all.deb\n Size/MD5 checksum: 122160 0d3dd77a86989aa6e6bdfbbf548d22a6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 106376 891beea699175e77b6f4cdb1dbbd2377\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 363880 278fefb639e7029af6d5017dedefb500\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 28487296 beb21f0f222b507898406b051d161c25\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 106358 b4c10db49252b22e7019746743624712\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 741234 b08b288693ab9d0d3fa1e8141ba4f038\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 28471478 f412fb78f0dfac51f6e39a035538fe91\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 365312 9147bf190b4dce64fb4783b0c0aba8be\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 364408 66cd6736f72c0eedabbad596baac8888\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 29177668 abb9bcc21a5fcb0a7352a30fb7209ca1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_alpha.deb\n Size/MD5 checksum: 3543732 d84be29426f1d706617a6ad91d3b6109\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 389134 2ac60b6aaece8351c023cecbb4bd41ee\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 749556 c994eeb54dd967b5255448e80fa4911c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 389740 8b6b5b10fe023670ca8cf9326d46ccd0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 394262 8398b2d9ce752ffa39ac55b8f55fa1b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 3719144 1fa20cc556fbfecdf0c2335a3c9edeee\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 106352 edb758613531f5c655c8451f1136b62a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 106378 dd749481c75a66f517551c6b21b3bbbb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 19274410 21621e01b880d1f222007e3101d255c6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 21053742 015990eedbce234dfa4facdf02f6ad60\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 3851500 355a9cc7757195196006160929313e78\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 20902812 3af1d1431ff5674b7aeaf41c784d3ba6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 3751848 f5289bf2c22a6112d13a9af6d4291226\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 1804900 8ea5afa2f5e29175e92975ef93144b9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 106334 2620974dbbc17bbab4aefe183584a6da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 3774804 8fa1254acec879820c17dd8e2e4eee56\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 20886016 71a1f29b66ee30cf7a63b77cddc71ec7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-19lenny2_amd64.deb\n Size/MD5 checksum: 383280 0d0cad637c14a594b3ae424abf824608\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 365550 f97d5bcae3c5c5957781e6507d730780\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 12396344 04df2ffe832cba3ea1e299701069ca96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 335184 ff1387cae5afb9c7b2d8b20ab546293f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 4136850 e7e7742e3ead70e194f540432bf93ba6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 747792 89242eec0e6f453f37b228ddb49e4e26\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 11680082 d9133e003cd603924930f1db870c6d46\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 106354 fce271c39eaa874f6a570b9298a13836\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 9575158 d8c6ec6842339c8d8391916c7b4a25c2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 11371016 edc9b10b99e73302ef1853db546ed6bb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 363118 ca61af313ac3687b042c82e4c56bd078\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 106390 d14317d669c70ea8458b0138105be3e0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-19lenny2_armel.deb\n Size/MD5 checksum: 360844 1c7437e1e4de9358f7975feae74501f0\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 17070158 92d872205303ea622d1419d074b54737\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 296434 df3ddd0a0dbfa712201ff031bfc109c0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 16323830 9998a4deead3033e07f28a1cd0816136\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 297894 8cace7fc519c562d4b8657c75d230815\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 3594236 8d621635c43fb9540d4a68ef6d891a57\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 106356 f967499d62622f5f0833539c9eaf2359\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 106380 f518c1de9ce8dd272db1afa30e38999a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 15731364 d50829b0556bc7fef6e8c505db959ee2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 759840 faab7849f3cef86fbebc037cbd00fd76\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 17614856 6311929870350217721f7f194b6ff585\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 299160 57fd97b01842bbe74e37f443e346d695\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-19lenny2_hppa.deb\n Size/MD5 checksum: 298110 631076db8957d15ab8b0161a60e31734\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 398182 6f93bf37534bcfb9162b9985b83ee38f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20502134 d39255c90c67fddda4c3cb49ce6c93e1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20235868 99b3ed110df3b6b2bb6b06feb9d30b72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 106354 835280ec5ad990b0bcebb988953bd5d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20326344 9192cd01f84e7192159aefec2c4f8fb9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20208578 c118b5d6fc4f5007728d1ab804624cd8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 398052 88be8c6ce0726c87f3127e1ea8b1a382\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20175038 ee7bf2ce4d4557f9fdfb53790627ebac\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 3719206 0d8393bd6245aa3d23ef8938477d5f63\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20353680 67f48fcd0835fd230e8583cf2676cf09\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 398494 bf4ef1c3e9f35ec4dc0bfaeda1ee5516\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 3851592 94a16944e91f5594a6fa02115b680434\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 400332 d734fb2f035f0a6a041d13f5a3d95c6c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 749582 26580da1f40ffeeb17146765bbe241f8\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 106348 b76709d63441fcc3e285d2a6dc999890\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 20864938 cc5255ece9764242c63b522abfd8a517\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 399328 c929aa19b40e7eea5ea885148c645a17\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 3751908 3b936dbeaf13b730ab8dd56e5ab726f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 387338 03fd54819fb7176a176eeb4c2ff0209c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 403790 efa7179643f2f709cace01bb3f4a5580\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 3774936 088f38a8e9c79bb4ddc67e200ebee754\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 1591850 93ad5d17c9e8ac22c3544c8a9ad9eabd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 384698 5cc9137a10772a48628b0014e0dbbc15\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 106404 04d07f928e22a2150a2bb9188c6f1257\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-19lenny2_i386.deb\n Size/MD5 checksum: 18035618 641b34424aad0e9291713bd9e2bf96e5\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 355640 2bce0c1faefc019460e3eebca333a5fc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 3654768 d8fb31f9660b7c0ab42c77e89bf82f1f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 355064 cfb3eee78e3860b2e650716d5032bf5d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 3687386 2980814479dbd08d39bd9f92d3005838\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 355046 62fc734ea7fe9bc4bef1f8d8b65cc027\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 34349456 5cfb3ccf034f0ce13a5861507c4cb758\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 34103026 3cee486177d22e2fcd816b536d7ac3d3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 106350 6265837dd3c0105bcba9d40c5b6966f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 355698 27152c116ad66c7862f3890d36ac80ab\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 34288678 1540b7be96fbb68e4cc01d858c5ef5a4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 106384 bfb7eeaec3d89587561c56afec1816e9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 34165098 7a4fbe457d07807a74e9950a47975d49\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_ia64.deb\n Size/MD5 checksum: 748220 03f583157c7eef60269042b9a5a6d0bc\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 106358 5431bb9d2abe49fc1b186f44bf440cba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 756032 fb287119a4cf07ef9d6d633ad30f7236\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 372504 9c0501a81bf32b1d0b8c939830d9789b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 23650232 ece0b68e6c9baa2e0f964d2bc7da21a2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 3856256 5a6eb8c2fe7930456cf5f3a1c257fed1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 23514630 0aa445df9e479dc6e266a97658c5c675\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 23453120 7fdf0e57cb3324433e8f5d3e71c5cb7c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 23619598 7eb565a76c6ab3318d32c134f7da26b0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 366586 3e8f8e0d8d9dc83a3e009bbdcca04d21\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 3890668 a75da89a00e2b5118869888ea03580ae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 373766 78d152d9edb14f5d179dde50a0131ea7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 366686 4b13a456e727a9259685b74132c5b730\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 106396 33f493756428189d3acc36bde21631ed\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 365950 4149c4f9e6f3e0dc0fbb639a2f962cf8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-19lenny2_powerpc.deb\n Size/MD5 checksum: 23216978 b0034a3be5877f2edebf6ec71c70a83e\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2009-11-05T16:21:03", "type": "debian", "title": "[SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3638"], "modified": "2009-11-05T16:21:03", "id": "DEBIAN:DSA-1927-1:8E712", "href": "https://lists.debian.org/debian-security-announce/2009/msg00250.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-11-29T12:48:44", "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1929-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nNovember 5, 2009 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/sensitive memory leak\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2009-1883 CVE-2009-2909 CVE-2009-3001 CVE-2009-3002\n CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547\n CVE-2009-3612 CVE-2009-3621\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-1883\n\n Solar Designer discovered a missing capability check in the\n z90crypt driver or s390 systems. This vulnerability may allow\n a local user to gain elevated privileges.\n\nCVE-2009-2909\n\n Arjan van de Ven discovered an issue in the AX.25 protocol\n implementation. A specially crafted call to setsockopt() can\n result in a denial of service (kernel oops).\n\nCVE-2009-3001\n\n Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE\n 802.2 LLC implementation. This is not exploitable in the Debian\n lenny kernel as root privileges are required to exploit this\n issue.\n\nCVE-2009-3002\n\n Eric Dumazet fixed several sensitive memory leaks in the IrDA,\n X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area\n Network (CAN) implementations. Local users can exploit these\n issues to gain access to kernel memory.\n\nCVE-2009-3228\n\n Eric Dumazet reported an instance of uninitialized kernel memory\n in the network packet scheduler. Local users may be able to\n exploit this issue to read the contents of sensitive kernel\n memory.\n \nCVE-2009-3238\n\n Linus Torvalds provided a change to the get_random_int() function\n to increase its randomness.\n\nCVE-2009-3286\n\n Eric Paris discovered an issue with the NFSv4 server\n implementation. When an O_EXCL create fails, files may be left\n with corrupted permissions, possibly granting unintentional\n privileges to other local users.\n\nCVE-2009-3547\n\n Earl Chew discovered a NULL pointer dereference issue in the\n pipe_rdwr_open function which can be used by local users to gain\n elevated privileges.\n\nCVE-2009-3612\n\n Jiri Pirko discovered a typo in the initialization of a structure\n in the netlink subsystem that may allow local users to gain access\n to sensitive kernel memory.\n\nCVE-2009-3621\n\n Tomoki Sekiyama discovered a deadlock condition in the UNIX domain\n socket implementation. Local users can exploit this vulnerability\n to cause a denial of service (system hang).\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-26etch1.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\nuser-mode-linux packages.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch'\nconcludes. However, given the high frequency at which low-severity\nsecurity issues are discovered in the kernel and the resource\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\nupdates will typically release in a staggered or "leap-frog" fashion.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 4.0 (etch)\n fai-kernels 1.17+etch.26etch1\n user-mode-linux 2.6.18-1um-2etch.26etch1\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nOldstable updates are available for alpha, amd64, hppa, i386,\nia64, powerpc and s390 architectures. Updates for other\narchitectures will be released as the they become available.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-26etch1.diff.gz\n Size/MD5 checksum: 5514957 b9cb3b1e1ba1196b9020e6d07d48b752\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-26etch1.dsc\n Size/MD5 checksum: 5673 4ba2595893287a7b82713ca182aad7be\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-26etch1_all.deb\n Size/MD5 checksum: 3721660 836e780dd306ee60318d8ac1c28087eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-26etch1_all.deb\n Size/MD5 checksum: 41474520 7457b0e444adb6b31dbcda82768671cd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-26etch1_all.deb\n Size/MD5 checksum: 1852976 ec11d9e2967a87b27fac807f80218d0e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-26etch1_all.deb\n Size/MD5 checksum: 58896 e7dc19b1c3f0a22c1764420642117fa8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-26etch1_all.deb\n Size/MD5 checksum: 3593482 146e26a9c17bfa1a0a1fa198afdf1c70\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-26etch1_all.deb\n Size/MD5 checksum: 1091166 7a089920e547412d07cf1ef44e47bbb1\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 58290 7a1661641c432bc5a1e442a71f0584ac\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 58254 223e25b49b1ce3fefe9934ecdda7cec4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 23374558 fc6fad80b66536f0c86fe4a4923057fa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 266914 bd1cb44848eb7ed46418783e958046de\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 267502 b719376ff7b69b31e59f49010c249d17\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 23440762 aace7bef32f7f7f69e1aeed69d191c41\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 266308 228979a449e897802d4089909eef0326\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 2978226 214923bbb5171e2a3daa23ed31240118\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 267100 60048c2f207f0b00b1fab86639f3c276\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 23393346 1fcae90244756e9b1ed37b08a8e39b99\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 23752762 c6b5c665617a937c6caee0558daa8b2d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_alpha.deb\n Size/MD5 checksum: 3001856 cb672b346cd9b30717e4446ee2545fff\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 3339600 83ef8191115cf0c23599b2ad45da661c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 15279100 dba0ecedc142a8f29c08ff3cb35fc9e5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 3362362 7acf6afbec42d7e386e4e99f45e07849\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 16822140 04e89e226683aee6fc0f5e2d2751e258\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 277136 04ba98f1750e31f17a52caa0add3e419\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 3196356 37e16a42ebf900a63d15ec1c47bd2a2a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 15266172 647285195e9651e86fc78f47ca3e6aa3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 1687964 2556db55e5438dc01309d7d461f91ee3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 3173540 5e0fd0af39da8904a5fc459e00fe1592\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 276536 ac228fd76c2a64910f1194c39f5dd9a5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 274660 9817c928baacf675542085e0387cfedc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 16868682 d99a5ffc0a0c88dee5f8c279e3f96f64\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 58278 4825706649861dcc9afd8438f961ec6e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 1656646 633e8373c64bb27bc283e87300ebe6cf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 276056 60aec7d94ae1a1afa21cc68d5b7d3c53\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 58254 8bb6069f2f74da9b2bb5603898dc22e3\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 58240 51d240b42f43c2cb30c31f5c4bf2117c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_amd64.deb\n Size/MD5 checksum: 58254 31e336851095fea2499e594987acea4b\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 10563254 4486c3660f904e4bd439c370b7f97c69\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 11814740 f178d4aa3358d09a492436d29dbee5cb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 202308 42a4b6b6b9c2f711d4c3b932353457fb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 11404596 9bd75cb26f23cc0c012dbcc1458c547f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 11005460 01d3a246f1ffe6f368fa6ca9f4548e97\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 3026810 ef214434dcb13fe3bdd684bf580a6b9b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 203070 d50c921e10f3dd82ff85287acaf0b14f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 201556 da0a211d54dcd3e34fa29514c9934f9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 58368 9917c0b22afe4c440ec64ff6d2a608e4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 201912 163590408b3e663b5f8cfae14e3c89a5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_hppa.deb\n Size/MD5 checksum: 58338 58f6a43a14a89d67bb46c796e8bde247\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 290694 8a08177d6d4f46a20086b489ce4decf2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 280544 0ffbb9bc4aee76a067cebcec6f31f62e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 287894 831999c67686f31d2346b0fa6b4948aa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16543512 c0b9fdc137151b96ccb8198fab8b5f72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16931792 b73f3867a2efef757fcd111916116105\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 14401768 eb0e34a9dfc17344c471b158faeab021\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 58386 9ef707bff12f1cdb495a075c13325564\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 58324 a00b5e3696278aa2d9c59f16267e3d06\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16326580 3ad3c0068e6343b6e5f70f3c44fdb3d5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 289228 4fcd19b2eb92b4550dc4a7673acc4f62\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16645286 1b2290466641e1d9ef3ecf942180fe79\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 3215828 0c99ba0dd4abce66cda2fe6c554ccc03\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16517286 a729d0b07130c615d0d32d7b2ac46852\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 289284 183af751e23717e0ac5821f60959e5ad\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 14392520 cc51caf6cedda77521b7ee9065478392\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 288014 c4834561b492ff42175353c524e0cbd1\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 58340 7c463341e612b3159e0032aaf62ab5e1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16477446 5829e6f2dce15ae1f3f74ca4d4180847\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 291792 74558945d364674729b71b4d2598d1c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 1304666 d9f7fb52fe8d29a9880ebc697eaae90f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 3239372 a7e8ba983a1e45176d33b86871e3940e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 3117812 36cc1af70a13016e79224a3f90981ac8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 1332688 a1c7f6d7435eaeb22c4e7097611602e5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 278926 cf2ec90e9c683c7c5904e76145b2b562\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 3231506 8e9ff0b708e2e616072f569f0682fa11\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 16604666 4d7eb157fa109072d21ec472bbbb46f1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 280110 d34163dab810a30572c7c1a29b9efdb6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_i386.deb\n Size/MD5 checksum: 58326 bd8f5323a48ba297f6f404a4f26fd864\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 58254 d64ce41c696ae0af6e65348111b0e1c2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 58276 509dcd2833bd560ed6dccffc0a448593\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 259696 9e187526ddd2342af180682ab502f302\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 259718 b670f97d9bd044492111b7698ed228c3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 28023040 9c2dbc349ec7702f781f978f27987da9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 3087206 3638b390791d5053b67b060e6a124866\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-26etch1_ia64.deb\n Size/MD5 checksum: 28194506 228765e996a15ef56fc2cb94e74abeeb\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 3462292 f3f1c68ba029943c6054421c1ba23059\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 261230 26a45e4c0a77f21af0e5a6ffb0dc2b63\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 58266 f717cc289546c2037e4ca18aa630ceb9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 3486460 4c5d5df532d84da56f78e47ce6262d60\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 262664 e499f6e0e4278f5d4263c9a952877624\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 263770 d12d5f3fce934b3db4dd29d5349d84a4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 15240084 96adc4183855af04aaeca7db1d37a27e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 17113852 9db05c81e32ef07f342eb54374c6ac6e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 16727566 dfbc08d63a91ba7bef73dfca238559f7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 16506028 0f65a31aecb306f281348ad410174926\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 17068826 bc0941830a8d7369abaf876837a0c81e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 262882 d5d2a01011e0a9efea7a7b2c0cbacc41\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 18433752 23a6d8183e781a43469daf3cd7769fcb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 237826 90097f02a1ed0a29b81fe3bc64259696\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 58312 6330638237601d3ea55b2a80d1c54540\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 18384182 18eabc40e998896c8f77243e84f99458\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 254332 4ac0852bf3ba527f890f828ecd749284\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-26etch1_powerpc.deb\n Size/MD5 checksum: 262220 a5ee6d47da04555615ad2bab7f646b13\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 148246 96f1a25db3b6aa699af3ad7185a96bd2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 149402 44a4ec702fc2410f733aabe494c0f4e4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 148624 78919a54c4a93dbf395369a106c76b5b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 58276 133b1b15cca9cb34e07eae4f3ec4a3db\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 5410288 dd1b3737c133081f4b512c2a1ecb1cf6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 5626808 5b7dc2c64fac5988d6070a1cddeb19f3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 5672368 f31471a55f12bb17eade213d7672cb80\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 2971470 e546925e4309b61b6b598de04b6a1e5a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 1445974 f80e8929c0406cbae86ba2bdf6c611e2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 58256 3c413237e42a72c9b70f58cb65278ce9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-26etch1_s390.deb\n Size/MD5 checksum: 2948300 f57e56f38edd5977cf95012c373f9519\n\n These changes will probably be included in the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2009-11-06T00:51:43", "type": "debian", "title": "[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1883", "CVE-2009-2909", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3621"], "modified": "2009-11-06T00:51:43", "id": "DEBIAN:DSA-1929-1:8AEEF", "href": "https://lists.debian.org/debian-security-announce/2009/msg00252.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-11-29T12:48:59", "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1928-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nNovember 5, 2009 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6.24\nVulnerability : privilege escalation/denial of service/sensitive memory leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-2846 CVE-2009-2847 CVE-2009-2848 CVE-2009-2849\n CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910\n CVE-2009-3001 CVE-2009-3002 CVE-2009-3228 CVE-2009-3238\n CVE-2009-3286 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613\n CVE-2009-3620 CVE-2009-3621\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-2846\n\n Michael Buesch noticed a typing issue in the eisa-eeprom driver\n for the hppa architecture. Local users could exploit this issue to\n gain access to restricted memory.\n\nCVE-2009-2847\n\n Ulrich Drepper noticed an issue in the do_sigalstack routine on\n 64-bit systems. This issue allows local users to gain access to\n potentially sensitive memory on the kernel stack.\n\nCVE-2009-2848\n\n Eric Dumazet discovered an issue in the execve path, where the\n clear_child_tid variable was not being properly cleared. Local\n users could exploit this issue to cause a denial of service\n (memory corruption).\n\nCVE-2009-2849\n\n Neil Brown discovered an issue in the sysfs interface to md\n devices. When md arrays are not active, local users can exploit\n this vulnerability to cause a denial of service (oops).\n\nCVE-2009-2903\n\n Mark Smith discovered a memory leak in the appletalk\n implementation. When the appletalk and ipddp modules are loaded,\n but no ipddp"N" device is found, remote attackers can cause a\n denial of service by consuming large amounts of system memory.\n\nCVE-2009-2908\n\n Loic Minier discovered an issue in the eCryptfs filesystem. A\n local user can cause a denial of service (kernel oops) by causing\n a dentry value to go negative.\n\nCVE-2009-2909\n\n Arjan van de Ven discovered an issue in the AX.25 protocol\n implementation. A specially crafted call to setsockopt() can\n result in a denial of service (kernel oops).\n\nCVE-2009-2910\n\n Jan Beulich discovered the existence of a sensitive kernel memory\n leak. Systems running the 'amd64' kernel do not properly sanitize\n registers for 32-bit processes.\n\nCVE-2009-3001\n\n Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE\n 802.2 LLC implementation. This is not exploitable in the Debian\n lenny kernel as root privileges are required to exploit this\n issue.\n\nCVE-2009-3002\n\n Eric Dumazet fixed several sensitive memory leaks in the IrDA,\n X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area\n Network (CAN) implementations. Local users can exploit these\n issues to gain access to kernel memory.\n\nCVE-2009-3228\n\n Eric Dumazet reported an instance of uninitialized kernel memory\n in the network packet scheduler. Local users may be able to\n exploit this issue to read the contents of sensitive kernel\n memory.\n \nCVE-2009-3238\n\n Linus Torvalds provided a change to the get_random_int() function\n to increase its randomness.\n\nCVE-2009-3286\n\n Eric Paris discovered an issue with the NFSv4 server\n implementation. When an O_EXCL create fails, files may be left\n with corrupted permissions, possibly granting unintentional\n privileges to other local users.\n\nCVE-2009-3547\n\n Earl Chew discovered a NULL pointer dereference issue in the\n pipe_rdwr_open function which can be used by local users to gain\n elevated privileges.\n\nCVE-2009-3612\n\n Jiri Pirko discovered a typo in the initialization of a structure\n in the netlink subsystem that may allow local users to gain access\n to sensitive kernel memory.\n\nCVE-2009-3613\n\n Alistair Strachan reported an issue in the r8169 driver. Remote\n users can cause a denial of service (IOMMU space exhaustion and\n system crash) by transmitting a large amount of jumbo frames.\n\nCVE-2009-3620\n\n Ben Hutchings discovered an issue in the DRM manager for ATI Rage\n 128 graphics adapters. Local users may be able to exploit this\n vulnerability to cause a denial of service (NULL pointer\n dereference).\n\nCVE-2009-3621\n\n Tomoki Sekiyama discovered a deadlock condition in the UNIX domain\n socket implementation. Local users can exploit this vulnerability\n to cause a denial of service (system hang).\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.24-6~etchnhalf.9etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch'\nconcludes. However, given the high frequency at which low-severity\nsecurity issues are discovered in the kernel and the resource\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\nupdates will typically release in a staggered or "leap-frog" fashion.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nOldstable updates are available for alpha, amd64, hppa, i386, ia64, and mipsel.\nUpdates for other architectures will be released as the they become available.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch1.dsc\n Size/MD5 checksum: 5118 11c39e0f0505c5a71453ba177ec2f780\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.9etch1.diff.gz\n Size/MD5 checksum: 4062851 38835b393eaf53915dbee39ef0ef0bce\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz\n Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb\n Size/MD5 checksum: 4262022 bb1c503dcb847b700814d433cdddb1f9\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb\n Size/MD5 checksum: 83302 2a8576eb3003b7ba1ead19ad7ef6ce0c\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb\n Size/MD5 checksum: 1548296 3e044fb0d0bb8614f787f78fee86ce04\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb\n Size/MD5 checksum: 46864328 20c0417498421842a7175074aea06a0f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.9etch1_all.deb\n Size/MD5 checksum: 97672 b1aa55ab4464293f5dac5b38e05948bb\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.9etch1_all.deb\n Size/MD5 checksum: 964124 a40463a66e93920bdd639d2c70d870cb\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 82894 819512914da24a2d82d471a17a6126ea\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 332670 c249c0b58448936c450c26b1340994d0\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 26758158 1a5497e6cd4f62b36f4cfdae9a606e24\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 26737882 fc949e1dbc0d0c6c7688148babdfd5d1\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 3454880 83a5e26b99def049eec7571242778961\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 332158 8f3a3adf61a6e150763a383d4b566db2\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 330952 0ec11881ba63842e135d3752a765177d\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 82868 b5396790365bab5a2d032d1b3bece1ed\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.9etch1_alpha.deb\n Size/MD5 checksum: 27341634 d11f40ed34af0197de7f61ef07d30abb\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb\n Size/MD5 checksum: 354620 0decd6646f19383f6958e5d90b92e87b\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_amd64.deb\n Size/MD5 checksum: 82864 2869e673de24c9741042e2bb37f84d58\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_amd64.deb\n Size/MD5 checksum: 3650612 1b0f205b955558d402611693f783c495\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb\n Size/MD5 checksum: 19598112 ed3b7a91d93a116a4b175d173ad0f078\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.9etch1_amd64.deb\n Size/MD5 checksum: 82872 c560fbca727844a090f88f9d6569ed0b\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 82992 1604c10382bd677723af0a811fdb466f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 258316 90502abd75a09ceed13a5efd22e996c5\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 3445284 32e69244553a870750d771254d1c95bd\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 258996 fc63f1ef7e55c899b9ef2d736bc5e648\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 260542 97df4eda2fbd582dd6951bb1b7f31e85\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 14830274 fb45fe9d1b77d908d5adbb353b211994\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 261064 f5d2cbb6216c1ffebbd73153a75e75a5\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 83020 103285de6aad099908a2fedbbca24069\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 13847626 3c429ea0e61a446b3e7b13b943eafcb5\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 14374844 760d7850faff110d14494c86095aa45c\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.9etch1_hppa.deb\n Size/MD5 checksum: 13335298 2b476692a155f3f735f3af76f7170cd8\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 358770 0778828f3b2061e293f3aabc0aa78315\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 358342 3c8b34971bd6f2b69854328888aa4349\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 19146708 1818f00a12bc38f393e6d84f71afae73\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 82890 318cd7ef9d8b39d02da83a3a982f7c40\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 19481866 bb86c9b5a4944b48492a38f81ea38026\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 3655456 fb818a8696c619e5c9c7af73eec2b3c3\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 358104 388750612fda29fb362771823e54993c\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 19213920 bc5f6ef45349d25064125c5c34e78fde\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 19215890 868b1eb9c46677d9d97d0678b4a21894\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 346092 1874a566f494c8fa93946f7cdf71557f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_i386.deb\n Size/MD5 checksum: 82864 321874f0f13b6e236c428568a492cb90\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 82866 410b7f438b9b8468e3789058dcb31d63\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 32208224 154e3adb6765a43a000dcb9f9256db56\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 3568326 aa15646940c12e9f722d3668cca00270\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 82888 31354bcffa90ddfd3dd3905f37b53685\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 319102 7e62e5eadf5b3b8eecc22ccdfa57b19a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 319462 44040aba13eedc65922aa25a05fc8b86\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.9etch1_ia64.deb\n Size/MD5 checksum: 32025040 474e2842ef8f69677380db67882b0fb0\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 13317670 61df26ad246695fad18f2f76c3c5163f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 3804192 393d33cc947f3e091c5858ef9179a70a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 308984 157b8af3aa5634f7a516cdf5cc220836\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 309750 d7ff28e982746494de3626cd747287c5\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 21737172 78c5c433465bc97c6c16a49fea05b575\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 246818 884f377e13d22f6633a49d4c0367f848\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 82870 cacc5fac473c021a7e0c0f7103e1efc0\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 246614 31c1c45fab75abb6221285c152b23cfd\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 16567458 f1da961b02a1c60672349c1a9c19c9d1\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 82916 4b4d12b65b14c90ac9dda0c6303f9f5c\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 16631254 b956adbf57f77bc34f06ca58d0d6a73f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 26990038 bd115b24191672415033fb0d077e33e8\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.9etch1_mipsel.deb\n Size/MD5 checksum: 247676 99d036e308655b4fb11d460fd50c4dd1\n\n These changes will probably be included in the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2009-11-05T22:03:48", "type": "debian", "title": "[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2846", "CVE-2009-2847", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2903", "CVE-2009-2908", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2009-11-05T22:03:48", "id": "DEBIAN:DSA-1928-1:AD816", "href": "https://lists.debian.org/debian-security-announce/2009/msg00251.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-11-29T13:16:52", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1962 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nDecember 23, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kvm\nVulnerability : several vulnerabilities\nProblem type : local\nDebian-specific: no\nDebian bugs : 557739 562075 562076\nCVE Ids : CVE-2009-3638 CVE-2009-3722 CVE-2009-4031\n\n\nSeveral vulnerabilities have been discovered in kvm, a full virtualization system.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2009-3638\n\nIt was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuid\nfunction. This allows local users to have an unspecified impact via a\nKVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.\n\n\nCVE-2009-3722\n\nIt was discovered that the handle_dr function in the KVM subsystem does not\nproperly verify the Current Privilege Level (CPL) before accessing a debug\nregister, which allows guest OS users to cause a denial of service (trap) on the\nhost OS via a crafted application.\n\n\nCVE-2009-4031\n\nIt was discovered that the do_insn_fetch function in the x86 emulator in the KVM\nsubsystem tries to interpret instructions that contain too many bytes to be\nvalid, which allows guest OS users to cause a denial of service (increased\nscheduling latency) on the host OS via unspecified manipulations related to SMP\nsupport.\n\n\nFor the stable distribution (lenny), these problems have been fixed in version\n72+dfsg-5~lenny4.\n\nFor the testing distribution (squeeze), and the unstable distribution (sid),\nthese problems will be fixed soon.\n\n\nWe recommend that you upgrade your kvm package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,\nmips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg.orig.tar.gz\n Size/MD5 checksum: 3250251 899a66ae2ea94e994e06f637e1afef4a\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4.diff.gz\n Size/MD5 checksum: 42354 12a3490ebcba2c1e9aa2a86140eaa2e3\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4.dsc\n Size/MD5 checksum: 1349 95ea1b5511954549694e198b838e308c\n\nArchitecture independent packages:\n\n\nhttp://security.debian.org/pool/updates/main/k/kvm/kvm-source_72+dfsg-5~lenny4_all.deb\n Size/MD5 checksum: 158524 70f46f694afd3169ce16a4c84ee32eb6\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4_amd64.deb\n Size/MD5 checksum: 1105892 22f218058f3cc3f8d40ca9069ff151f9\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kvm/kvm_72+dfsg-5~lenny4_i386.deb\n Size/MD5 checksum: 1030580 ffdfcfce508514828bf455183e45f581\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2009-12-23T11:54:01", "type": "debian", "title": "[SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3638", "CVE-2009-3722", "CVE-2009-4031"], "modified": "2009-12-23T11:54:01", "id": "DEBIAN:DSA-1962-1:0E26D", "href": "https://lists.debian.org/debian-security-announce/2009/msg00284.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "osv": [{"lastseen": "2023-06-28T06:45:25", "description": "\nNotice: Debian 5.0.4, the next point release of Debian 'lenny', will\ninclude a new default value for the mmap\\_min\\_addr tunable. This\nchange will add an additional safeguard against a class of security\nvulnerabilities known as \"NULL pointer dereference\" vulnerabilities,\nbut it will need to be overridden when using certain applications.\nAdditional information about this change, including instructions for\nmaking this change locally in advance of 5.0.4 (recommended), can be\nfound at:\n<https://wiki.debian.org/mmap_min_addr>.\n\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\n\n* [CVE-2009-3228](https://security-tracker.debian.org/tracker/CVE-2009-3228)\nEric Dumazet reported an instance of uninitialized kernel memory\n in the network packet scheduler. Local users may be able to\n exploit this issue to read the contents of sensitive kernel\n memory.\n* [CVE-2009-3238](https://security-tracker.debian.org/tracker/CVE-2009-3238)\nLinus Torvalds provided a change to the get\\_random\\_int() function\n to increase its randomness.\n* [CVE-2009-3547](https://security-tracker.debian.org/tracker/CVE-2009-3547)\nEarl Chew discovered a NULL pointer dereference issue in the\n pipe\\_rdwr\\_open function which can be used by local users to gain\n elevated privileges.\n* [CVE-2009-3612](https://security-tracker.debian.org/tracker/CVE-2009-3612)\nJiri Pirko discovered a typo in the initialization of a structure\n in the netlink subsystem that may allow local users to gain access\n to sensitive kernel memory.\n* [CVE-2009-3620](https://security-tracker.debian.org/tracker/CVE-2009-3620)\nBen Hutchings discovered an issue in the DRM manager for ATI Rage\n 128 graphics adapters. Local users may be able to exploit this\n vulnerability to cause a denial of service (NULL pointer\n dereference).\n* [CVE-2009-3621](https://security-tracker.debian.org/tracker/CVE-2009-3621)\nTomoki Sekiyama discovered a deadlock condition in the UNIX domain\n socket implementation. Local users can exploit this vulnerability\n to cause a denial of service (system hang).\n* [CVE-2009-3638](https://security-tracker.debian.org/tracker/CVE-2009-3638)\nDavid Wagner reported an overflow in the KVM subsystem on i386\n systems. This issue is exploitable by local users with access to\n the /dev/kvm device file.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-19lenny2.\n\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in updates to linux-2.6 and linux-2.6.24.\n\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux\npackages.\n\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or \"leap-frog\" fashion.\n\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update:\n\n\n\n\n| | Debian 5.0 (lenny) |\n| --- | --- |\n| user-mode-linux | 2.6.26-1um-2+19lenny2 |\n\n\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2009-11-05T00:00:00", "type": "osv", "title": "linux-2.6 - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3638"], "modified": "2023-06-28T06:45:06", "id": "OSV:DSA-1927-1", "href": "https://osv.dev/vulnerability/DSA-1927-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-06-28T06:45:24", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\n\n* [CVE-2009-1883](https://security-tracker.debian.org/tracker/CVE-2009-1883)\nSolar Designer discovered a missing capability check in the\n z90crypt driver or s390 systems. This vulnerability may allow\n a local user to gain elevated privileges.\n* [CVE-2009-2909](https://security-tracker.debian.org/tracker/CVE-2009-2909)\nArjan van de Ven discovered an issue in the AX.25 protocol\n implementation. A specially crafted call to setsockopt() can\n result in a denial of service (kernel oops).\n* [CVE-2009-3001](https://security-tracker.debian.org/tracker/CVE-2009-3001)\nJiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE\n 802.2 LLC implementation. This is not exploitable in the Debian\n lenny kernel as root privileges are required to exploit this\n issue.\n* [CVE-2009-3002](https://security-tracker.debian.org/tracker/CVE-2009-3002)\nEric Dumazet fixed several sensitive memory leaks in the IrDA,\n X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area\n Network (CAN) implementations. Local users can exploit these\n issues to gain access to kernel memory.\n* [CVE-2009-3228](https://security-tracker.debian.org/tracker/CVE-2009-3228)\nEric Dumazet reported an instance of uninitialized kernel memory\n in the network packet scheduler. Local users may be able to\n exploit this issue to read the contents of sensitive kernel\n memory.\n* [CVE-2009-3238](https://security-tracker.debian.org/tracker/CVE-2009-3238)\nLinus Torvalds provided a change to the get\\_random\\_int() function\n to increase its randomness.\n* [CVE-2009-3286](https://security-tracker.debian.org/tracker/CVE-2009-3286)\nEric Paris discovered an issue with the NFSv4 server\n implementation. When an O\\_EXCL create fails, files may be left\n with corrupted permissions, possibly granting unintentional\n privileges to other local users.\n* [CVE-2009-3547](https://security-tracker.debian.org/tracker/CVE-2009-3547)\nEarl Chew discovered a NULL pointer dereference issue in the\n pipe\\_rdwr\\_open function which can be used by local users to gain\n elevated privileges.\n* [CVE-2009-3612](https://security-tracker.debian.org/tracker/CVE-2009-3612)\nJiri Pirko discovered a typo in the initialization of a structure\n in the netlink subsystem that may allow local users to gain access\n to sensitive kernel memory.\n* [CVE-2009-3621](https://security-tracker.debian.org/tracker/CVE-2009-3621)\nTomoki Sekiyama discovered a deadlock condition in the UNIX domain\n socket implementation. Local users can exploit this vulnerability\n to cause a denial of service (system hang).\n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-26etch1.\n\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\nuser-mode-linux packages.\n\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch'\nconcludes. However, given the high frequency at which low-severity\nsecurity issues are discovered in the kernel and the resource\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\nupdates will typically release in a staggered or \"leap-frog\" fashion.\n\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n\n\n\n| | Debian 4.0 (etch) |\n| --- | --- |\n| fai-kernels | 1.17+etch.26etch1 |\n| user-mode-linux | 2.6.18-1um-2etch.26etch1 |\n\n\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2009-11-05T00:00:00", "type": "osv", "title": "linux-2.6 - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1883", "CVE-2009-2909", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3621"], "modified": "2023-06-28T06:45:07", "id": "OSV:DSA-1929-1", "href": "https://osv.dev/vulnerability/DSA-1929-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-06-28T06:45:25", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\n\n* [CVE-2009-2846](https://security-tracker.debian.org/tracker/CVE-2009-2846)\nMichael Buesch noticed a typing issue in the eisa-eeprom driver\n for the hppa architecture. Local users could exploit this issue to\n gain access to restricted memory.\n* [CVE-2009-2847](https://security-tracker.debian.org/tracker/CVE-2009-2847)\nUlrich Drepper noticed an issue in the do\\_sigalstack routine on\n 64-bit systems. This issue allows local users to gain access to\n potentially sensitive memory on the kernel stack.\n* [CVE-2009-2848](https://security-tracker.debian.org/tracker/CVE-2009-2848)\nEric Dumazet discovered an issue in the execve path, where the\n clear\\_child\\_tid variable was not being properly cleared. Local\n users could exploit this issue to cause a denial of service\n (memory corruption).\n* [CVE-2009-2849](https://security-tracker.debian.org/tracker/CVE-2009-2849)\nNeil Brown discovered an issue in the sysfs interface to md\n devices. When md arrays are not active, local users can exploit\n this vulnerability to cause a denial of service (oops).\n* [CVE-2009-2903](https://security-tracker.debian.org/tracker/CVE-2009-2903)\nMark Smith discovered a memory leak in the appletalk\n implementation. When the appletalk and ipddp modules are loaded,\n but no ipddp\"N\" device is found, remote attackers can cause a\n denial of service by consuming large amounts of system memory.\n* [CVE-2009-2908](https://security-tracker.debian.org/tracker/CVE-2009-2908)\nLoic Minier discovered an issue in the eCryptfs filesystem. A\n local user can cause a denial of service (kernel oops) by causing\n a dentry value to go negative.\n* [CVE-2009-2909](https://security-tracker.debian.org/tracker/CVE-2009-2909)\nArjan van de Ven discovered an issue in the AX.25 protocol\n implementation. A specially crafted call to setsockopt() can\n result in a denial of service (kernel oops).\n* [CVE-2009-2910](https://security-tracker.debian.org/tracker/CVE-2009-2910)\nJan Beulich discovered the existence of a sensitive kernel memory\n leak. Systems running the 'amd64' kernel do not properly sanitize\n registers for 32-bit processes.\n* [CVE-2009-3001](https://security-tracker.debian.org/tracker/CVE-2009-3001)\nJiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE\n 802.2 LLC implementation. This is not exploitable in the Debian\n lenny kernel as root privileges are required to exploit this\n issue.\n* [CVE-2009-3002](https://security-tracker.debian.org/tracker/CVE-2009-3002)\nEric Dumazet fixed several sensitive memory leaks in the IrDA,\n X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area\n Network (CAN) implementations. Local users can exploit these\n issues to gain access to kernel memory.\n* [CVE-2009-3228](https://security-tracker.debian.org/tracker/CVE-2009-3228)\nEric Dumazet reported an instance of uninitialized kernel memory\n in the network packet scheduler. Local users may be able to\n exploit this issue to read the contents of sensitive kernel\n memory.\n \n* [CVE-2009-3238](https://security-tracker.debian.org/tracker/CVE-2009-3238)\nLinus Torvalds provided a change to the get\\_random\\_int() function\n to increase its randomness.\n\n* [CVE-2009-3286](https://security-tracker.debian.org/tracker/CVE-2009-3286)\nEric Paris discovered an issue with the NFSv4 server\n implementation. When an O\\_EXCL create fails, files may be left\n with corrupted permissions, possibly granting unintentional\n privileges to other local users.\n\n* [CVE-2009-3547](https://security-tracker.debian.org/tracker/CVE-2009-3547)\nEarl Chew discovered a NULL pointer dereference issue in the\n pipe\\_rdwr\\_open function which can be used by local users to gain\n elevated privileges.\n\n* [CVE-2009-3612](https://security-tracker.debian.org/tracker/CVE-2009-3612)\nJiri Pirko discovered a typo in the initialization of a structure\n in the netlink subsystem that may allow local users to gain access\n to sensitive kernel memory.\n\n* [CVE-2009-3613](https://security-tracker.debian.org/tracker/CVE-2009-3613)\nAlistair Strachan reported an issue in the r8169 driver. Remote\n users can cause a denial of service (IOMMU space exhaustion and\n system crash) by transmitting a large amount of jumbo frames.\n\n* [CVE-2009-3620](https://security-tracker.debian.org/tracker/CVE-2009-3620)\nBen Hutchings discovered an issue in the DRM manager for ATI Rage\n 128 graphics adapters. Local users may be able to exploit this\n vulnerability to cause a denial of service (NULL pointer\n dereference).\n\n* [CVE-2009-3621](https://security-tracker.debian.org/tracker/CVE-2009-3621)\nTomoki Sekiyama discovered a deadlock condition in the UNIX domain\n socket implementation. Local users can exploit this vulnerability\n to cause a denial of service (system hang).\n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.24-6~etchnhalf.9etch1.\n\n\nWe recommend that you upgrade your linux-2.6.24 packages.\n\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch'\nconcludes. However, given the high frequency at which low-severity\nsecurity issues are discovered in the kernel and the resource\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\nupdates will typically release in a staggered or \"leap-frog\" fashion.\n\n\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2009-11-05T00:00:00", "type": "osv", "title": "linux-2.6.24 - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2846", "CVE-2009-2847", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2903", "CVE-2009-2908", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2023-06-28T06:45:07", "id": "OSV:DSA-1928-1", "href": "https://osv.dev/vulnerability/DSA-1928-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-08-10T07:08:46", "description": "\nSeveral vulnerabilities have been discovered in kvm, a full virtualization system.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\n* [CVE-2009-3638](https://security-tracker.debian.org/tracker/CVE-2009-3638)\nIt was discovered an Integer overflow in the kvm\\_dev\\_ioctl\\_get\\_supported\\_cpuid\nfunction. This allows local users to have an unspecified impact via a\nKVM\\_GET\\_SUPPORTED\\_CPUID request to the kvm\\_arch\\_dev\\_ioctl function.\n* [CVE-2009-3722](https://security-tracker.debian.org/tracker/CVE-2009-3722)\nIt was discovered that the handle\\_dr function in the KVM subsystem does not\nproperly verify the Current Privilege Level (CPL) before accessing a debug\nregister, which allows guest OS users to cause a denial of service (trap) on the\nhost OS via a crafted application.\n* [CVE-2009-4031](https://security-tracker.debian.org/tracker/CVE-2009-4031)\nIt was discovered that the do\\_insn\\_fetch function in the x86 emulator in the KVM\nsubsystem tries to interpret instructions that contain too many bytes to be\nvalid, which allows guest OS users to cause a denial of service (increased\nscheduling latency) on the host OS via unspecified manipulations related to SMP\nsupport.\n\n\nFor the stable distribution (lenny), these problems have been fixed in version\n72+dfsg-5~lenny4.\n\n\nFor the testing distribution (squeeze), and the unstable distribution (sid),\nthese problems will be fixed soon.\n\n\nWe recommend that you upgrade your kvm package.\n\n\n", "cvss3": {}, "published": "2009-12-23T00:00:00", "type": "osv", "title": "kvm - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3638", "CVE-2009-3722", "CVE-2009-4031"], "modified": "2022-08-10T07:08:33", "id": "OSV:DSA-1962-1", "href": "https://osv.dev/vulnerability/DSA-1962-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-11-29T14:41:24", "description": "Notice: Debian 5.0.4, the next point release of Debian 'lenny', will include a new default value for the mmap_min_addr tunable. This change will add an additional safeguard against a class of security vulnerabilities known as 'NULL pointer dereference' vulnerabilities, but it will need to be overridden when using certain applications.\nAdditional information about this change, including instructions for making this change locally in advance of 5.0.4 (recommended), can be found at: https://wiki.debian.org/mmap_min_addr.\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-3228 Eric Dumazet reported an instance of uninitialized kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory.\n\n - CVE-2009-3238 Linus Torvalds provided a change to the get_random_int() function to increase its randomness.\n\n - CVE-2009-3547 Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges.\n\n - CVE-2009-3612 Jiri Pirko discovered a typo in the initialization of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory.\n\n - CVE-2009-3620 Ben Hutchings discovered an issue in the DRM manager for ATI Rage 128 graphics adapters. Local users may be able to exploit this vulnerability to cause a denial of service (NULL pointer dereference).\n\n - CVE-2009-3621 Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service (system hang).\n\n - CVE-2009-3638 David Wagner reported an overflow in the KVM subsystem on i386 systems. This issue is exploitable by local users with access to the /dev/kvm device file.", "cvss3": {}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1927-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3638"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1927.NASL", "href": "https://www.tenable.com/plugins/nessus/44792", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1927. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44792);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3638\");\n script_bugtraq_id(36304, 36723, 36788, 36803, 36824, 36827, 36901);\n script_xref(name:\"DSA\", value:\"1927\");\n\n script_name(english:\"Debian DSA-1927-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Notice: Debian 5.0.4, the next point release of Debian 'lenny', will\ninclude a new default value for the mmap_min_addr tunable. This change\nwill add an additional safeguard against a class of security\nvulnerabilities known as 'NULL pointer dereference' vulnerabilities,\nbut it will need to be overridden when using certain applications.\nAdditional information about this change, including instructions for\nmaking this change locally in advance of 5.0.4 (recommended), can be\nfound at: https://wiki.debian.org/mmap_min_addr.\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-3228\n Eric Dumazet reported an instance of uninitialized\n kernel memory in the network packet scheduler. Local\n users may be able to exploit this issue to read the\n contents of sensitive kernel memory.\n\n - CVE-2009-3238\n Linus Torvalds provided a change to the get_random_int()\n function to increase its randomness.\n\n - CVE-2009-3547\n Earl Chew discovered a NULL pointer dereference issue in\n the pipe_rdwr_open function which can be used by local\n users to gain elevated privileges.\n\n - CVE-2009-3612\n Jiri Pirko discovered a typo in the initialization of a\n structure in the netlink subsystem that may allow local\n users to gain access to sensitive kernel memory.\n\n - CVE-2009-3620\n Ben Hutchings discovered an issue in the DRM manager for\n ATI Rage 128 graphics adapters. Local users may be able\n to exploit this vulnerability to cause a denial of\n service (NULL pointer dereference).\n\n - CVE-2009-3621\n Tomoki Sekiyama discovered a deadlock condition in the\n UNIX domain socket implementation. Local users can\n exploit this vulnerability to cause a denial of service\n (system hang).\n\n - CVE-2009-3638\n David Wagner reported an overflow in the KVM subsystem\n on i386 systems. This issue is exploitable by local\n users with access to the /dev/kvm device file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.debian.org/mmap_min_addr\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1927\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-19lenny2.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in updates to linux-2.6 and linux-2.6.24.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update :\n\n Debian 5.0 (lenny) \n user-mode-linux 2.6.26-1um-2+19lenny2\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 189, 200, 310, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"linux-doc-2.6.26\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-486\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686-bigmem\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-alpha\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-armel\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-hppa\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-i386\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-ia64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-powerpc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-generic\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-legacy\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-openvz\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-vserver\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-xen\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-iop32x\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-itanium\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-ixp4xx\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-mckinley\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-orion5x\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-versatile\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-itanium\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-486\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686-bigmem\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-generic\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-legacy\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-iop32x\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-itanium\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-ixp4xx\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-mckinley\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-orion5x\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc-smp\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-versatile\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-itanium\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-libc-dev\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-manual-2.6.26\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-patch-debian-2.6.26\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-source-2.6.26\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-support-2.6.26-2\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-tree-2.6.26\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-686\", reference:\"2.6.26-19lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-amd64\", reference:\"2.6.26-19lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:37:48", "description": "Update to kernel 2.6.27.38:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.38\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-11-06T00:00:00", "type": "nessus", "title": "Fedora 10 : kernel-2.6.27.38-170.2.113.fc10 (2009-11038)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3638"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-11038.NASL", "href": "https://www.tenable.com/plugins/nessus/42402", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11038.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42402);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3638\");\n script_bugtraq_id(36723, 36803, 36824, 36827, 36901);\n script_xref(name:\"FEDORA\", value:\"2009-11038\");\n\n script_name(english:\"Fedora 10 : kernel-2.6.27.38-170.2.113.fc10 (2009-11038)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.27.38:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.38\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.38\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?395e6259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=528868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=529597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=529626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=530490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=530515\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/030686.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88d0a7ab\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 189, 200, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kernel-2.6.27.38-170.2.113.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:00:00", "description": "- Tue Nov 3 2009 Kyle McMartin <kyle at redhat.com> 2.6.30.9-96\n\n - fs/pipe.c: fix NULL pointer dereference (CVE-2009-3547)\n\n - Sun Oct 25 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-95\n\n - Disable the stack protector on functions that don't have onstack arrays.\n\n - Thu Oct 22 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-94\n\n - Fix overflow in KVM cpuid code. (CVE-2009-3638)\n\n - Thu Oct 22 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-93\n\n - Fix exploitable oops in keyring code (CVE-2009-3624)\n\n - Wed Oct 21 2009 Kyle McMartin <kyle at redhat.com>\n\n - shut-up-LOCK_TEST_WITH_RETURN.patch: sort out #445331... or paper bag over it for now until the lock warnings can be killed.\n\n - Mon Oct 19 2009 Kyle McMartin <kyle at redhat.com>\n\n - af_unix-fix-deadlock-connecting-to-shutdown-socket.pat ch: fix for rhbz#529626 local DoS. (CVE-2009-3621)\n\n - Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-90\n\n - Fix null deref in r128 (F10#487546) (CVE-2009-3620)\n\n - Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-89\n\n - Keyboard and mouse fixes from 2.6.32 (#522126)\n\n - Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-88\n\n - Scheduler wakeup patch, fixes high latency on wakeup (sched-update-the-clock-of-runqueue-select-task-rq-sel ected.patch)\n\n - Fri Oct 16 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-87\n\n - Fix uninitialized data leak in netlink (CVE-2009-3612)\n\n - Thu Oct 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-86\n\n - AX.25 security fix (CVE-2009-2909)\n\n - Thu Oct 15 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-85\n\n - Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it causes failure to boot from USB disks using Cypress bridges (#524998)\n\n - Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-84\n\n - Copy libata drive detection fix from 2.6.31.4 (#524756)\n\n - Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-83\n\n - Networking fixes taken from 2.6.31-stable\n\n - Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-82\n\n - Fix boot hang with ACPI on some systems.\n\n - Mon Oct 12 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-81\n\n - Critical ftrace fixes:\n ftrace-use-module-notifier-for-function-tracer.patch ftrace-check-for-failure-for-all-conversions.patch tracing-correct-module-boundaries-for-ftrace_release.p atch\n\n - Thu Oct 8 2009 Ben Skeggs <bskeggs at redhat.com> 2.6.30.9-80\n\n - ppc: compile nvidiafb as a module only, nvidiafb+nouveau = bang! (rh#491308)\n\n - Wed Oct 7 2009 Dave Jones <davej at redhat.com> 2.6.30.9-78\n\n - Disable IRQSOFF tracer. (Adds unnecessary overhead when unused)\n\n - Wed Oct 7 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-77\n\n - eCryptfs fixes taken from 2.6.31.2 (fixes CVE-2009-2908)\n\n - Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-76\n\n - fix race in forcedeth network driver (#526546)\n\n - Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-75\n\n - x86: Don't leak 64-bit reg contents to 32-bit tasks.\n\n - Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.30.9-74\n\n[plus 194 lines in the Changelog]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-11-06T00:00:00", "type": "nessus", "title": "Fedora 11 : kernel-2.6.30.9-96.fc11 (2009-11032)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2908", "CVE-2009-2909", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3624", "CVE-2009-3638"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-11032.NASL", "href": "https://www.tenable.com/plugins/nessus/42400", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11032.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42400);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-3621\", \"CVE-2009-3624\", \"CVE-2009-3638\");\n script_bugtraq_id(36723, 36793, 36803, 36901);\n script_xref(name:\"FEDORA\", value:\"2009-11032\");\n\n script_name(english:\"Fedora 11 : kernel-2.6.30.9-96.fc11 (2009-11032)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Tue Nov 3 2009 Kyle McMartin <kyle at redhat.com>\n 2.6.30.9-96\n\n - fs/pipe.c: fix NULL pointer dereference\n (CVE-2009-3547)\n\n - Sun Oct 25 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-95\n\n - Disable the stack protector on functions that don't\n have onstack arrays.\n\n - Thu Oct 22 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-94\n\n - Fix overflow in KVM cpuid code. (CVE-2009-3638)\n\n - Thu Oct 22 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-93\n\n - Fix exploitable oops in keyring code (CVE-2009-3624)\n\n - Wed Oct 21 2009 Kyle McMartin <kyle at redhat.com>\n\n - shut-up-LOCK_TEST_WITH_RETURN.patch: sort out\n #445331... or paper bag over it for now until the lock\n warnings can be killed.\n\n - Mon Oct 19 2009 Kyle McMartin <kyle at redhat.com>\n\n -\n af_unix-fix-deadlock-connecting-to-shutdown-socket.pat\n ch: fix for rhbz#529626 local DoS. (CVE-2009-3621)\n\n - Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-90\n\n - Fix null deref in r128 (F10#487546) (CVE-2009-3620)\n\n - Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-89\n\n - Keyboard and mouse fixes from 2.6.32 (#522126)\n\n - Sat Oct 17 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-88\n\n - Scheduler wakeup patch, fixes high latency on wakeup\n (sched-update-the-clock-of-runqueue-select-task-rq-sel\n ected.patch)\n\n - Fri Oct 16 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-87\n\n - Fix uninitialized data leak in netlink (CVE-2009-3612)\n\n - Thu Oct 15 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-86\n\n - AX.25 security fix (CVE-2009-2909)\n\n - Thu Oct 15 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-85\n\n - Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it\n causes failure to boot from USB disks using Cypress\n bridges (#524998)\n\n - Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-84\n\n - Copy libata drive detection fix from 2.6.31.4\n (#524756)\n\n - Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-83\n\n - Networking fixes taken from 2.6.31-stable\n\n - Tue Oct 13 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-82\n\n - Fix boot hang with ACPI on some systems.\n\n - Mon Oct 12 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-81\n\n - Critical ftrace fixes:\n ftrace-use-module-notifier-for-function-tracer.patch\n ftrace-check-for-failure-for-all-conversions.patch\n tracing-correct-module-boundaries-for-ftrace_release.p\n atch\n\n - Thu Oct 8 2009 Ben Skeggs <bskeggs at redhat.com>\n 2.6.30.9-80\n\n - ppc: compile nvidiafb as a module only,\n nvidiafb+nouveau = bang! (rh#491308)\n\n - Wed Oct 7 2009 Dave Jones <davej at redhat.com>\n 2.6.30.9-78\n\n - Disable IRQSOFF tracer. (Adds unnecessary overhead\n when unused)\n\n - Wed Oct 7 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-77\n\n - eCryptfs fixes taken from 2.6.31.2 (fixes\n CVE-2009-2908)\n\n - Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-76\n\n - fix race in forcedeth network driver (#526546)\n\n - Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-75\n\n - x86: Don't leak 64-bit reg contents to 32-bit tasks.\n\n - Tue Oct 6 2009 Chuck Ebbert <cebbert at redhat.com>\n 2.6.30.9-74\n\n[plus 194 lines in the Changelog]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=529626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=530283\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=530490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=530515\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/030674.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2c4aae2b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(189, 310, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"kernel-2.6.30.9-96.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-25T16:44:23", "description": "From Red Hat Security Advisory 2009:1670 :\n\nUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it. A local user on a system with an NFSv4 share mounted could possibly use this flaw to cause a denial of service or escalate their privileges.\n(CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was not initialized properly before being copied to user-space. This could lead to an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service.\n(CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference flaws.\n\nBug fixes :\n\n* frequently changing a CPU between online and offline caused a kernel panic on some systems. (BZ#545583)\n\n* for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent could receive incorrect data, preventing correct data transfer.\n(BZ#529308)\n\n* pciehp could not detect PCI Express hot plug slots on some systems.\n(BZ#530383)\n\n* soft lockups: inotify race and contention on dcache_lock.\n(BZ#533822, BZ#537019)\n\n* priority ordered lists are now used for threads waiting for a given mutex. (BZ#533858)\n\n* a deadlock in DLM could cause GFS2 file systems to lock up.\n(BZ#533859)\n\n* use-after-free bug in the audit subsystem crashed certain systems when running usermod. (BZ#533861)\n\n* on certain hardware configurations, a kernel panic when the Broadcom iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n* qla2xxx: Enabled MSI-X, and correctly handle the module parameter to control it. This improves performance for certain systems. (BZ#537020)\n\n* system crash when reading the cpuaffinity file on a system.\n(BZ#537346)\n\n* suspend-resume problems on systems with lots of logical CPUs, e.g.\nBX-EX. (BZ#539674)\n\n* off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n* TSC was not made available on systems with multi-clustered APICs.\nThis could cause slow performance for time-sensitive applications.\n(BZ#539676)\n\n* ACPI: ARB_DISABLE now disabled on platforms that do not need it.\n(BZ#539677)\n\n* fix node to core and power-aware scheduling issues, and a kernel panic during boot on certain AMD Opteron processors. (BZ#539678, BZ#540469, BZ#539680, BZ#539682)\n\n* APIC timer interrupt issues on some AMD Opteron systems prevented achieving full power savings. (BZ#539681)\n\n* general OProfile support for some newer Intel processors.\n(BZ#539683)\n\n* system crash during boot when NUMA is enabled on systems using MC and kernel-xen. (BZ#539684)\n\n* on some larger systems, performance issues due to a spinlock.\n(BZ#539685)\n\n* APIC errors when IOMMU is enabled on some AMD Opteron systems.\n(BZ#539687)\n\n* on some AMD Opteron systems, repeatedly taking a CPU offline then online caused a system hang. (BZ#539688)\n\n* I/O page fault errors on some systems. (BZ#539689)\n\n* certain memory configurations could cause the kernel-xen kernel to fail to boot on some AMD Opteron systems. (BZ#539690)\n\n* NMI watchdog is now disabled for offline CPUs. (BZ#539691)\n\n* duplicate directories in /proc/acpi/processor/ on BX-EX systems.\n(BZ#539692)\n\n* links did not come up when using bnx2x with certain Broadcom devices. (BZ#540381)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2009-1670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1670.NASL", "href": "https://www.tenable.com/plugins/nessus/67972", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1670 and \n# Oracle Linux Security Advisory ELSA-2009-1670 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67972);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_bugtraq_id(36723, 36824, 36827, 36936);\n script_xref(name:\"RHSA\", value:\"2009:1670\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2009-1670)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1670 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if\nthe Concurrent Command Engine state was initialized were missing in\nprivate IOCTL functions. An attacker could use these flaws to cause a\nlocal denial of service or escalate their privileges. (CVE-2009-3620,\nImportant)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been\nopened on the server before performing locking operations on it. A\nlocal user on a system with an NFSv4 share mounted could possibly use\nthis flaw to cause a denial of service or escalate their privileges.\n(CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function\nwas not initialized properly before being copied to user-space. This\ncould lead to an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in\nthe shutdown state. This could lead to a deadlock. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nBug fixes :\n\n* frequently changing a CPU between online and offline caused a kernel\npanic on some systems. (BZ#545583)\n\n* for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands\nsent could receive incorrect data, preventing correct data transfer.\n(BZ#529308)\n\n* pciehp could not detect PCI Express hot plug slots on some systems.\n(BZ#530383)\n\n* soft lockups: inotify race and contention on dcache_lock.\n(BZ#533822, BZ#537019)\n\n* priority ordered lists are now used for threads waiting for a given\nmutex. (BZ#533858)\n\n* a deadlock in DLM could cause GFS2 file systems to lock up.\n(BZ#533859)\n\n* use-after-free bug in the audit subsystem crashed certain systems\nwhen running usermod. (BZ#533861)\n\n* on certain hardware configurations, a kernel panic when the Broadcom\niSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n* qla2xxx: Enabled MSI-X, and correctly handle the module parameter to\ncontrol it. This improves performance for certain systems. (BZ#537020)\n\n* system crash when reading the cpuaffinity file on a system.\n(BZ#537346)\n\n* suspend-resume problems on systems with lots of logical CPUs, e.g.\nBX-EX. (BZ#539674)\n\n* off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n* TSC was not made available on systems with multi-clustered APICs.\nThis could cause slow performance for time-sensitive applications.\n(BZ#539676)\n\n* ACPI: ARB_DISABLE now disabled on platforms that do not need it.\n(BZ#539677)\n\n* fix node to core and power-aware scheduling issues, and a kernel\npanic during boot on certain AMD Opteron processors. (BZ#539678,\nBZ#540469, BZ#539680, BZ#539682)\n\n* APIC timer interrupt issues on some AMD Opteron systems prevented\nachieving full power savings. (BZ#539681)\n\n* general OProfile support for some newer Intel processors.\n(BZ#539683)\n\n* system crash during boot when NUMA is enabled on systems using MC\nand kernel-xen. (BZ#539684)\n\n* on some larger systems, performance issues due to a spinlock.\n(BZ#539685)\n\n* APIC errors when IOMMU is enabled on some AMD Opteron systems.\n(BZ#539687)\n\n* on some AMD Opteron systems, repeatedly taking a CPU offline then\nonline caused a system hang. (BZ#539688)\n\n* I/O page fault errors on some systems. (BZ#539689)\n\n* certain memory configurations could cause the kernel-xen kernel to\nfail to boot on some AMD Opteron systems. (BZ#539690)\n\n* NMI watchdog is now disabled for offline CPUs. (BZ#539691)\n\n* duplicate directories in /proc/acpi/processor/ on BX-EX systems.\n(BZ#539692)\n\n* links did not come up when using bnx2x with certain Broadcom\ndevices. (BZ#540381)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-December/001284.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-1670\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-164.9.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-164.9.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:01:26", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it. A local user on a system with an NFSv4 share mounted could possibly use this flaw to cause a denial of service or escalate their privileges.\n(CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was not initialized properly before being copied to user-space. This could lead to an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service.\n(CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference flaws.\n\nBug fixes :\n\n* frequently changing a CPU between online and offline caused a kernel panic on some systems. (BZ#545583)\n\n* for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent could receive incorrect data, preventing correct data transfer.\n(BZ#529308)\n\n* pciehp could not detect PCI Express hot plug slots on some systems.\n(BZ#530383)\n\n* soft lockups: inotify race and contention on dcache_lock.\n(BZ#533822, BZ#537019)\n\n* priority ordered lists are now used for threads waiting for a given mutex. (BZ#533858)\n\n* a deadlock in DLM could cause GFS2 file systems to lock up.\n(BZ#533859)\n\n* use-after-free bug in the audit subsystem crashed certain systems when running usermod. (BZ#533861)\n\n* on certain hardware configurations, a kernel panic when the Broadcom iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n* qla2xxx: Enabled MSI-X, and correctly handle the module parameter to control it. This improves performance for certain systems. (BZ#537020)\n\n* system crash when reading the cpuaffinity file on a system.\n(BZ#537346)\n\n* suspend-resume problems on systems with lots of logical CPUs, e.g.\nBX-EX. (BZ#539674)\n\n* off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n* TSC was not made available on systems with multi-clustered APICs.\nThis could cause slow performance for time-sensitive applications.\n(BZ#539676)\n\n* ACPI: ARB_DISABLE now disabled on platforms that do not need it.\n(BZ#539677)\n\n* fix node to core and power-aware scheduling issues, and a kernel panic during boot on certain AMD Opteron processors. (BZ#539678, BZ#540469, BZ#539680, BZ#539682)\n\n* APIC timer interrupt issues on some AMD Opteron systems prevented achieving full power savings. (BZ#539681)\n\n* general OProfile support for some newer Intel processors.\n(BZ#539683)\n\n* system crash during boot when NUMA is enabled on systems using MC and kernel-xen. (BZ#539684)\n\n* on some larger systems, performance issues due to a spinlock.\n(BZ#539685)\n\n* APIC errors when IOMMU is enabled on some AMD Opteron systems.\n(BZ#539687)\n\n* on some AMD Opteron systems, repeatedly taking a CPU offline then online caused a system hang. (BZ#539688)\n\n* I/O page fault errors on some systems. (BZ#539689)\n\n* certain memory configurations could cause the kernel-xen kernel to fail to boot on some AMD Opteron systems. (BZ#539690)\n\n* NMI watchdog is now disabled for offline CPUs. (BZ#539691)\n\n* duplicate directories in /proc/acpi/processor/ on BX-EX systems.\n(BZ#539692)\n\n* links did not come up when using bnx2x with certain Broadcom devices. (BZ#540381)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-12-16T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:1670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.4"], "id": "REDHAT-RHSA-2009-1670.NASL", "href": "https://www.tenable.com/plugins/nessus/43168", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1670. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43168);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_bugtraq_id(36723, 36824, 36827, 36936);\n script_xref(name:\"RHSA\", value:\"2009:1670\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:1670)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if\nthe Concurrent Command Engine state was initialized were missing in\nprivate IOCTL functions. An attacker could use these flaws to cause a\nlocal denial of service or escalate their privileges. (CVE-2009-3620,\nImportant)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been\nopened on the server before performing locking operations on it. A\nlocal user on a system with an NFSv4 share mounted could possibly use\nthis flaw to cause a denial of service or escalate their privileges.\n(CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function\nwas not initialized properly before being copied to user-space. This\ncould lead to an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in\nthe shutdown state. This could lead to a deadlock. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nBug fixes :\n\n* frequently changing a CPU between online and offline caused a kernel\npanic on some systems. (BZ#545583)\n\n* for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands\nsent could receive incorrect data, preventing correct data transfer.\n(BZ#529308)\n\n* pciehp could not detect PCI Express hot plug slots on some systems.\n(BZ#530383)\n\n* soft lockups: inotify race and contention on dcache_lock.\n(BZ#533822, BZ#537019)\n\n* priority ordered lists are now used for threads waiting for a given\nmutex. (BZ#533858)\n\n* a deadlock in DLM could cause GFS2 file systems to lock up.\n(BZ#533859)\n\n* use-after-free bug in the audit subsystem crashed certain systems\nwhen running usermod. (BZ#533861)\n\n* on certain hardware configurations, a kernel panic when the Broadcom\niSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n* qla2xxx: Enabled MSI-X, and correctly handle the module parameter to\ncontrol it. This improves performance for certain systems. (BZ#537020)\n\n* system crash when reading the cpuaffinity file on a system.\n(BZ#537346)\n\n* suspend-resume problems on systems with lots of logical CPUs, e.g.\nBX-EX. (BZ#539674)\n\n* off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n* TSC was not made available on systems with multi-clustered APICs.\nThis could cause slow performance for time-sensitive applications.\n(BZ#539676)\n\n* ACPI: ARB_DISABLE now disabled on platforms that do not need it.\n(BZ#539677)\n\n* fix node to core and power-aware scheduling issues, and a kernel\npanic during boot on certain AMD Opteron processors. (BZ#539678,\nBZ#540469, BZ#539680, BZ#539682)\n\n* APIC timer interrupt issues on some AMD Opteron systems prevented\nachieving full power savings. (BZ#539681)\n\n* general OProfile support for some newer Intel processors.\n(BZ#539683)\n\n* system crash during boot when NUMA is enabled on systems using MC\nand kernel-xen. (BZ#539684)\n\n* on some larger systems, performance issues due to a spinlock.\n(BZ#539685)\n\n* APIC errors when IOMMU is enabled on some AMD Opteron systems.\n(BZ#539687)\n\n* on some AMD Opteron systems, repeatedly taking a CPU offline then\nonline caused a system hang. (BZ#539688)\n\n* I/O page fault errors on some systems. (BZ#539689)\n\n* certain memory configurations could cause the kernel-xen kernel to\nfail to boot on some AMD Opteron systems. (BZ#539690)\n\n* NMI watchdog is now disabled for offline CPUs. (BZ#539691)\n\n* duplicate directories in /proc/acpi/processor/ on BX-EX systems.\n(BZ#539692)\n\n* links did not come up when using bnx2x with certain Broadcom\ndevices. (BZ#540381)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3726\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-20536\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/20484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1670\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1670\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1670\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-164.9.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-164.9.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:18:39", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it. A local user on a system with an NFSv4 share mounted could possibly use this flaw to cause a denial of service or escalate their privileges.\n(CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was not initialized properly before being copied to user-space. This could lead to an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service.\n(CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference flaws.\n\nBug fixes :\n\n* frequently changing a CPU between online and offline caused a kernel panic on some systems. (BZ#545583)\n\n* for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent could receive incorrect data, preventing correct data transfer.\n(BZ#529308)\n\n* pciehp could not detect PCI Express hot plug slots on some systems.\n(BZ#530383)\n\n* soft lockups: inotify race and contention on dcache_lock.\n(BZ#533822, BZ#537019)\n\n* priority ordered lists are now used for threads waiting for a given mutex. (BZ#533858)\n\n* a deadlock in DLM could cause GFS2 file systems to lock up.\n(BZ#533859)\n\n* use-after-free bug in the audit subsystem crashed certain systems when running usermod. (BZ#533861)\n\n* on certain hardware configurations, a kernel panic when the Broadcom iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n* qla2xxx: Enabled MSI-X, and correctly handle the module parameter to control it. This improves performance for certain systems. (BZ#537020)\n\n* system crash when reading the cpuaffinity file on a system.\n(BZ#537346)\n\n* suspend-resume problems on systems with lots of logical CPUs, e.g.\nBX-EX. (BZ#539674)\n\n* off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n* TSC was not made available on systems with multi-clustered APICs.\nThis could cause slow performance for time-sensitive applications.\n(BZ#539676)\n\n* ACPI: ARB_DISABLE now disabled on platforms that do not need it.\n(BZ#539677)\n\n* fix node to core and power-aware scheduling issues, and a kernel panic during boot on certain AMD Opteron processors. (BZ#539678, BZ#540469, BZ#539680, BZ#539682)\n\n* APIC timer interrupt issues on some AMD Opteron systems prevented achieving full power savings. (BZ#539681)\n\n* general OProfile support for some newer Intel processors.\n(BZ#539683)\n\n* system crash during boot when NUMA is enabled on systems using MC and kernel-xen. (BZ#539684)\n\n* on some larger systems, performance issues due to a spinlock.\n(BZ#539685)\n\n* APIC errors when IOMMU is enabled on some AMD Opteron systems.\n(BZ#539687)\n\n* on some AMD Opteron systems, repeatedly taking a CPU offline then online caused a system hang. (BZ#539688)\n\n* I/O page fault errors on some systems. (BZ#539689)\n\n* certain memory configurations could cause the kernel-xen kernel to fail to boot on some AMD Opteron systems. (BZ#539690)\n\n* NMI watchdog is now disabled for offline CPUs. (BZ#539691)\n\n* duplicate directories in /proc/acpi/processor/ on BX-EX systems.\n(BZ#539692)\n\n* links did not come up when using bnx2x with certain Broadcom devices. (BZ#540381)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2009:1670)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-1670.NASL", "href": "https://www.tenable.com/plugins/nessus/43812", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1670 and \n# CentOS Errata and Security Advisory 2009:1670 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43812);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_bugtraq_id(36723, 36824, 36827, 36936);\n script_xref(name:\"RHSA\", value:\"2009:1670\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2009:1670)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if\nthe Concurrent Command Engine state was initialized were missing in\nprivate IOCTL functions. An attacker could use these flaws to cause a\nlocal denial of service or escalate their privileges. (CVE-2009-3620,\nImportant)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been\nopened on the server before performing locking operations on it. A\nlocal user on a system with an NFSv4 share mounted could possibly use\nthis flaw to cause a denial of service or escalate their privileges.\n(CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function\nwas not initialized properly before being copied to user-space. This\ncould lead to an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in\nthe shutdown state. This could lead to a deadlock. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nBug fixes :\n\n* frequently changing a CPU between online and offline caused a kernel\npanic on some systems. (BZ#545583)\n\n* for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands\nsent could receive incorrect data, preventing correct data transfer.\n(BZ#529308)\n\n* pciehp could not detect PCI Express hot plug slots on some systems.\n(BZ#530383)\n\n* soft lockups: inotify race and contention on dcache_lock.\n(BZ#533822, BZ#537019)\n\n* priority ordered lists are now used for threads waiting for a given\nmutex. (BZ#533858)\n\n* a deadlock in DLM could cause GFS2 file systems to lock up.\n(BZ#533859)\n\n* use-after-free bug in the audit subsystem crashed certain systems\nwhen running usermod. (BZ#533861)\n\n* on certain hardware configurations, a kernel panic when the Broadcom\niSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n* qla2xxx: Enabled MSI-X, and correctly handle the module parameter to\ncontrol it. This improves performance for certain systems. (BZ#537020)\n\n* system crash when reading the cpuaffinity file on a system.\n(BZ#537346)\n\n* suspend-resume problems on systems with lots of logical CPUs, e.g.\nBX-EX. (BZ#539674)\n\n* off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n* TSC was not made available on systems with multi-clustered APICs.\nThis could cause slow performance for time-sensitive applications.\n(BZ#539676)\n\n* ACPI: ARB_DISABLE now disabled on platforms that do not need it.\n(BZ#539677)\n\n* fix node to core and power-aware scheduling issues, and a kernel\npanic during boot on certain AMD Opteron processors. (BZ#539678,\nBZ#540469, BZ#539680, BZ#539682)\n\n* APIC timer interrupt issues on some AMD Opteron systems prevented\nachieving full power savings. (BZ#539681)\n\n* general OProfile support for some newer Intel processors.\n(BZ#539683)\n\n* system crash during boot when NUMA is enabled on systems using MC\nand kernel-xen. (BZ#539684)\n\n* on some larger systems, performance issues due to a spinlock.\n(BZ#539685)\n\n* APIC errors when IOMMU is enabled on some AMD Opteron systems.\n(BZ#539687)\n\n* on some AMD Opteron systems, repeatedly taking a CPU offline then\nonline caused a system hang. (BZ#539688)\n\n* I/O page fault errors on some systems. (BZ#539689)\n\n* certain memory configurations could cause the kernel-xen kernel to\nfail to boot on some AMD Opteron systems. (BZ#539690)\n\n* NMI watchdog is now disabled for offline CPUs. (BZ#539691)\n\n* duplicate directories in /proc/acpi/processor/ on BX-EX systems.\n(BZ#539692)\n\n* links did not come up when using bnx2x with certain Broadcom\ndevices. (BZ#540381)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-December/016374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a646dec9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-December/016375.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b39f64d1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-164.9.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:36:09", "description": "Security fixes :\n\n - NULL pointer dereference flaws in the r128 driver.\n Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions.\n An attacker could use these flaws to cause a local denial of service or escalate their privileges.\n (CVE-2009-3620, Important)\n\n - a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it. A local user on a system with an NFSv4 share mounted could possibly use this flaw to cause a denial of service or escalate their privileges. (CVE-2009-3726, Important)\n\n - a flaw in tcf_fill_node(). A certain data structure in this function was not initialized properly before being copied to user-space. This could lead to an information leak. (CVE-2009-3612, Moderate)\n\n - unix_stream_connect() did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nBug fixes :\n\n - frequently changing a CPU between online and offline caused a kernel panic on some systems. (BZ#545583)\n\n - for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent could receive incorrect data, preventing correct data transfer. (BZ#529308)\n\n - pciehp could not detect PCI Express hot plug slots on some systems. (BZ#530383)\n\n - soft lockups: inotify race and contention on dcache_lock. (BZ#533822, BZ#537019)\n\n - priority ordered lists are now used for threads waiting for a given mutex. (BZ#533858)\n\n - a deadlock in DLM could cause GFS2 file systems to lock up. (BZ#533859)\n\n - use-after-free bug in the audit subsystem crashed certain systems when running usermod. (BZ#533861)\n\n - on certain hardware configurations, a kernel panic when the Broadcom iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n - qla2xxx: Enabled MSI-X, and correctly handle the module parameter to control it. This improves performance for certain systems. (BZ#537020)\n\n - system crash when reading the cpuaffinity file on a system. (BZ#537346)\n\n - suspend-resume problems on systems with lots of logical CPUs, e.g. BX-EX. (BZ#539674)\n\n - off-by-one error in the legacy PCI bus check.\n (BZ#539675)\n\n - TSC was not made available on systems with multi-clustered APICs. This could cause slow performance for time-sensitive applications. (BZ#539676)\n\n - ACPI: ARB_DISABLE now disabled on platforms that do not need it. (BZ#539677)\n\n - fix node to core and power-aware scheduling issues, and a kernel panic during boot on certain AMD Opteron processors. (BZ#539678, BZ#540469, BZ#539680, BZ#539682)\n\n - APIC timer interrupt issues on some AMD Opteron systems prevented achieving full power savings. (BZ#539681)\n\n - general OProfile support for some newer Intel processors. (BZ#539683)\n\n - system crash during boot when NUMA is enabled on systems using MC and kernel-xen. (BZ#539684)\n\n - on some larger systems, performance issues due to a spinlock. (BZ#539685)\n\n - APIC errors when IOMMU is enabled on some AMD Opteron systems. (BZ#539687)\n\n - on some AMD Opteron systems, repeatedly taking a CPU offline then online caused a system hang. (BZ#539688)\n\n - I/O page fault errors on some systems. (BZ#539689)\n\n - certain memory configurations could cause the kernel-xen kernel to fail to boot on some AMD Opteron systems.\n (BZ#539690)\n\n - NMI watchdog is now disabled for offline CPUs.\n (BZ#539691)\n\n - duplicate directories in /proc/acpi/processor/ on BX-EX systems. (BZ#539692)\n\n - links did not come up when using bnx2x with certain Broadcom devices. (BZ#540381)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091215_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60706", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60706);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes :\n\n - NULL pointer dereference flaws in the r128 driver.\n Checks to test if the Concurrent Command Engine state\n was initialized were missing in private IOCTL functions.\n An attacker could use these flaws to cause a local\n denial of service or escalate their privileges.\n (CVE-2009-3620, Important)\n\n - a NULL pointer dereference flaw in the NFSv4\n implementation. Several NFSv4 file locking functions\n failed to check whether a file had been opened on the\n server before performing locking operations on it. A\n local user on a system with an NFSv4 share mounted could\n possibly use this flaw to cause a denial of service or\n escalate their privileges. (CVE-2009-3726, Important)\n\n - a flaw in tcf_fill_node(). A certain data structure in\n this function was not initialized properly before being\n copied to user-space. This could lead to an information\n leak. (CVE-2009-3612, Moderate)\n\n - unix_stream_connect() did not check if a UNIX domain\n socket was in the shutdown state. This could lead to a\n deadlock. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2009-3621, Moderate)\n\nBug fixes :\n\n - frequently changing a CPU between online and offline\n caused a kernel panic on some systems. (BZ#545583)\n\n - for the LSI Logic LSI53C1030 Ultra320 SCSI controller,\n read commands sent could receive incorrect data,\n preventing correct data transfer. (BZ#529308)\n\n - pciehp could not detect PCI Express hot plug slots on\n some systems. (BZ#530383)\n\n - soft lockups: inotify race and contention on\n dcache_lock. (BZ#533822, BZ#537019)\n\n - priority ordered lists are now used for threads waiting\n for a given mutex. (BZ#533858)\n\n - a deadlock in DLM could cause GFS2 file systems to lock\n up. (BZ#533859)\n\n - use-after-free bug in the audit subsystem crashed\n certain systems when running usermod. (BZ#533861)\n\n - on certain hardware configurations, a kernel panic when\n the Broadcom iSCSI offload driver (bnx2i.ko and cnic.ko)\n was loaded. (BZ#537014)\n\n - qla2xxx: Enabled MSI-X, and correctly handle the module\n parameter to control it. This improves performance for\n certain systems. (BZ#537020)\n\n - system crash when reading the cpuaffinity file on a\n system. (BZ#537346)\n\n - suspend-resume problems on systems with lots of logical\n CPUs, e.g. BX-EX. (BZ#539674)\n\n - off-by-one error in the legacy PCI bus check.\n (BZ#539675)\n\n - TSC was not made available on systems with\n multi-clustered APICs. This could cause slow performance\n for time-sensitive applications. (BZ#539676)\n\n - ACPI: ARB_DISABLE now disabled on platforms that do not\n need it. (BZ#539677)\n\n - fix node to core and power-aware scheduling issues, and\n a kernel panic during boot on certain AMD Opteron\n processors. (BZ#539678, BZ#540469, BZ#539680, BZ#539682)\n\n - APIC timer interrupt issues on some AMD Opteron systems\n prevented achieving full power savings. (BZ#539681)\n\n - general OProfile support for some newer Intel\n processors. (BZ#539683)\n\n - system crash during boot when NUMA is enabled on systems\n using MC and kernel-xen. (BZ#539684)\n\n - on some larger systems, performance issues due to a\n spinlock. (BZ#539685)\n\n - APIC errors when IOMMU is enabled on some AMD Opteron\n systems. (BZ#539687)\n\n - on some AMD Opteron systems, repeatedly taking a CPU\n offline then online caused a system hang. (BZ#539688)\n\n - I/O page fault errors on some systems. (BZ#539689)\n\n - certain memory configurations could cause the kernel-xen\n kernel to fail to boot on some AMD Opteron systems.\n (BZ#539690)\n\n - NMI watchdog is now disabled for offline CPUs.\n (BZ#539691)\n\n - duplicate directories in /proc/acpi/processor/ on BX-EX\n systems. (BZ#539692)\n\n - links did not come up when using bnx2x with certain\n Broadcom devices. (BZ#540381)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=529308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=530383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537014\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537020\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539687\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=539692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=540381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=540469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=545583\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0912&L=scientific-linux-errata&T=0&P=2259\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d453041\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kernel-module-aufs-2.6.18-164.9.1.el5-0.20090202.cvs-6.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kernel-module-aufs-2.6.18-164.9.1.el5xen-0.20090202.cvs-6.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-164.9.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-164.9.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:41:55", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-1883 Solar Designer discovered a missing capability check in the z90crypt driver or s390 systems. This vulnerability may allow a local user to gain elevated privileges.\n\n - CVE-2009-2909 Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt() can result in a denial of service (kernel oops).\n\n - CVE-2009-3001 Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue.\n\n - CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area Network (CAN) implementations. Local users can exploit these issues to gain access to kernel memory.\n\n - CVE-2009-3228 Eric Dumazet reported an instance of uninitialized kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory.\n\n - CVE-2009-3238 Linus Torvalds provided a change to the get_random_int() function to increase its randomness.\n\n - CVE-2009-3286 Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users.\n\n - CVE-2009-3547 Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges.\n\n - CVE-2009-3612 Jiri Pirko discovered a typo in the initialization of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory.\n\n - CVE-2009-3621 Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service (system hang).", "cvss3": {}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1929-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1883", "CVE-2009-2909", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3621"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1929.NASL", "href": "https://www.tenable.com/plugins/nessus/44794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1929. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44794);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1883\", \"CVE-2009-2909\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3621\");\n script_bugtraq_id(36176, 36304, 36472, 36635, 36723, 36788, 36827, 36901);\n script_xref(name:\"DSA\", value:\"1929\");\n\n script_name(english:\"Debian DSA-1929-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-1883\n Solar Designer discovered a missing capability check in\n the z90crypt driver or s390 systems. This vulnerability\n may allow a local user to gain elevated privileges.\n\n - CVE-2009-2909\n Arjan van de Ven discovered an issue in the AX.25\n protocol implementation. A specially crafted call to\n setsockopt() can result in a denial of service (kernel\n oops).\n\n - CVE-2009-3001\n Jiri Slaby fixed a sensitive memory leak issue in the\n ANSI/IEEE 802.2 LLC implementation. This is not\n exploitable in the Debian lenny kernel as root\n privileges are required to exploit this issue.\n\n - CVE-2009-3002\n Eric Dumazet fixed several sensitive memory leaks in the\n IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and\n Controller Area Network (CAN) implementations. Local\n users can exploit these issues to gain access to kernel\n memory.\n\n - CVE-2009-3228\n Eric Dumazet reported an instance of uninitialized\n kernel memory in the network packet scheduler. Local\n users may be able to exploit this issue to read the\n contents of sensitive kernel memory.\n\n - CVE-2009-3238\n Linus Torvalds provided a change to the get_random_int()\n function to increase its randomness.\n\n - CVE-2009-3286\n Eric Paris discovered an issue with the NFSv4 server\n implementation. When an O_EXCL create fails, files may\n be left with corrupted permissions, possibly granting\n unintentional privileges to other local users.\n\n - CVE-2009-3547\n Earl Chew discovered a NULL pointer dereference issue in\n the pipe_rdwr_open function which can be used by local\n users to gain elevated privileges.\n\n - CVE-2009-3612\n Jiri Pirko discovered a typo in the initialization of a\n structure in the netlink subsystem that may allow local\n users to gain access to sensitive kernel memory.\n\n - CVE-2009-3621\n Tomoki Sekiyama discovered a deadlock condition in the\n UNIX domain socket implementation. Local users can\n exploit this vulnerability to cause a denial of service\n (system hang).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3001\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1929\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-26etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update :\n\n Debian 4.0 (etch) \n fai-kernels 1.17+etch.26etch1 \n user-mode-linux 2.6.18-1um-2etch.26etch1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(189, 200, 264, 310, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-26etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:09:57", "description": "From Red Hat Security Advisory 2009:1522 :\n\nUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate)\n\nThis update also fixes the following bugs :\n\n* a packet duplication issue was fixed via the RHSA-2008:0665 update;\nhowever, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the 'active-backup' mode and with the 'arp_validate=3' option, the bonding driver considered such backup slaves as being down (since they were not receiving ARP packets), preventing successful failover to these devices. (BZ#519384)\n\n* due to insufficient memory barriers in the network code, a process sleeping in select() may have missed notifications about new data. In rare cases, this bug may have caused a process to sleep forever.\n(BZ#519386)\n\n* the driver version number in the ata_piix driver was not changed between Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8, even though changes had been made between these releases. This could have prevented the driver from loading on systems that check driver versions, as this driver appeared older than it was. (BZ#519389)\n\n* a bug in nlm_lookup_host() could have led to un-reclaimed locks on file systems, resulting in the umount command failing. This bug could have also prevented NFS services from being relocated correctly in clustered environments. (BZ#519656)\n\n* the data buffer ethtool_get_strings() allocated, for the igb driver, was smaller than the amount of data that was copied in igb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN, resulting in memory corruption. This bug could have led to a kernel panic. (BZ#522738)\n\n* in some situations, write operations to a TTY device were blocked even when the O_NONBLOCK flag was used. A reported case of this issue occurred when a single TTY device was opened by two users (one using blocking mode, and the other using non-blocking mode). (BZ#523930)\n\n* a deadlock was found in the cciss driver. In rare cases, this caused an NMI lockup during boot. Messages such as 'cciss: controller cciss[x] failed, stopping.' and 'cciss[x]: controller not responding.' may have been displayed on the console. (BZ#525725)\n\n* on 64-bit PowerPC systems, a rollover bug in the ibmveth driver could have caused a kernel panic. In a reported case, this panic occurred on a system with a large uptime and under heavy network load.\n(BZ#527225)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-1522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1522.NASL", "href": "https://www.tenable.com/plugins/nessus/67945", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1522 and \n# Oracle Linux Security Advisory ELSA-2009-1522 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67945);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-3228\", \"CVE-2009-3612\");\n script_bugtraq_id(36304);\n script_xref(name:\"RHSA\", value:\"2009:1522\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-1522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1522 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* multiple, missing initialization flaws were found in the Linux\nkernel. Padding data in several core network structures was not\ninitialized properly before being sent to user-space. These flaws\ncould lead to information leaks. (CVE-2005-4881, CVE-2009-3228,\nModerate)\n\nThis update also fixes the following bugs :\n\n* a packet duplication issue was fixed via the RHSA-2008:0665 update;\nhowever, the fix introduced a problem for systems using network\nbonding: Backup slaves were unable to receive ARP packets. When using\nnetwork bonding in the 'active-backup' mode and with the\n'arp_validate=3' option, the bonding driver considered such backup\nslaves as being down (since they were not receiving ARP packets),\npreventing successful failover to these devices. (BZ#519384)\n\n* due to insufficient memory barriers in the network code, a process\nsleeping in select() may have missed notifications about new data. In\nrare cases, this bug may have caused a process to sleep forever.\n(BZ#519386)\n\n* the driver version number in the ata_piix driver was not changed\nbetween Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8,\neven though changes had been made between these releases. This could\nhave prevented the driver from loading on systems that check driver\nversions, as this driver appeared older than it was. (BZ#519389)\n\n* a bug in nlm_lookup_host() could have led to un-reclaimed locks on\nfile systems, resulting in the umount command failing. This bug could\nhave also prevented NFS services from being relocated correctly in\nclustered environments. (BZ#519656)\n\n* the data buffer ethtool_get_strings() allocated, for the igb driver,\nwas smaller than the amount of data that was copied in\nigb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN,\nresulting in memory corruption. This bug could have led to a kernel\npanic. (BZ#522738)\n\n* in some situations, write operations to a TTY device were blocked\neven when the O_NONBLOCK flag was used. A reported case of this issue\noccurred when a single TTY device was opened by two users (one using\nblocking mode, and the other using non-blocking mode). (BZ#523930)\n\n* a deadlock was found in the cciss driver. In rare cases, this caused\nan NMI lockup during boot. Messages such as 'cciss: controller\ncciss[x] failed, stopping.' and 'cciss[x]: controller not responding.'\nmay have been displayed on the console. (BZ#525725)\n\n* on 64-bit PowerPC systems, a rollover bug in the ibmveth driver\ncould have caused a kernel panic. In a reported case, this panic\noccurred on a system with a large uptime and under heavy network load.\n(BZ#527225)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001211.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2005-4881\", \"CVE-2009-3228\", \"CVE-2009-3612\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-1522\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.15.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:04:30", "description": "Updated kernel packages that fix security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:1541)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-1541.NASL", "href": "https://www.tenable.com/plugins/nessus/67067", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1541 and \n# CentOS Errata and Security Advisory 2009:1541 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67067);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36901);\n script_xref(name:\"RHSA\", value:\"2009:1541\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:1541)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix security issues are now available for\nRed Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The system must be rebooted\nfor this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016302.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e49d36a5\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016303.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?15a99734\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:58:34", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate)\n\nThis update also fixes the following bugs :\n\n* a packet duplication issue was fixed via the RHSA-2008:0665 update;\nhowever, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the 'active-backup' mode and with the 'arp_validate=3' option, the bonding driver considered such backup slaves as being down (since they were not receiving ARP packets), preventing successful failover to these devices. (BZ#519384)\n\n* due to insufficient memory barriers in the network code, a process sleeping in select() may have missed notifications about new data. In rare cases, this bug may have caused a process to sleep forever.\n(BZ#519386)\n\n* the driver version number in the ata_piix driver was not changed between Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8, even though changes had been made between these releases. This could have prevented the driver from loading on systems that check driver versions, as this driver appeared older than it was. (BZ#519389)\n\n* a bug in nlm_lookup_host() could have led to un-reclaimed locks on file systems, resulting in the umount command failing. This bug could have also prevented NFS services from being relocated correctly in clustered environments. (BZ#519656)\n\n* the data buffer ethtool_get_strings() allocated, for the igb driver, was smaller than the amount of data that was copied in igb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN, resulting in memory corruption. This bug could have led to a kernel panic. (BZ#522738)\n\n* in some situations, write operations to a TTY device were blocked even when the O_NONBLOCK flag was used. A reported case of this issue occurred when a single TTY device was opened by two users (one using blocking mode, and the other using non-blocking mode). (BZ#523930)\n\n* a deadlock was found in the cciss driver. In rare cases, this caused an NMI lockup during boot. Messages such as 'cciss: controller cciss[x] failed, stopping.' and 'cciss[x]: controller not responding.' may have been displayed on the console. (BZ#525725)\n\n* on 64-bit PowerPC systems, a rollover bug in the ibmveth driver could have caused a kernel panic. In a reported case, this panic occurred on a system with a large uptime and under heavy network load.\n(BZ#527225)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-10-23T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1522.NASL", "href": "https://www.tenable.com/plugins/nessus/42216", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1522. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42216);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-3228\", \"CVE-2009-3612\");\n script_bugtraq_id(36304);\n script_xref(name:\"RHSA\", value:\"2009:1522\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1522)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* multiple, missing initialization flaws were found in the Linux\nkernel. Padding data in several core network structures was not\ninitialized properly before being sent to user-space. These flaws\ncould lead to information leaks. (CVE-2005-4881, CVE-2009-3228,\nModerate)\n\nThis update also fixes the following bugs :\n\n* a packet duplication issue was fixed via the RHSA-2008:0665 update;\nhowever, the fix introduced a problem for systems using network\nbonding: Backup slaves were unable to receive ARP packets. When using\nnetwork bonding in the 'active-backup' mode and with the\n'arp_validate=3' option, the bonding driver considered such backup\nslaves as being down (since they were not receiving ARP packets),\npreventing successful failover to these devices. (BZ#519384)\n\n* due to insufficient memory barriers in the network code, a process\nsleeping in select() may have missed notifications about new data. In\nrare cases, this bug may have caused a process to sleep forever.\n(BZ#519386)\n\n* the driver version number in the ata_piix driver was not changed\nbetween Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8,\neven though changes had been made between these releases. This could\nhave prevented the driver from loading on systems that check driver\nversions, as this driver appeared older than it was. (BZ#519389)\n\n* a bug in nlm_lookup_host() could have led to un-reclaimed locks on\nfile systems, resulting in the umount command failing. This bug could\nhave also prevented NFS services from being relocated correctly in\nclustered environments. (BZ#519656)\n\n* the data buffer ethtool_get_strings() allocated, for the igb driver,\nwas smaller than the amount of data that was copied in\nigb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN,\nresulting in memory corruption. This bug could have led to a kernel\npanic. (BZ#522738)\n\n* in some situations, write operations to a TTY device were blocked\neven when the O_NONBLOCK flag was used. A reported case of this issue\noccurred when a single TTY device was opened by two users (one using\nblocking mode, and the other using non-blocking mode). (BZ#523930)\n\n* a deadlock was found in the cciss driver. In rare cases, this caused\nan NMI lockup during boot. Messages such as 'cciss: controller\ncciss[x] failed, stopping.' and 'cciss[x]: controller not responding.'\nmay have been displayed on the console. (BZ#525725)\n\n* on 64-bit PowerPC systems, a rollover bug in the ibmveth driver\ncould have caused a kernel panic. In a reported case, this panic\noccurred on a system with a large uptime and under heavy network load.\n(BZ#527225)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-4881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1522\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2005-4881\", \"CVE-2009-3228\", \"CVE-2009-3612\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1522\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1522\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-89.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.15.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:09:43", "description": "From Red Hat Security Advisory 2009:1541 :\n\nUpdated kernel packages that fix security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-1541)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1541.NASL", "href": "https://www.tenable.com/plugins/nessus/67952", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1541 and \n# Oracle Linux Security Advisory ELSA-2009-1541 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67952);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36901);\n script_xref(name:\"RHSA\", value:\"2009:1541\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-1541)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1541 :\n\nUpdated kernel packages that fix security issues are now available for\nRed Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The system must be rebooted\nfor this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-November/001232.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-1541\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:58:09", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate)\n\nThis update also fixes the following bugs :\n\n* a packet duplication issue was fixed via the RHSA-2008:0665 update;\nhowever, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the 'active-backup' mode and with the 'arp_validate=3' option, the bonding driver considered such backup slaves as being down (since they were not receiving ARP packets), preventing successful failover to these devices. (BZ#519384)\n\n* due to insufficient memory barriers in the network code, a process sleeping in select() may have missed notifications about new data. In rare cases, this bug may have caused a process to sleep forever.\n(BZ#519386)\n\n* the driver version number in the ata_piix driver was not changed between Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8, even though changes had been made between these releases. This could have prevented the driver from loading on systems that check driver versions, as this driver appeared older than it was. (BZ#519389)\n\n* a bug in nlm_lookup_host() could have led to un-reclaimed locks on file systems, resulting in the umount command failing. This bug could have also prevented NFS services from being relocated correctly in clustered environments. (BZ#519656)\n\n* the data buffer ethtool_get_strings() allocated, for the igb driver, was smaller than the amount of data that was copied in igb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN, resulting in memory corruption. This bug could have led to a kernel panic. (BZ#522738)\n\n* in some situations, write operations to a TTY device were blocked even when the O_NONBLOCK flag was used. A reported case of this issue occurred when a single TTY device was opened by two users (one using blocking mode, and the other using non-blocking mode). (BZ#523930)\n\n* a deadlock was found in the cciss driver. In rare cases, this caused an NMI lockup during boot. Messages such as 'cciss: controller cciss[x] failed, stopping.' and 'cciss[x]: controller not responding.' may have been displayed on the console. (BZ#525725)\n\n* on 64-bit PowerPC systems, a rollover bug in the ibmveth driver could have caused a kernel panic. In a reported case, this panic occurred on a system with a large uptime and under heavy network load.\n(BZ#527225)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:1522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-1522.NASL", "href": "https://www.tenable.com/plugins/nessus/42257", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1522 and \n# CentOS Errata and Security Advisory 2009:1522 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42257);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-3228\", \"CVE-2009-3612\");\n script_bugtraq_id(36304);\n script_xref(name:\"RHSA\", value:\"2009:1522\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:1522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* multiple, missing initialization flaws were found in the Linux\nkernel. Padding data in several core network structures was not\ninitialized properly before being sent to user-space. These flaws\ncould lead to information leaks. (CVE-2005-4881, CVE-2009-3228,\nModerate)\n\nThis update also fixes the following bugs :\n\n* a packet duplication issue was fixed via the RHSA-2008:0665 update;\nhowever, the fix introduced a problem for systems using network\nbonding: Backup slaves were unable to receive ARP packets. When using\nnetwork bonding in the 'active-backup' mode and with the\n'arp_validate=3' option, the bonding driver considered such backup\nslaves as being down (since they were not receiving ARP packets),\npreventing successful failover to these devices. (BZ#519384)\n\n* due to insufficient memory barriers in the network code, a process\nsleeping in select() may have missed notifications about new data. In\nrare cases, this bug may have caused a process to sleep forever.\n(BZ#519386)\n\n* the driver version number in the ata_piix driver was not changed\nbetween Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8,\neven though changes had been made between these releases. This could\nhave prevented the driver from loading on systems that check driver\nversions, as this driver appeared older than it was. (BZ#519389)\n\n* a bug in nlm_lookup_host() could have led to un-reclaimed locks on\nfile systems, resulting in the umount command failing. This bug could\nhave also prevented NFS services from being relocated correctly in\nclustered environments. (BZ#519656)\n\n* the data buffer ethtool_get_strings() allocated, for the igb driver,\nwas smaller than the amount of data that was copied in\nigb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN,\nresulting in memory corruption. This bug could have led to a kernel\npanic. (BZ#522738)\n\n* in some situations, write operations to a TTY device were blocked\neven when the O_NONBLOCK flag was used. A reported case of this issue\noccurred when a single TTY device was opened by two users (one using\nblocking mode, and the other using non-blocking mode). (BZ#523930)\n\n* a deadlock was found in the cciss driver. In rare cases, this caused\nan NMI lockup during boot. Messages such as 'cciss: controller\ncciss[x] failed, stopping.' and 'cciss[x]: controller not responding.'\nmay have been displayed on the console. (BZ#525725)\n\n* on 64-bit PowerPC systems, a rollover bug in the ibmveth driver\ncould have caused a kernel panic. In a reported case, this panic\noccurred on a system with a large uptime and under heavy network load.\n(BZ#527225)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016196.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?07e2891f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016197.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b4ecd8f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.15.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:59:34", "description": "Updated kernel packages that fix security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-11-04T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1541)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1541.NASL", "href": "https://www.tenable.com/plugins/nessus/42357", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1541. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42357);\n script_version(\"1.45\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36901);\n script_xref(name:\"RHSA\", value:\"2009:1541\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1541)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix security issues are now available for\nRed Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The system must be rebooted\nfor this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1541\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1541\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1541\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:59:33", "description": "The openSUSE 11.1 Kernel was updated to 2.6.27.39 fixing various bugs and security issues.\n\nFollowing security issues have been fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to cause a denial of service. (Due to mmap_min_addr protection enabled by default, code execution is not possible.)\n\nCVE-2009-2910: On x86_64 systems a information leak of high register contents (upper 32bit) was fixed.\n\nCVE-2009-2903: Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.\n\nCVE-2009-3621: net/unix/af_unix.c in the Linux kernel allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.\n\nCVE-2009-3612 / CVE-2005-4881: The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue existed because of an incomplete fix for CVE-2005-4881.\n\nCVE-2009-3620: The ATI Rage 128 (aka r128) driver in the Linux kernel does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.\n\nCVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n\nCVE-2009-3286: Sv4 in the Linux kernel does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails.", "cvss3": {}, "published": "2009-12-01T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-1593)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-extra", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-extra", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-extra", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-extra", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-extra", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_KERNEL-091123.NASL", "href": "https://www.tenable.com/plugins/nessus/42952", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-1593.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42952);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-1593)\");\n script_summary(english:\"Check for the kernel-1593 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 11.1 Kernel was updated to 2.6.27.39 fixing various bugs\nand security issues.\n\nFollowing security issues have been fixed: CVE-2009-3547: A race\ncondition during pipe open could be used by local attackers to cause a\ndenial of service. (Due to mmap_min_addr protection enabled by\ndefault, code execution is not possible.)\n\nCVE-2009-2910: On x86_64 systems a information leak of high register\ncontents (upper 32bit) was fixed.\n\nCVE-2009-2903: Memory leak in the appletalk subsystem in the Linux\nkernel when the appletalk and ipddp modules are loaded but the\nipddp'N' device is not found, allows remote attackers to cause a\ndenial of service (memory consumption) via IP-DDP datagrams.\n\nCVE-2009-3621: net/unix/af_unix.c in the Linux kernel allows local\nusers to cause a denial of service (system hang) by creating an\nabstract-namespace AF_UNIX listening socket, performing a shutdown\noperation on this socket, and then performing a series of connect\noperations to this socket.\n\nCVE-2009-3612 / CVE-2005-4881: The tcf_fill_node function in\nnet/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x\nbefore 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a\ncertain tcm__pad2 structure member, which might allow local users to\nobtain sensitive information from kernel memory via unspecified\nvectors. NOTE: this issue existed because of an incomplete fix for\nCVE-2005-4881.\n\nCVE-2009-3620: The ATI Rage 128 (aka r128) driver in the Linux kernel\ndoes not properly verify Concurrent Command Engine (CCE) state\ninitialization, which allows local users to cause a denial of service\n(NULL pointer dereference and system crash) or possibly gain\nprivileges via unspecified ioctl calls.\n\nCVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\nNFSv4 client in the Linux kernel allows remote NFS servers to cause a\ndenial of service (NULL pointer dereference and panic) by sending a\ncertain response containing incorrect file attributes, which trigger\nattempted use of an open file that lacks NFSv4 state.\n\nCVE-2009-3286: Sv4 in the Linux kernel does not properly clean up an\ninode when an O_EXCL create fails, which causes files to be created\nwith insecure settings such as setuid bits, and possibly allows local\nusers to gain privileges, related to the execution of the\ndo_open_permission function even when a create fails.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=441062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=519820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=522790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=523487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=528427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=540349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=540997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=542505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=550648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=554122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556864\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-base-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-extra-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-base-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-extra-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-base-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-extra-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-source-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-syms-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-base-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-extra-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-vanilla-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-base-2.6.27.39-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-extra-2.6.27.39-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-extra / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:26:05", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nMemory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddpN device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\nMultiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)\n\nThe tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612)\n\nnet/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621)\n\nInteger overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.\n(CVE-2009-3638)\n\nThe nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n(CVE-2009-3726)\n\nThe ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel 2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function. (CVE-2009-1298)\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:329)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-1298", "CVE-2009-2903", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3621", "CVE-2009-3638", "CVE-2009-3726", "CVE-2009-4131"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-server-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-source-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-desktop-3mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-desktop586-3mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-server-3mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.31.6-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.6-3mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.31.6-1mnb"], "id": "MANDRIVA_MDVSA-2009-329.NASL", "href": "https://www.tenable.com/plugins/nessus/48161", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:329. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48161);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1298\", \"CVE-2009-2903\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3621\", \"CVE-2009-3638\", \"CVE-2009-3726\", \"CVE-2009-4131\");\n script_bugtraq_id(36379, 36723, 36803, 36827, 36901, 36936);\n script_xref(name:\"MDVSA\", value:\"2009:329\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:329)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nMemory leak in the appletalk subsystem in the Linux kernel 2.4.x\nthrough 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and\nipddp modules are loaded but the ipddpN device is not found, allows\nremote attackers to cause a denial of service (memory consumption) via\nIP-DDP datagrams. (CVE-2009-2903)\n\nMultiple race conditions in fs/pipe.c in the Linux kernel before\n2.6.32-rc6 allow local users to cause a denial of service (NULL\npointer dereference and system crash) or gain privileges by attempting\nto open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)\n\nThe tcf_fill_node function in net/sched/cls_api.c in the netlink\nsubsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6\nand earlier, does not initialize a certain tcm__pad2 structure member,\nwhich might allow local users to obtain sensitive information from\nkernel memory via unspecified vectors. NOTE: this issue exists because\nof an incomplete fix for CVE-2005-4881. (CVE-2009-3612)\n\nnet/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows\nlocal users to cause a denial of service (system hang) by creating an\nabstract-namespace AF_UNIX listening socket, performing a shutdown\noperation on this socket, and then performing a series of connect\noperations to this socket. (CVE-2009-3621)\n\nInteger overflow in the kvm_dev_ioctl_get_supported_cpuid function in\narch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before\n2.6.31.4 allows local users to have an unspecified impact via a\nKVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.\n(CVE-2009-3638)\n\nThe nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client\nin the Linux kernel before 2.6.31-rc4 allows remote NFS servers to\ncause a denial of service (NULL pointer dereference and panic) by\nsending a certain response containing incorrect file attributes, which\ntrigger attempted use of an open file that lacks NFSv4 state.\n(CVE-2009-3726)\n\nThe ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel\n2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with\nan incorrect argument, which allows remote attackers to cause a denial\nof service (NULL pointer dereference and hang) via long IP packets,\npossibly related to the ip_defrag function. (CVE-2009-1298)\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.29.6-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.31.6-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-desktop-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-desktop586-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-server-3mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-2.6.29.6-desktop-3mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"broadcom-wl-kernel-2.6.29.6-desktop586-3mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-2.6.29.6-server-3mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-desktop-latest-5.10.79.10-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"broadcom-wl-kernel-desktop586-latest-5.10.79.10-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-server-latest-5.10.79.10-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-2.6.29.6-desktop-3mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"em8300-kernel-2.6.29.6-desktop586-3mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-2.6.29.6-server-3mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-desktop-latest-0.17.2-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"em8300-kernel-desktop586-latest-0.17.2-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-server-latest-0.17.2-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.6-desktop-3mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.6-desktop586-3mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.6-server-3mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20091209.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20091209.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20091209.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.6-desktop-3mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.6-desktop586-3mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.6-server-3mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.18-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.18-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.18-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-2.6.29.6-desktop-3mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.29.6-desktop586-3mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-2.6.29.6-server-3mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-desktop-latest-7.80.02.03-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.80.02.03-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-server-latest-7.80.02.03-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-devel-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-devel-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-doc-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-devel-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-devel-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-source-2.6.29.6-3mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-source-latest-2.6.29.6-3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-2.6.29.6-desktop-3mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libafs-kernel-2.6.29.6-desktop586-3mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-2.6.29.6-server-3mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-desktop-latest-1.4.10-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libafs-kernel-desktop586-latest-1.4.10-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-server-latest-1.4.10-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-2.6.29.6-desktop-3mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lirc-kernel-2.6.29.6-desktop586-3mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-2.6.29.6-server-3mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-desktop-latest-0.8.5-1.20091209.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.5-1.20091209.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-server-latest-0.8.5-1.20091209.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-2.6.29.6-desktop-3mnb-4.43-27.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lzma-kernel-2.6.29.6-desktop586-3mnb-4.43-27.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-2.6.29.6-server-3mnb-4.43-27.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-desktop-latest-4.43-1.20091209.27.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20091209.27.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-server-latest-4.43-1.20091209.27.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-2.6.29.6-desktop-3mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.29.6-desktop586-3mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-2.6.29.6-server-3mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20091209.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20091209.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20091209.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-2.6.29.6-desktop-3mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.29.6-desktop586-3mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-2.6.29.6-server-3mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-desktop-latest-180.51-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-180.51-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-server-latest-180.51-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-2.6.29.6-desktop-3mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.29.6-desktop586-3mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-2.6.29.6-server-3mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-desktop-latest-173.14.18-1.20091209.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.18-1.20091209.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-server-latest-173.14.18-1.20091209.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-2.6.29.6-desktop-3mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.29.6-desktop586-3mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-2.6.29.6-server-3mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.11-1.20091209.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.11-1.20091209.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-server-latest-96.43.11-1.20091209.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.6-desktop-3mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.6-desktop586-3mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.6-server-3mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20091209.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20091209.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20091209.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-2.6.29.6-desktop-3mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vboxadditions-kernel-2.6.29.6-desktop586-3mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-2.6.29.6-server-3mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-desktop-latest-2.2.0-1.20091209.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vboxadditions-kernel-desktop586-latest-2.2.0-1.20091209.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-server-latest-2.2.0-1.20091209.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-2.6.29.6-desktop-3mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.29.6-desktop586-3mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-2.6.29.6-server-3mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-desktop-latest-2.2.0-1.20091209.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.2.0-1.20091209.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-server-latest-2.2.0-1.20091209.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.29.6-desktop-3mnb-4.8.02.0030-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"vpnclient-kernel-2.6.29.6-desktop-3mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.29.6-desktop586-3mnb-4.8.02.0030-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.29.6-server-3mnb-4.8.02.0030-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"vpnclient-kernel-2.6.29.6-server-3mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop-latest-4.8.02.0030-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20091209.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.02.0030-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-server-latest-4.8.02.0030-1.20091209.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20091209.3mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"broadcom-wl-kernel-2.6.31.6-desktop-1mnb-5.10.91.9-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"broadcom-wl-kernel-2.6.31.6-desktop586-1mnb-5.10.91.9-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"broadcom-wl-kernel-2.6.31.6-server-1mnb-5.10.91.9-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"broadcom-wl-kernel-desktop-latest-5.10.91.9-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"broadcom-wl-kernel-desktop586-latest-5.10.91.9-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"broadcom-wl-kernel-server-latest-5.10.91.9-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"em8300-kernel-2.6.31.6-desktop-1mnb-0.17.4-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"em8300-kernel-2.6.31.6-desktop586-1mnb-0.17.4-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"em8300-kernel-2.6.31.6-server-1mnb-0.17.4-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"em8300-kernel-desktop-latest-0.17.4-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"em8300-kernel-desktop586-latest-0.17.4-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"em8300-kernel-server-latest-0.17.4-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"fglrx-kernel-2.6.31.6-desktop-1mnb-8.650-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.31.6-desktop586-1mnb-8.650-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"fglrx-kernel-2.6.31.6-server-1mnb-8.650-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"fglrx-kernel-desktop-latest-8.650-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.650-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"fglrx-kernel-server-latest-8.650-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.31.6-desktop-1mnb-1.19-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.31.6-desktop586-1mnb-1.19-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.31.6-server-1mnb-1.19-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.19-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.19-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.19-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"hsfmodem-kernel-2.6.31.6-desktop-1mnb-7.80.02.05-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.31.6-desktop586-1mnb-7.80.02.05-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"hsfmodem-kernel-2.6.31.6-server-1mnb-7.80.02.05-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"hsfmodem-kernel-desktop-latest-7.80.02.05-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.80.02.05-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"hsfmodem-kernel-server-latest-7.80.02.05-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-desktop-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-desktop-devel-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-desktop-devel-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-desktop-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-doc-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-server-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-server-devel-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-server-devel-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-server-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-source-2.6.31.6-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"kernel-source-latest-2.6.31.6-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"libafs-kernel-2.6.31.6-desktop-1mnb-1.4.11-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libafs-kernel-2.6.31.6-desktop586-1mnb-1.4.11-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"libafs-kernel-2.6.31.6-server-1mnb-1.4.11-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"libafs-kernel-desktop-latest-1.4.11-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libafs-kernel-desktop586-latest-1.4.11-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"libafs-kernel-server-latest-1.4.11-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lirc-kernel-2.6.31.6-desktop-1mnb-0.8.6-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.31.6-desktop586-1mnb-0.8.6-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lirc-kernel-2.6.31.6-server-1mnb-0.8.6-2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lirc-kernel-desktop-latest-0.8.6-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.6-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lirc-kernel-server-latest-0.8.6-1.20091209.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lzma-kernel-2.6.31.6-desktop-1mnb-4.43-28mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.31.6-desktop586-1mnb-4.43-28mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lzma-kernel-2.6.31.6-server-1mnb-4.43-28mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20091209.28mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20091209.28mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"lzma-kernel-server-latest-4.43-1.20091209.28mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"madwifi-kernel-2.6.31.6-desktop-1mnb-0.9.4-4.r4068mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.31.6-desktop586-1mnb-0.9.4-4.r4068mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"madwifi-kernel-2.6.31.6-server-1mnb-0.9.4-4.r4068mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20091209.4.r4068mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20091209.4.r4068mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20091209.4.r4068mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia-current-kernel-2.6.31.6-desktop-1mnb-185.18.36-4mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.31.6-desktop586-1mnb-185.18.36-4mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia-current-kernel-2.6.31.6-server-1mnb-185.18.36-4mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia-current-kernel-desktop-latest-185.18.36-1.20091209.4mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-185.18.36-1.20091209.4mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia-current-kernel-server-latest-185.18.36-1.20091209.4mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia173-kernel-2.6.31.6-desktop-1mnb-173.14.20-7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.31.6-desktop586-1mnb-173.14.20-7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia173-kernel-2.6.31.6-server-1mnb-173.14.20-7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.20-1.20091209.7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.20-1.20091209.7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia173-kernel-server-latest-173.14.20-1.20091209.7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia96xx-kernel-2.6.31.6-desktop-1mnb-96.43.13-7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.31.6-desktop586-1mnb-96.43.13-7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia96xx-kernel-2.6.31.6-server-1mnb-96.43.13-7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.13-1.20091209.7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.13-1.20091209.7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.13-1.20091209.7mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.31.6-desktop-1mnb-2.9.11-0.20080817.4.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.31.6-desktop586-1mnb-2.9.11-0.20080817.4.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.31.6-server-1mnb-2.9.11-0.20080817.4.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20091209.0.20080817.4.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20091209.0.20080817.4.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20091209.0.20080817.4.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"squashfs-lzma-kernel-2.6.31.6-desktop-1mnb-3.3-11mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.31.6-desktop586-1mnb-3.3-11mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"squashfs-lzma-kernel-2.6.31.6-server-1mnb-3.3-11mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20091209.11mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20091209.11mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20091209.11mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"vboxadditions-kernel-2.6.31.6-desktop-1mnb-3.0.8-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vboxadditions-kernel-2.6.31.6-desktop586-1mnb-3.0.8-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"vboxadditions-kernel-2.6.31.6-server-1mnb-3.0.8-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"vboxadditions-kernel-desktop-latest-3.0.8-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vboxadditions-kernel-desktop586-latest-3.0.8-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"vboxadditions-kernel-server-latest-3.0.8-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"virtualbox-kernel-2.6.31.6-desktop-1mnb-3.0.8-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.31.6-desktop586-1mnb-3.0.8-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"virtualbox-kernel-2.6.31.6-server-1mnb-3.0.8-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"virtualbox-kernel-desktop-latest-3.0.8-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-3.0.8-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"virtualbox-kernel-server-latest-3.0.8-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.31.6-desktop-1mnb-4.8.02.0030-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.31.6-desktop586-1mnb-4.8.02.0030-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.31.6-server-1mnb-4.8.02.0030-1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop-latest-4.8.02.0030-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.02.0030-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"vpnclient-kernel-server-latest-4.8.02.0030-1.20091209.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:39:27", "description": "The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.39 fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - A race condition during pipe open could be used by local attackers to cause a denial of service. (Due to mmap_min_addr protection enabled by default, code execution is not possible.). (CVE-2009-3547)\n\n - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue existed because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\n - Sv4 in the Linux kernel does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. (CVE-2009-3286)", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-vmi", "p-cpe:/a:novell:suse_linux:11:kernel-vmi-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-091123.NASL", "href": "https://www.tenable.com/plugins/nessus/42990", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42990);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n\n script_name(english:\"SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.39 fixing\nvarious bugs and security issues.\n\nThe following security issues have been fixed :\n\n - A race condition during pipe open could be used by local\n attackers to cause a denial of service. (Due to\n mmap_min_addr protection enabled by default, code\n execution is not possible.). (CVE-2009-3547)\n\n - On x86_64 systems a information leak of high register\n contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - Memory leak in the appletalk subsystem in the Linux\n kernel when the appletalk and ipddp modules are loaded\n but the ipddp'N' device is not found, allows remote\n attackers to cause a denial of service (memory\n consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users\n to cause a denial of service (system hang) by creating\n an abstract-namespace AF_UNIX listening socket,\n performing a shutdown operation on this socket, and then\n performing a series of connect operations to this\n socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the\n netlink subsystem in the Linux kernel 2.6.x before\n 2.6.32-rc5, and 2.4.37.6 and earlier, does not\n initialize a certain tcm__pad2 structure member, which\n might allow local users to obtain sensitive information\n from kernel memory via unspecified vectors. NOTE: this\n issue existed because of an incomplete fix for\n CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel\n does not properly verify Concurrent Command Engine (CCE)\n state initialization, which allows local users to cause\n a denial of service (NULL pointer dereference and system\n crash) or possibly gain privileges via unspecified ioctl\n calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\n NFSv4 client in the Linux kernel allows remote NFS\n servers to cause a denial of service (NULL pointer\n dereference and panic) by sending a certain response\n containing incorrect file attributes, which trigger\n attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\n - Sv4 in the Linux kernel does not properly clean up an\n inode when an O_EXCL create fails, which causes files to\n be created with insecure settings such as setuid bits,\n and possibly allows local users to gain privileges,\n related to the execution of the do_open_permission\n function even when a create fails. (CVE-2009-3286)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=441062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=519820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=522790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=523487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=528427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=540349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=540997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=542505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=550648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=554122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2005-4881.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2903.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2910.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3547.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3612.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3620.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3621.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3726.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 1581 / 1588 / 1591 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-source-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-syms-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-source-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-syms-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ext4dev-kmp-default-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-source-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-syms-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-pae-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-vmi-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-xen-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kernel-default-man-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"ext4dev-kmp-xen-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:07:54", "description": "From Red Hat Security Advisory 2009:1548 :\n\nUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)\n\n* a NULL pointer dereference flaw was found in the eCryptfs implementation in the Linux kernel. A local attacker could use this flaw to cause a local denial of service or escalate their privileges.\n(CVE-2009-2908, Important)\n\n* a flaw was found in the NFSv4 implementation. The kernel would do an unnecessary permission check after creating a file. This check would usually fail and leave the file with the permission bits set to random values. Note: This is a server-side only issue. (CVE-2009-3286, Important)\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could abuse this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n* missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2009-3228, Moderate)\n\nBug fixes :\n\n* with network bonding in the 'balance-tlb' or 'balance-alb' mode, the primary setting for the primary slave device was lost when said device was brought down. Bringing the slave back up did not restore the primary setting. (BZ#517971)\n\n* some faulty serial device hardware caused systems running the kernel-xen kernel to take a very long time to boot. (BZ#524153)\n\n* a caching bug in nfs_readdir() may have caused NFS clients to see duplicate files or not see all files in a directory. (BZ#526960)\n\n* the RHSA-2009:1243 update removed the mpt_msi_enable option, preventing certain scripts from running. This update adds the option back. (BZ#526963)\n\n* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#527434)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#527436)\n\n* a kernel panic occurred in certain conditions after reconfiguring a tape drive's block size. (BZ#528133)\n\n* when using the Linux Virtual Server (LVS) in a master and backup configuration, and propagating active connections on the master to the backup, the connection timeout value on the backup was hard-coded to 180 seconds, meaning connection information on the backup was soon lost. This could prevent the successful failover of connections. The timeout value can now be set via 'ipvsadm --set'. (BZ#528645)\n\n* a bug in nfs4_do_open_expired() could have caused the reclaimer thread on an NFSv4 client to enter an infinite loop. (BZ#529162)\n\n* MSI interrupts may not have been delivered for r8169 based network cards that have MSI interrupts enabled. This bug only affected certain systems. (BZ#529366)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2009-1548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2908", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1548.NASL", "href": "https://www.tenable.com/plugins/nessus/67953", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1548 and \n# Oracle Linux Security Advisory ELSA-2009-1548 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67953);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2908\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36304, 36472, 36639, 36706, 36901);\n script_xref(name:\"RHSA\", value:\"2009:1548\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2009-1548)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1548 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a system with SELinux enforced was more permissive in allowing local\nusers in the unconfined_t domain to map low memory areas even if the\nmmap_min_addr restriction was enabled. This could aid in the local\nexploitation of NULL pointer dereference bugs. (CVE-2009-2695,\nImportant)\n\n* a NULL pointer dereference flaw was found in the eCryptfs\nimplementation in the Linux kernel. A local attacker could use this\nflaw to cause a local denial of service or escalate their privileges.\n(CVE-2009-2908, Important)\n\n* a flaw was found in the NFSv4 implementation. The kernel would do an\nunnecessary permission check after creating a file. This check would\nusually fail and leave the file with the permission bits set to random\nvalues. Note: This is a server-side only issue. (CVE-2009-3286,\nImportant)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to\nIOMMU space exhaustion and a system crash. An attacker on the local\nnetwork could abuse this flaw by using jumbo frames for large amounts\nof network traffic. (CVE-2009-3613, Important)\n\n* missing initialization flaws were found in the Linux kernel. Padding\ndata in several core network structures was not initialized properly\nbefore being sent to user-space. These flaws could lead to information\nleaks. (CVE-2009-3228, Moderate)\n\nBug fixes :\n\n* with network bonding in the 'balance-tlb' or 'balance-alb' mode, the\nprimary setting for the primary slave device was lost when said device\nwas brought down. Bringing the slave back up did not restore the\nprimary setting. (BZ#517971)\n\n* some faulty serial device hardware caused systems running the\nkernel-xen kernel to take a very long time to boot. (BZ#524153)\n\n* a caching bug in nfs_readdir() may have caused NFS clients to see\nduplicate files or not see all files in a directory. (BZ#526960)\n\n* the RHSA-2009:1243 update removed the mpt_msi_enable option,\npreventing certain scripts from running. This update adds the option\nback. (BZ#526963)\n\n* an iptables rule with the recent module and a hit count value\ngreater than the ip_pkt_list_tot parameter (the default is 20), did\nnot have any effect over packets, as the hit count could not be\nreached. (BZ#527434)\n\n* a check has been added to the IPv4 code to make sure that rt is not\nNULL, to help prevent future bugs in functions that call\nip_append_data() from being exploitable. (BZ#527436)\n\n* a kernel panic occurred in certain conditions after reconfiguring a\ntape drive's block size. (BZ#528133)\n\n* when using the Linux Virtual Server (LVS) in a master and backup\nconfiguration, and propagating active connections on the master to the\nbackup, the connection timeout value on the backup was hard-coded to\n180 seconds, meaning connection information on the backup was soon\nlost. This could prevent the successful failover of connections. The\ntimeout value can now be set via 'ipvsadm --set'. (BZ#528645)\n\n* a bug in nfs4_do_open_expired() could have caused the reclaimer\nthread on an NFSv4 client to enter an infinite loop. (BZ#529162)\n\n* MSI interrupts may not have been delivered for r8169 based network\ncards that have MSI interrupts enabled. This bug only affected certain\nsystems. (BZ#529366)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-November/001231.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2908\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-1548\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-164.6.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-164.6.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:59:34", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)\n\n* a NULL pointer dereference flaw was found in the eCryptfs implementation in the Linux kernel. A local attacker could use this flaw to cause a local denial of service or escalate their privileges.\n(CVE-2009-2908, Important)\n\n* a flaw was found in the NFSv4 implementation. The kernel would do an unnecessary permission check after creating a file. This check would usually fail and leave the file with the permission bits set to random values. Note: This is a server-side only issue. (CVE-2009-3286, Important)\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could abuse this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n* missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2009-3228, Moderate)\n\nBug fixes :\n\n* with network bonding in the 'balance-tlb' or 'balance-alb' mode, the primary setting for the primary slave device was lost when said device was brought down. Bringing the slave back up did not restore the primary setting. (BZ#517971)\n\n* some faulty serial device hardware caused systems running the kernel-xen kernel to take a very long time to boot. (BZ#524153)\n\n* a caching bug in nfs_readdir() may have caused NFS clients to see duplicate files or not see all files in a directory. (BZ#526960)\n\n* the RHSA-2009:1243 update removed the mpt_msi_enable option, preventing certain scripts from running. This update adds the option back. (BZ#526963)\n\n* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#527434)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#527436)\n\n* a kernel panic occurred in certain conditions after reconfiguring a tape drive's block size. (BZ#528133)\n\n* when using the Linux Virtual Server (LVS) in a master and backup configuration, and propagating active connections on the master to the backup, the connection timeout value on the backup was hard-coded to 180 seconds, meaning connection information on the backup was soon lost. This could prevent the successful failover of connections. The timeout value can now be set via 'ipvsadm --set'. (BZ#528645)\n\n* a bug in nfs4_do_open_expired() could have caused the reclaimer thread on an NFSv4 client to enter an infinite loop. (BZ#529162)\n\n* MSI interrupts may not have been delivered for r8169 based network cards that have MSI interrupts enabled. This bug only affected certain systems. (BZ#529366)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-11-04T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:1548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2908", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.4"], "id": "REDHAT-RHSA-2009-1548.NASL", "href": "https://www.tenable.com/plugins/nessus/42358", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1548. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42358);\n script_version(\"1.50\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2908\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36304, 36472, 36639, 36706, 36901);\n script_xref(name:\"RHSA\", value:\"2009:1548\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:1548)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a system with SELinux enforced was more permissive in allowing local\nusers in the unconfined_t domain to map low memory areas even if the\nmmap_min_addr restriction was enabled. This could aid in the local\nexploitation of NULL pointer dereference bugs. (CVE-2009-2695,\nImportant)\n\n* a NULL pointer dereference flaw was found in the eCryptfs\nimplementation in the Linux kernel. A local attacker could use this\nflaw to cause a local denial of service or escalate their privileges.\n(CVE-2009-2908, Important)\n\n* a flaw was found in the NFSv4 implementation. The kernel would do an\nunnecessary permission check after creating a file. This check would\nusually fail and leave the file with the permission bits set to random\nvalues. Note: This is a server-side only issue. (CVE-2009-3286,\nImportant)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to\nIOMMU space exhaustion and a system crash. An attacker on the local\nnetwork could abuse this flaw by using jumbo frames for large amounts\nof network traffic. (CVE-2009-3613, Important)\n\n* missing initialization flaws were found in the Linux kernel. Padding\ndata in several core network structures was not initialized properly\nbefore being sent to user-space. These flaws could lead to information\nleaks. (CVE-2009-3228, Moderate)\n\nBug fixes :\n\n* with network bonding in the 'balance-tlb' or 'balance-alb' mode, the\nprimary setting for the primary slave device was lost when said device\nwas brought down. Bringing the slave back up did not restore the\nprimary setting. (BZ#517971)\n\n* some faulty serial device hardware caused systems running the\nkernel-xen kernel to take a very long time to boot. (BZ#524153)\n\n* a caching bug in nfs_readdir() may have caused NFS clients to see\nduplicate files or not see all files in a directory. (BZ#526960)\n\n* the RHSA-2009:1243 update removed the mpt_msi_enable option,\npreventing certain scripts from running. This update adds the option\nback. (BZ#526963)\n\n* an iptables rule with the recent module and a hit count value\ngreater than the ip_pkt_list_tot parameter (the default is 20), did\nnot have any effect over packets, as the hit count could not be\nreached. (BZ#527434)\n\n* a check has been added to the IPv4 code to make sure that rt is not\nNULL, to help prevent future bugs in functions that call\nip_append_data() from being exploitable. (BZ#527436)\n\n* a kernel panic occurred in certain conditions after reconfiguring a\ntape drive's block size. (BZ#528133)\n\n* when using the Linux Virtual Server (LVS) in a master and backup\nconfiguration, and propagating active connections on the master to the\nbackup, the connection timeout value on the backup was hard-coded to\n180 seconds, meaning connection information on the backup was soon\nlost. This could prevent the successful failover of connections. The\ntimeout value can now be set via 'ipvsadm --set'. (BZ#528645)\n\n* a bug in nfs4_do_open_expired() could have caused the reclaimer\nthread on an NFSv4 client to enter an infinite loop. (BZ#529162)\n\n* MSI interrupts may not have been delivered for r8169 based network\ncards that have MSI interrupts enabled. This bug only affected certain\nsystems. (BZ#529366)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3613\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-18042\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/17995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1548\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2908\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1548\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1548\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-164.6.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-164.6.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:04:39", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)\n\n* a NULL pointer dereference flaw was found in the eCryptfs implementation in the Linux kernel. A local attacker could use this flaw to cause a local denial of service or escalate their privileges.\n(CVE-2009-2908, Important)\n\n* a flaw was found in the NFSv4 implementation. The kernel would do an unnecessary permission check after creating a file. This check would usually fail and leave the file with the permission bits set to random values. Note: This is a server-side only issue. (CVE-2009-3286, Important)\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could abuse this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n* missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2009-3228, Moderate)\n\nBug fixes :\n\n* with network bonding in the 'balance-tlb' or 'balance-alb' mode, the primary setting for the primary slave device was lost when said device was brought down. Bringing the slave back up did not restore the primary setting. (BZ#517971)\n\n* some faulty serial device hardware caused systems running the kernel-xen kernel to take a very long time to boot. (BZ#524153)\n\n* a caching bug in nfs_readdir() may have caused NFS clients to see duplicate files or not see all files in a directory. (BZ#526960)\n\n* the RHSA-2009:1243 update removed the mpt_msi_enable option, preventing certain scripts from running. This update adds the option back. (BZ#526963)\n\n* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#527434)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#527436)\n\n* a kernel panic occurred in certain conditions after reconfiguring a tape drive's block size. (BZ#528133)\n\n* when using the Linux Virtual Server (LVS) in a master and backup configuration, and propagating active connections on the master to the backup, the connection timeout value on the backup was hard-coded to 180 seconds, meaning connection information on the backup was soon lost. This could prevent the successful failover of connections. The timeout value can now be set via 'ipvsadm --set'. (BZ#528645)\n\n* a bug in nfs4_do_open_expired() could have caused the reclaimer thread on an NFSv4 client to enter an infinite loop. (BZ#529162)\n\n* MSI interrupts may not have been delivered for r8169 based network cards that have MSI interrupts enabled. This bug only affected certain systems. (BZ#529366)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2009:1548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2908", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-1548.NASL", "href": "https://www.tenable.com/plugins/nessus/67068", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1548 and \n# CentOS Errata and Security Advisory 2009:1548 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67068);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2908\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36304, 36472, 36639, 36706, 36901);\n script_xref(name:\"RHSA\", value:\"2009:1548\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2009:1548)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a system with SELinux enforced was more permissive in allowing local\nusers in the unconfined_t domain to map low memory areas even if the\nmmap_min_addr restriction was enabled. This could aid in the local\nexploitation of NULL pointer dereference bugs. (CVE-2009-2695,\nImportant)\n\n* a NULL pointer dereference flaw was found in the eCryptfs\nimplementation in the Linux kernel. A local attacker could use this\nflaw to cause a local denial of service or escalate their privileges.\n(CVE-2009-2908, Important)\n\n* a flaw was found in the NFSv4 implementation. The kernel would do an\nunnecessary permission check after creating a file. This check would\nusually fail and leave the file with the permission bits set to random\nvalues. Note: This is a server-side only issue. (CVE-2009-3286,\nImportant)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to\nIOMMU space exhaustion and a system crash. An attacker on the local\nnetwork could abuse this flaw by using jumbo frames for large amounts\nof network traffic. (CVE-2009-3613, Important)\n\n* missing initialization flaws were found in the Linux kernel. Padding\ndata in several core network structures was not initialized properly\nbefore being sent to user-space. These flaws could lead to information\nleaks. (CVE-2009-3228, Moderate)\n\nBug fixes :\n\n* with network bonding in the 'balance-tlb' or 'balance-alb' mode, the\nprimary setting for the primary slave device was lost when said device\nwas brought down. Bringing the slave back up did not restore the\nprimary setting. (BZ#517971)\n\n* some faulty serial device hardware caused systems running the\nkernel-xen kernel to take a very long time to boot. (BZ#524153)\n\n* a caching bug in nfs_readdir() may have caused NFS clients to see\nduplicate files or not see all files in a directory. (BZ#526960)\n\n* the RHSA-2009:1243 update removed the mpt_msi_enable option,\npreventing certain scripts from running. This update adds the option\nback. (BZ#526963)\n\n* an iptables rule with the recent module and a hit count value\ngreater than the ip_pkt_list_tot parameter (the default is 20), did\nnot have any effect over packets, as the hit count could not be\nreached. (BZ#527434)\n\n* a check has been added to the IPv4 code to make sure that rt is not\nNULL, to help prevent future bugs in functions that call\nip_append_data() from being exploitable. (BZ#527436)\n\n* a kernel panic occurred in certain conditions after reconfiguring a\ntape drive's block size. (BZ#528133)\n\n* when using the Linux Virtual Server (LVS) in a master and backup\nconfiguration, and propagating active connections on the master to the\nbackup, the connection timeout value on the backup was hard-coded to\n180 seconds, meaning connection information on the backup was soon\nlost. This could prevent the successful failover of connections. The\ntimeout value can now be set via 'ipvsadm --set'. (BZ#528645)\n\n* a bug in nfs4_do_open_expired() could have caused the reclaimer\nthread on an NFSv4 client to enter an infinite loop. (BZ#529162)\n\n* MSI interrupts may not have been delivered for r8169 based network\ncards that have MSI interrupts enabled. This bug only affected certain\nsystems. (BZ#529366)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016304.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50f4e63e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016305.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3830e36b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-164.6.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-164.6.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:41:36", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture. Local users could exploit this issue to gain access to restricted memory.\n\n - CVE-2009-2847 Ulrich Drepper noticed an issue in the do_sigalstack routine on 64-bit systems. This issue allows local users to gain access to potentially sensitive memory on the kernel stack.\n\n - CVE-2009-2848 Eric Dumazet discovered an issue in the execve path, where the clear_child_tid variable was not being properly cleared. Local users could exploit this issue to cause a denial of service (memory corruption).\n\n - CVE-2009-2849 Neil Brown discovered an issue in the sysfs interface to md devices. When md arrays are not active, local users can exploit this vulnerability to cause a denial of service (oops).\n\n - CVE-2009-2903 Mark Smith discovered a memory leak in the appletalk implementation. When the appletalk and ipddp modules are loaded, but no ipddp'N' device is found, remote attackers can cause a denial of service by consuming large amounts of system memory.\n\n - CVE-2009-2908 Loic Minier discovered an issue in the eCryptfs filesystem. A local user can cause a denial of service (kernel oops) by causing a dentry value to go negative.\n\n - CVE-2009-2909 Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt() can result in a denial of service (kernel oops).\n\n - CVE-2009-2910 Jan Beulich discovered the existence of a sensitive kernel memory leak. Systems running the 'amd64' kernel do not properly sanitize registers for 32-bit processes.\n\n - CVE-2009-3001 Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue.\n\n - CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area Network (CAN) implementations. Local users can exploit these issues to gain access to kernel memory.\n\n - CVE-2009-3228 Eric Dumazet reported an instance of uninitialized kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory.\n\n - CVE-2009-3238 Linus Torvalds provided a change to the get_random_int() function to increase its randomness.\n\n - CVE-2009-3286 Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users.\n\n - CVE-2009-3547 Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges.\n\n - CVE-2009-3612 Jiri Pirko discovered a typo in the initialization of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory.\n\n - CVE-2009-3613 Alistair Strachan reported an issue in the r8169 driver.\n Remote users can cause a denial of service (IOMMU space exhaustion and system crash) by transmitting a large amount of jumbo frames.\n\n - CVE-2009-3620 Ben Hutchings discovered an issue in the DRM manager for ATI Rage 128 graphics adapters. Local users may be able to exploit this vulnerability to cause a denial of service (NULL pointer dereference).\n\n - CVE-2009-3621 Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service (system hang).", "cvss3": {}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1928-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2846", "CVE-2009-2847", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2903", "CVE-2009-2908", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1928.NASL", "href": "https://www.tenable.com/plugins/nessus/44793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1928. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44793);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2846\", \"CVE-2009-2847\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2903\", \"CVE-2009-2908\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(35930, 36004, 36176, 36304, 36379, 36472, 36576, 36635, 36639, 36706, 36723, 36788, 36824, 36827, 36901);\n script_xref(name:\"DSA\", value:\"1928\");\n\n script_name(english:\"Debian DSA-1928-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-2846\n Michael Buesch noticed a typing issue in the eisa-eeprom\n driver for the hppa architecture. Local users could\n exploit this issue to gain access to restricted memory.\n\n - CVE-2009-2847\n Ulrich Drepper noticed an issue in the do_sigalstack\n routine on 64-bit systems. This issue allows local users\n to gain access to potentially sensitive memory on the\n kernel stack.\n\n - CVE-2009-2848\n Eric Dumazet discovered an issue in the execve path,\n where the clear_child_tid variable was not being\n properly cleared. Local users could exploit this issue\n to cause a denial of service (memory corruption).\n\n - CVE-2009-2849\n Neil Brown discovered an issue in the sysfs interface to\n md devices. When md arrays are not active, local users\n can exploit this vulnerability to cause a denial of\n service (oops).\n\n - CVE-2009-2903\n Mark Smith discovered a memory leak in the appletalk\n implementation. When the appletalk and ipddp modules are\n loaded, but no ipddp'N' device is found, remote\n attackers can cause a denial of service by consuming\n large amounts of system memory.\n\n - CVE-2009-2908\n Loic Minier discovered an issue in the eCryptfs\n filesystem. A local user can cause a denial of service\n (kernel oops) by causing a dentry value to go negative.\n\n - CVE-2009-2909\n Arjan van de Ven discovered an issue in the AX.25\n protocol implementation. A specially crafted call to\n setsockopt() can result in a denial of service (kernel\n oops).\n\n - CVE-2009-2910\n Jan Beulich discovered the existence of a sensitive\n kernel memory leak. Systems running the 'amd64' kernel\n do not properly sanitize registers for 32-bit processes.\n\n - CVE-2009-3001\n Jiri Slaby fixed a sensitive memory leak issue in the\n ANSI/IEEE 802.2 LLC implementation. This is not\n exploitable in the Debian lenny kernel as root\n privileges are required to exploit this issue.\n\n - CVE-2009-3002\n Eric Dumazet fixed several sensitive memory leaks in the\n IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and\n Controller Area Network (CAN) implementations. Local\n users can exploit these issues to gain access to kernel\n memory.\n\n - CVE-2009-3228\n Eric Dumazet reported an instance of uninitialized\n kernel memory in the network packet scheduler. Local\n users may be able to exploit this issue to read the\n contents of sensitive kernel memory.\n\n - CVE-2009-3238\n Linus Torvalds provided a change to the get_random_int()\n function to increase its randomness.\n\n - CVE-2009-3286\n Eric Paris discovered an issue with the NFSv4 server\n implementation. When an O_EXCL create fails, files may\n be left with corrupted permissions, possibly granting\n unintentional privileges to other local users.\n\n - CVE-2009-3547\n Earl Chew discovered a NULL pointer dereference issue in\n the pipe_rdwr_open function which can be used by local\n users to gain elevated privileges.\n\n - CVE-2009-3612\n Jiri Pirko discovered a typo in the initialization of a\n structure in the netlink subsystem that may allow local\n users to gain access to sensitive kernel memory.\n\n - CVE-2009-3613\n Alistair Strachan reported an issue in the r8169 driver.\n Remote users can cause a denial of service (IOMMU space\n exhaustion and system crash) by transmitting a large\n amount of jumbo frames.\n\n - CVE-2009-3620\n Ben Hutchings discovered an issue in the DRM manager for\n ATI Rage 128 graphics adapters. Local users may be able\n to exploit this vulnerability to cause a denial of\n service (NULL pointer dereference).\n\n - CVE-2009-3621\n Tomoki Sekiyama discovered a deadlock condition in the\n UNIX domain socket implementation. Local users can\n exploit this vulnerability to cause a denial of service\n (system hang).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2846\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3001\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1928\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.24-6~etchnhalf.9etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 189, 200, 264, 310, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.9etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:09:39", "description": "From Red Hat Security Advisory 2009:1671 :\n\nUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could trigger this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems, 32-bit processes could access and read certain 64-bit registers by temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#529306)\n\n* in environments that use dual-controller storage devices with the cciss driver, Device-Mapper Multipath maps could not be detected and configured, due to the cciss driver not exporting the bus attribute via sysfs. This attribute is now exported. (BZ#529309)\n\n* the kernel crashed with a divide error when a certain joystick was attached. (BZ#532027)\n\n* a bug in the mptctl_do_mpt_command() function in the mpt driver may have resulted in crashes during boot on i386 systems with certain adapters using the mpt driver, and also running the hugemem kernel.\n(BZ#533798)\n\n* on certain hardware, the igb driver was unable to detect link statuses correctly. This may have caused problems for network bonding, such as failover not occurring. (BZ#534105)\n\n* the RHSA-2009:1024 update introduced a regression. After updating to Red Hat Enterprise Linux 4.8 and rebooting, network links often failed to be brought up for interfaces using the forcedeth driver. 'no link during initialization' messages may have been logged. (BZ#534112)\n\n* the RHSA-2009:1024 update introduced a second regression. On certain systems, PS/2 keyboards failed to work. (BZ#537344)\n\n* a bug in checksum offload calculations could have crashed the bnx2x firmware when the iptable_nat module was loaded, causing network traffic to stop. (BZ#537013)\n\n* a check has been added to the IPv4 code to make sure that the routing table data structure, rt, is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable.\n(BZ#537016)\n\n* possible kernel pointer dereferences on systems with several NFS mounts (a mixture of '-o lock' and '-o nolock'), which in rare cases may have caused a system crash, have been resolved. (BZ#537017)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-1671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1671.NASL", "href": "https://www.tenable.com/plugins/nessus/67973", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1671 and \n# Oracle Linux Security Advisory ELSA-2009-1671 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67973);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36576, 36706, 36723, 36824);\n script_xref(name:\"RHSA\", value:\"2009:1671\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-1671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1671 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to\nIOMMU space exhaustion and a system crash. An attacker on the local\nnetwork could trigger this flaw by using jumbo frames for large\namounts of network traffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the\nLinux kernel. Checks to test if the Concurrent Command Engine state\nwas initialized were missing in private IOCTL functions. An attacker\ncould use these flaws to cause a local denial of service or escalate\ntheir privileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910,\nModerate)\n\n* the unix_stream_connect() function in the Linux kernel did not check\nif a UNIX domain socket was in the shutdown state. This could lead to\na deadlock. A local, unprivileged user could use this flaw to cause a\ndenial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n* an iptables rule with the recent module and a hit count value\ngreater than the ip_pkt_list_tot parameter (the default is 20), did\nnot have any effect over packets, as the hit count could not be\nreached. (BZ#529306)\n\n* in environments that use dual-controller storage devices with the\ncciss driver, Device-Mapper Multipath maps could not be detected and\nconfigured, due to the cciss driver not exporting the bus attribute\nvia sysfs. This attribute is now exported. (BZ#529309)\n\n* the kernel crashed with a divide error when a certain joystick was\nattached. (BZ#532027)\n\n* a bug in the mptctl_do_mpt_command() function in the mpt driver may\nhave resulted in crashes during boot on i386 systems with certain\nadapters using the mpt driver, and also running the hugemem kernel.\n(BZ#533798)\n\n* on certain hardware, the igb driver was unable to detect link\nstatuses correctly. This may have caused problems for network bonding,\nsuch as failover not occurring. (BZ#534105)\n\n* the RHSA-2009:1024 update introduced a regression. After updating to\nRed Hat Enterprise Linux 4.8 and rebooting, network links often failed\nto be brought up for interfaces using the forcedeth driver. 'no link\nduring initialization' messages may have been logged. (BZ#534112)\n\n* the RHSA-2009:1024 update introduced a second regression. On certain\nsystems, PS/2 keyboards failed to work. (BZ#537344)\n\n* a bug in checksum offload calculations could have crashed the bnx2x\nfirmware when the iptable_nat module was loaded, causing network\ntraffic to stop. (BZ#537013)\n\n* a check has been added to the IPv4 code to make sure that the\nrouting table data structure, rt, is not NULL, to help prevent future\nbugs in functions that call ip_append_data() from being exploitable.\n(BZ#537016)\n\n* possible kernel pointer dereferences on systems with several NFS\nmounts (a mixture of '-o lock' and '-o nolock'), which in rare cases\nmay have caused a system crash, have been resolved. (BZ#537017)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-December/001286.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-1671\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:00:36", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could trigger this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems, 32-bit processes could access and read certain 64-bit registers by temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#529306)\n\n* in environments that use dual-controller storage devices with the cciss driver, Device-Mapper Multipath maps could not be detected and configured, due to the cciss driver not exporting the bus attribute via sysfs. This attribute is now exported. (BZ#529309)\n\n* the kernel crashed with a divide error when a certain joystick was attached. (BZ#532027)\n\n* a bug in the mptctl_do_mpt_command() function in the mpt driver may have resulted in crashes during boot on i386 systems with certain adapters using the mpt driver, and also running the hugemem kernel.\n(BZ#533798)\n\n* on certain hardware, the igb driver was unable to detect link statuses correctly. This may have caused problems for network bonding, such as failover not occurring. (BZ#534105)\n\n* the RHSA-2009:1024 update introduced a regression. After updating to Red Hat Enterprise Linux 4.8 and rebooting, network links often failed to be brought up for interfaces using the forcedeth driver. 'no link during initialization' messages may have been logged. (BZ#534112)\n\n* the RHSA-2009:1024 update introduced a second regression. On certain systems, PS/2 keyboards failed to work. (BZ#537344)\n\n* a bug in checksum offload calculations could have crashed the bnx2x firmware when the iptable_nat module was loaded, causing network traffic to stop. (BZ#537013)\n\n* a check has been added to the IPv4 code to make sure that the routing table data structure, rt, is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable.\n(BZ#537016)\n\n* possible kernel pointer dereferences on systems with several NFS mounts (a mixture of '-o lock' and '-o nolock'), which in rare cases may have caused a system crash, have been resolved. (BZ#537017)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-12-21T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:1671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem"], "id": "CENTOS_RHSA-2009-1671.NASL", "href": "https://www.tenable.com/plugins/nessus/43354", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1671 and \n# CentOS Errata and Security Advisory 2009:1671 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43354);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36576, 36706, 36723, 36824);\n script_xref(name:\"RHSA\", value:\"2009:1671\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:1671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to\nIOMMU space exhaustion and a system crash. An attacker on the local\nnetwork could trigger this flaw by using jumbo frames for large\namounts of network traffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the\nLinux kernel. Checks to test if the Concurrent Command Engine state\nwas initialized were missing in private IOCTL functions. An attacker\ncould use these flaws to cause a local denial of service or escalate\ntheir privileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910,\nModerate)\n\n* the unix_stream_connect() function in the Linux kernel did not check\nif a UNIX domain socket was in the shutdown state. This could lead to\na deadlock. A local, unprivileged user could use this flaw to cause a\ndenial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n* an iptables rule with the recent module and a hit count value\ngreater than the ip_pkt_list_tot parameter (the default is 20), did\nnot have any effect over packets, as the hit count could not be\nreached. (BZ#529306)\n\n* in environments that use dual-controller storage devices with the\ncciss driver, Device-Mapper Multipath maps could not be detected and\nconfigured, due to the cciss driver not exporting the bus attribute\nvia sysfs. This attribute is now exported. (BZ#529309)\n\n* the kernel crashed with a divide error when a certain joystick was\nattached. (BZ#532027)\n\n* a bug in the mptctl_do_mpt_command() function in the mpt driver may\nhave resulted in crashes during boot on i386 systems with certain\nadapters using the mpt driver, and also running the hugemem kernel.\n(BZ#533798)\n\n* on certain hardware, the igb driver was unable to detect link\nstatuses correctly. This may have caused problems for network bonding,\nsuch as failover not occurring. (BZ#534105)\n\n* the RHSA-2009:1024 update introduced a regression. After updating to\nRed Hat Enterprise Linux 4.8 and rebooting, network links often failed\nto be brought up for interfaces using the forcedeth driver. 'no link\nduring initialization' messages may have been logged. (BZ#534112)\n\n* the RHSA-2009:1024 update introduced a second regression. On certain\nsystems, PS/2 keyboards failed to work. (BZ#537344)\n\n* a bug in checksum offload calculations could have crashed the bnx2x\nfirmware when the iptable_nat module was loaded, causing network\ntraffic to stop. (BZ#537013)\n\n* a check has been added to the IPv4 code to make sure that the\nrouting table data structure, rt, is not NULL, to help prevent future\nbugs in functions that call ip_append_data() from being exploitable.\n(BZ#537016)\n\n* possible kernel pointer dereferences on systems with several NFS\nmounts (a mixture of '-o lock' and '-o nolock'), which in rare cases\nmay have caused a system crash, have been resolved. (BZ#537017)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-December/016393.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?efa46cef\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-December/016394.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f873f9c6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:36:09", "description": "This update fixes the following security issues :\n\n - a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could trigger this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n - NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n - an information leak was found in the Linux kernel. On AMD64 systems, 32-bit processes could access and read certain 64-bit registers by temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n - the unix_stream_connect() function in the Linux kernel did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n - an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#529306)\n\n - in environments that use dual-controller storage devices with the cciss driver, Device-Mapper Multipath maps could not be detected and configured, due to the cciss driver not exporting the bus attribute via sysfs. This attribute is now exported. (BZ#529309)\n\n - the kernel crashed with a divide error when a certain joystick was attached. (BZ#532027)\n\n - a bug in the mptctl_do_mpt_command() function in the mpt driver may have resulted in crashes during boot on i386 systems with certain adapters using the mpt driver, and also running the hugemem kernel. (BZ#533798)\n\n - on certain hardware, the igb driver was unable to detect link statuses correctly. This may have caused problems for network bonding, such as failover not occurring.\n (BZ#534105)\n\n - the RHSA-2009:1024 update introduced a regression. After updating to Scientific Linux 4.8 and rebooting, network links often failed to be brought up for interfaces using the forcedeth driver. 'no link during initialization' messages may have been logged. (BZ#534112)\n\n - the RHSA-2009:1024 update introduced a second regression. On certain systems, PS/2 keyboards failed to work. (BZ#537344)\n\n - a bug in checksum offload calculations could have crashed the bnx2x firmware when the iptable_nat module was loaded, causing network traffic to stop. (BZ#537013)\n\n - a check has been added to the IPv4 code to make sure that the routing table data structure, rt, is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#537016)\n\n - possible kernel pointer dereferences on systems with several NFS mounts (a mixture of '-o lock' and '-o nolock'), which in rare cases may have caused a system crash, have been resolved. (BZ#537017)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091215_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60705", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60705);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - a flaw was found in the Realtek r8169 Ethernet driver in\n the Linux kernel. pci_unmap_single() presented a memory\n leak that could lead to IOMMU space exhaustion and a\n system crash. An attacker on the local network could\n trigger this flaw by using jumbo frames for large\n amounts of network traffic. (CVE-2009-3613, Important)\n\n - NULL pointer dereference flaws were found in the r128\n driver in the Linux kernel. Checks to test if the\n Concurrent Command Engine state was initialized were\n missing in private IOCTL functions. An attacker could\n use these flaws to cause a local denial of service or\n escalate their privileges. (CVE-2009-3620, Important)\n\n - an information leak was found in the Linux kernel. On\n AMD64 systems, 32-bit processes could access and read\n certain 64-bit registers by temporarily switching\n themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n - the unix_stream_connect() function in the Linux kernel\n did not check if a UNIX domain socket was in the\n shutdown state. This could lead to a deadlock. A local,\n unprivileged user could use this flaw to cause a denial\n of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n - an iptables rule with the recent module and a hit count\n value greater than the ip_pkt_list_tot parameter (the\n default is 20), did not have any effect over packets, as\n the hit count could not be reached. (BZ#529306)\n\n - in environments that use dual-controller storage devices\n with the cciss driver, Device-Mapper Multipath maps\n could not be detected and configured, due to the cciss\n driver not exporting the bus attribute via sysfs. This\n attribute is now exported. (BZ#529309)\n\n - the kernel crashed with a divide error when a certain\n joystick was attached. (BZ#532027)\n\n - a bug in the mptctl_do_mpt_command() function in the mpt\n driver may have resulted in crashes during boot on i386\n systems with certain adapters using the mpt driver, and\n also running the hugemem kernel. (BZ#533798)\n\n - on certain hardware, the igb driver was unable to detect\n link statuses correctly. This may have caused problems\n for network bonding, such as failover not occurring.\n (BZ#534105)\n\n - the RHSA-2009:1024 update introduced a regression. After\n updating to Scientific Linux 4.8 and rebooting, network\n links often failed to be brought up for interfaces using\n the forcedeth driver. 'no link during initialization'\n messages may have been logged. (BZ#534112)\n\n - the RHSA-2009:1024 update introduced a second\n regression. On certain systems, PS/2 keyboards failed to\n work. (BZ#537344)\n\n - a bug in checksum offload calculations could have\n crashed the bnx2x firmware when the iptable_nat module\n was loaded, causing network traffic to stop. (BZ#537013)\n\n - a check has been added to the IPv4 code to make sure\n that the routing table data structure, rt, is not NULL,\n to help prevent future bugs in functions that call\n ip_append_data() from being exploitable. (BZ#537016)\n\n - possible kernel pointer dereferences on systems with\n several NFS mounts (a mixture of '-o lock' and '-o\n nolock'), which in rare cases may have caused a system\n crash, have been resolved. (BZ#537017)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=529306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=529309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=532027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=533798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=534105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=534112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537016\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=537344\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0912&L=scientific-linux-errata&T=0&P=2135\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dd0ada4c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-89.0.18.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:01:27", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could trigger this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems, 32-bit processes could access and read certain 64-bit registers by temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#529306)\n\n* in environments that use dual-controller storage devices with the cciss driver, Device-Mapper Multipath maps could not be detected and configured, due to the cciss driver not exporting the bus attribute via sysfs. This attribute is now exported. (BZ#529309)\n\n* the kernel crashed with a divide error when a certain joystick was attached. (BZ#532027)\n\n* a bug in the mptctl_do_mpt_command() function in the mpt driver may have resulted in crashes during boot on i386 systems with certain adapters using the mpt driver, and also running the hugemem kernel.\n(BZ#533798)\n\n* on certain hardware, the igb driver was unable to detect link statuses correctly. This may have caused problems for network bonding, such as failover not occurring. (BZ#534105)\n\n* the RHSA-2009:1024 update introduced a regression. After updating to Red Hat Enterprise Linux 4.8 and rebooting, network links often failed to be brought up for interfaces using the forcedeth driver. 'no link during initialization' messages may have been logged. (BZ#534112)\n\n* the RHSA-2009:1024 update introduced a second regression. On certain systems, PS/2 keyboards failed to work. (BZ#537344)\n\n* a bug in checksum offload calculations could have crashed the bnx2x firmware when the iptable_nat module was loaded, causing network traffic to stop. (BZ#537013)\n\n* a check has been added to the IPv4 code to make sure that the routing table data structure, rt, is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable.\n(BZ#537016)\n\n* possible kernel pointer dereferences on systems with several NFS mounts (a mixture of '-o lock' and '-o nolock'), which in rare cases may have caused a system crash, have been resolved. (BZ#537017)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-12-16T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1671.NASL", "href": "https://www.tenable.com/plugins/nessus/43169", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1671. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43169);\n script_version(\"1.39\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(36576, 36706, 36723, 36824);\n script_xref(name:\"RHSA\", value:\"2009:1671\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1671)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to\nIOMMU space exhaustion and a system crash. An attacker on the local\nnetwork could trigger this flaw by using jumbo frames for large\namounts of network traffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the\nLinux kernel. Checks to test if the Concurrent Command Engine state\nwas initialized were missing in private IOCTL functions. An attacker\ncould use these flaws to cause a local denial of service or escalate\ntheir privileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910,\nModerate)\n\n* the unix_stream_connect() function in the Linux kernel did not check\nif a UNIX domain socket was in the shutdown state. This could lead to\na deadlock. A local, unprivileged user could use this flaw to cause a\ndenial of service. (CVE-2009-3621, Moderate)\n\nThis update also fixes the following bugs :\n\n* an iptables rule with the recent module and a hit count value\ngreater than the ip_pkt_list_tot parameter (the default is 20), did\nnot have any effect over packets, as the hit count could not be\nreached. (BZ#529306)\n\n* in environments that use dual-controller storage devices with the\ncciss driver, Device-Mapper Multipath maps could not be detected and\nconfigured, due to the cciss driver not exporting the bus attribute\nvia sysfs. This attribute is now exported. (BZ#529309)\n\n* the kernel crashed with a divide error when a certain joystick was\nattached. (BZ#532027)\n\n* a bug in the mptctl_do_mpt_command() function in the mpt driver may\nhave resulted in crashes during boot on i386 systems with certain\nadapters using the mpt driver, and also running the hugemem kernel.\n(BZ#533798)\n\n* on certain hardware, the igb driver was unable to detect link\nstatuses correctly. This may have caused problems for network bonding,\nsuch as failover not occurring. (BZ#534105)\n\n* the RHSA-2009:1024 update introduced a regression. After updating to\nRed Hat Enterprise Linux 4.8 and rebooting, network links often failed\nto be brought up for interfaces using the forcedeth driver. 'no link\nduring initialization' messages may have been logged. (BZ#534112)\n\n* the RHSA-2009:1024 update introduced a second regression. On certain\nsystems, PS/2 keyboards failed to work. (BZ#537344)\n\n* a bug in checksum offload calculations could have crashed the bnx2x\nfirmware when the iptable_nat module was loaded, causing network\ntraffic to stop. (BZ#537013)\n\n* a check has been added to the IPv4 code to make sure that the\nrouting table data structure, rt, is not NULL, to help prevent future\nbugs in functions that call ip_append_data() from being exploitable.\n(BZ#537016)\n\n* possible kernel pointer dereferences on systems with several NFS\nmounts (a mixture of '-o lock' and '-o nolock'), which in rare cases\nmay have caused a system crash, have been resolved. (BZ#537017)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1671\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1671\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1671\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.0.18.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:00:36", "description": "It was discovered that the AX.25 network subsystem did not correctly check integer signedness in certain setsockopt calls. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 9.10 was not affected. (CVE-2009-2909)\n\nJan Beulich discovered that the kernel could leak register contents to 32-bit processes that were switched to 64-bit mode. A local attacker could run a specially crafted binary to read register values from an earlier process, leading to a loss of privacy. (CVE-2009-2910)\n\nDave Jones discovered that the gdth SCSI driver did not correctly validate array indexes in certain ioctl calls. A local attacker could exploit this to crash the system or gain elevated privileges.\n(CVE-2009-3080)\n\nEric Dumazet and Jiri Pirko discovered that the TC and CLS subsystems would leak kernel memory via uninitialized structure members. A local attacker could exploit this to read several bytes of kernel memory, leading to a loss of privacy. (CVE-2009-3228, CVE-2009-3612)\n\nEarl Chew discovered race conditions in pipe handling. A local attacker could exploit anonymous pipes via /proc/*/fd/ and crash the system or gain root privileges. (CVE-2009-3547)\n\nDave Jones and Francois Romieu discovered that the r8169 network driver could be made to leak kernel memory. A remote attacker could send a large number of jumbo frames until the system memory was exhausted, leading to a denial of service. Ubuntu 9.10 was not affected. (CVE-2009-3613).\n\nBen Hutchings discovered that the ATI Rage 128 video driver did not correctly validate initialization states. A local attacker could make specially crafted ioctl calls to crash the system or gain root privileges. (CVE-2009-3620)\n\nTomoki Sekiyama discovered that Unix sockets did not correctly verify namespaces. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2009-3621)\n\nJ. Bruce Fields discovered that NFSv4 did not correctly use the credential cache. A local attacker using a mount with AUTH_NULL authentication could exploit this to crash the system or gain root privileges. Only Ubuntu 9.10 was affected. (CVE-2009-3623)\n\nAlexander Zangerl discovered that the kernel keyring did not correctly reference count. A local attacker could issue a series of specially crafted keyring calls to crash the system or gain root privileges.\nOnly Ubuntu 9.10 was affected. (CVE-2009-3624)\n\nDavid Wagner discovered that KVM did not correctly bounds-check CPUID entries. A local attacker could exploit this to crash the system or possibly gain elevated privileges. Ubuntu 6.06 and 9.10 were not affected. (CVE-2009-3638)\n\nAvi Kivity discovered that KVM did not correctly check privileges when accessing debug registers. A local attacker could exploit this to crash a host system from within a guest system, leading to a denial of service. Ubuntu 6.06 and 9.10 were not affected. (CVE-2009-3722)\n\nPhilip Reisner discovered that the connector layer for uvesafb, pohmelfs, dst, and dm did not correctly check capabilties. A local attacker could exploit this to crash the system or gain elevated privileges. Ubuntu 6.06 was not affected. (CVE-2009-3725)\n\nTrond Myklebust discovered that NFSv4 clients did not robustly verify attributes. A malicious remote NFSv4 server could exploit this to crash a client or gain root privileges. Ubuntu 9.10 was not affected.\n(CVE-2009-3726)\n\nRobin Getz discovered that NOMMU systems did not correctly validate NULL pointers in do_mmap_pgoff calls. A local attacker could attempt to allocate large amounts of memory to crash the system, leading to a denial of service. Only Ubuntu 6.06 and 9.10 were affected.\n(CVE-2009-3888)\n\nJoseph Malicki discovered that the MegaRAID SAS driver had world-writable option files. A local attacker could exploit these to disrupt the behavior of the controller, leading to a denial of service. (CVE-2009-3889, CVE-2009-3939)\n\nRoel Kluin discovered that the Hisax ISDN driver did not correctly check the size of packets. A remote attacker could send specially crafted packets to cause a system crash, leading to a denial of service. (CVE-2009-4005)\n\nLennert Buytenhek discovered that certain 802.11 states were not handled correctly. A physically-proximate remote attacker could send specially crafted wireless traffic that would crash the system, leading to a denial of service. Only Ubuntu 9.10 was affected.\n(CVE-2009-4026, CVE-2009-4027).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-12-07T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : linux, linux-source-2.6.15 vulnerabilities (USN-864-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3080", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3623", "CVE-2009-3624", "CVE-2009-3638", "CVE-2009-3722", "CVE-2009-3725", "CVE-2009-3726", "CVE-2009-3888", "CVE-2009-3889", "CVE-2009-3939", "CVE-2009-4005", "CVE-2009-4026", "CVE-2009-4027"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.28", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.28", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-864-1.NASL", "href": "https://www.tenable.com/plugins/nessus/43026", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-864-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43026);\n script_version(\"1.34\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3080\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3623\", \"CVE-2009-3624\", \"CVE-2009-3638\", \"CVE-2009-3722\", \"CVE-2009-3725\", \"CVE-2009-3726\", \"CVE-2009-3888\", \"CVE-2009-3889\", \"CVE-2009-3939\", \"CVE-2009-4005\", \"CVE-2009-4026\", \"CVE-2009-4027\");\n script_bugtraq_id(36304, 36576, 36635, 36706, 36723, 36793, 36803, 36824, 36827, 36901, 36936, 37019, 37036, 37068, 37170, 37221);\n script_xref(name:\"USN\", value:\"864-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : linux, linux-source-2.6.15 vulnerabilities (USN-864-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the AX.25 network subsystem did not correctly\ncheck integer signedness in certain setsockopt calls. A local attacker\ncould exploit this to crash the system, leading to a denial of\nservice. Ubuntu 9.10 was not affected. (CVE-2009-2909)\n\nJan Beulich discovered that the kernel could leak register contents to\n32-bit processes that were switched to 64-bit mode. A local attacker\ncould run a specially crafted binary to read register values from an\nearlier process, leading to a loss of privacy. (CVE-2009-2910)\n\nDave Jones discovered that the gdth SCSI driver did not correctly\nvalidate array indexes in certain ioctl calls. A local attacker could\nexploit this to crash the system or gain elevated privileges.\n(CVE-2009-3080)\n\nEric Dumazet and Jiri Pirko discovered that the TC and CLS subsystems\nwould leak kernel memory via uninitialized structure members. A local\nattacker could exploit this to read several bytes of kernel memory,\nleading to a loss of privacy. (CVE-2009-3228, CVE-2009-3612)\n\nEarl Chew discovered race conditions in pipe handling. A local\nattacker could exploit anonymous pipes via /proc/*/fd/ and crash the\nsystem or gain root privileges. (CVE-2009-3547)\n\nDave Jones and Francois Romieu discovered that the r8169 network\ndriver could be made to leak kernel memory. A remote attacker could\nsend a large number of jumbo frames until the system memory was\nexhausted, leading to a denial of service. Ubuntu 9.10 was not\naffected. (CVE-2009-3613).\n\nBen Hutchings discovered that the ATI Rage 128 video driver did not\ncorrectly validate initialization states. A local attacker could make\nspecially crafted ioctl calls to crash the system or gain root\nprivileges. (CVE-2009-3620)\n\nTomoki Sekiyama discovered that Unix sockets did not correctly verify\nnamespaces. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2009-3621)\n\nJ. Bruce Fields discovered that NFSv4 did not correctly use the\ncredential cache. A local attacker using a mount with AUTH_NULL\nauthentication could exploit this to crash the system or gain root\nprivileges. Only Ubuntu 9.10 was affected. (CVE-2009-3623)\n\nAlexander Zangerl discovered that the kernel keyring did not correctly\nreference count. A local attacker could issue a series of specially\ncrafted keyring calls to crash the system or gain root privileges.\nOnly Ubuntu 9.10 was affected. (CVE-2009-3624)\n\nDavid Wagner discovered that KVM did not correctly bounds-check CPUID\nentries. A local attacker could exploit this to crash the system or\npossibly gain elevated privileges. Ubuntu 6.06 and 9.10 were not\naffected. (CVE-2009-3638)\n\nAvi Kivity discovered that KVM did not correctly check privileges when\naccessing debug registers. A local attacker could exploit this to\ncrash a host system from within a guest system, leading to a denial of\nservice. Ubuntu 6.06 and 9.10 were not affected. (CVE-2009-3722)\n\nPhilip Reisner discovered that the connector layer for uvesafb,\npohmelfs, dst, and dm did not correctly check capabilties. A local\nattacker could exploit this to crash the system or gain elevated\nprivileges. Ubuntu 6.06 was not affected. (CVE-2009-3725)\n\nTrond Myklebust discovered that NFSv4 clients did not robustly verify\nattributes. A malicious remote NFSv4 server could exploit this to\ncrash a client or gain root privileges. Ubuntu 9.10 was not affected.\n(CVE-2009-3726)\n\nRobin Getz discovered that NOMMU systems did not correctly validate\nNULL pointers in do_mmap_pgoff calls. A local attacker could attempt\nto allocate large amounts of memory to crash the system, leading to a\ndenial of service. Only Ubuntu 6.06 and 9.10 were affected.\n(CVE-2009-3888)\n\nJoseph Malicki discovered that the MegaRAID SAS driver had\nworld-writable option files. A local attacker could exploit these to\ndisrupt the behavior of the controller, leading to a denial of\nservice. (CVE-2009-3889, CVE-2009-3939)\n\nRoel Kluin discovered that the Hisax ISDN driver did not correctly\ncheck the size of packets. A remote attacker could send specially\ncrafted packets to cause a system crash, leading to a denial of\nservice. (CVE-2009-4005)\n\nLennert Buytenhek discovered that certain 802.11 states were not\nhandled correctly. A physically-proximate remote attacker could send\nspecially crafted wireless traffic that would crash the system,\nleading to a denial of service. Only Ubuntu 9.10 was affected.\n(CVE-2009-4026, CVE-2009-4027).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/864-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119, 189, 200, 264, 287, 310, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3080\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3623\", \"CVE-2009-3624\", \"CVE-2009-3638\", \"CVE-2009-3722\", \"CVE-2009-3725\", \"CVE-2009-3726\", \"CVE-2009-3888\", \"CVE-2009-3889\", \"CVE-2009-3939\", \"CVE-2009-4005\", \"CVE-2009-4026\", \"CVE-2009-4027\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-864-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-386\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-686\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-generic\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-k8\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-server\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-xeon\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-server\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-386\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-686\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-generic\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-k8\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-server\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-xeon\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-server\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-55.81\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-386\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-generic\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-openvz\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-rt\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-server\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-virtual\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-26-xen\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-386\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-generic\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-lpia\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-lpiacompat\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-openvz\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-rt\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-server\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-virtual\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-26-xen\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-26-386\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-26-generic\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-26-server\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-26-virtual\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-26.64\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-16\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-16-generic\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-16-server\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-16-generic\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-16-server\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-16-virtual\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-16.44\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-doc-2.6.28\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-17\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-17-generic\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-17-server\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-17-generic\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-17-lpia\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-17-server\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-17-versatile\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-17-virtual\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-source-2.6.28\", pkgver:\"2.6.28-17.58\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-doc\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-16\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-16-386\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-16-generic\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-16-generic-pae\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-16-server\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-16-386\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-16-generic\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-16-generic-pae\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-16-lpia\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-16-server\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-16-virtual\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.31-16.52\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-source-2.6.31\", pkgver:\"2.6.31-16.52\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc / linux-doc-2.6.15 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-24T16:15:35", "description": "Updated kernel packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important)\n\n* missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space. These flaws could lead to an information leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n* this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag '-fno-delete-null-pointer-checks' was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 3 : kernel (CESA-2009:1550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-boot", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-unsupported", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-unsupported", "p-cpe:/a:centos:centos:kernel-source", "p-cpe:/a:centos:centos:kernel-unsupported", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1550.NASL", "href": "https://www.tenable.com/plugins/nessus/67070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1550 and \n# CentOS Errata and Security Advisory 2009:1550 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67070);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(32154, 34405, 35185, 35647, 35930, 36176, 36901);\n script_xref(name:\"RHSA\", value:\"2009:1550\");\n\n script_name(english:\"CentOS 3 : kernel (CESA-2009:1550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and multiple\nbugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux\nkernel. Frames with sizes near the MTU of an interface may be split\nacross multiple hardware receive descriptors. Receipt of such a frame\ncould leak through a validation check, leading to a corruption of the\nlength check. A remote attacker could use this flaw to send a\nspecially crafted packet that would cause a denial of service or code\nexecution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared\nwhen a setuid or setgid program was executed. A local, unprivileged\nuser could use this flaw to bypass the mmap_min_addr protection\nmechanism and perform a NULL pointer dereference attack, or bypass the\nAddress Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the\nclear_child_tid pointer in the Linux kernel is not cleared. If this\npointer points to a writable portion of the memory of the new program,\nthe kernel could corrupt four bytes of memory, possibly leading to a\nlocal denial of service or privilege escalation. (CVE-2009-2848,\nImportant)\n\n* missing initialization flaws were found in getname() implementations\nin the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and\nROSE protocol implementations in the Linux kernel. Certain data\nstructures in these getname() implementations were not initialized\nproperly before being copied to user-space. These flaws could lead to\nan information leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nBug fixes :\n\n* this update adds the mmap_min_addr tunable and restriction checks to\nhelp prevent unprivileged users from creating new memory mappings\nbelow the minimum address. This can help prevent the exploitation of\nNULL pointer dereference bugs. Note that mmap_min_addr is set to zero\n(disabled) by default for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag '-fno-delete-null-pointer-checks' was added to the\nkernel build options. This prevents gcc from optimizing out NULL\npointer checks after the first use of a pointer. NULL pointer bugs are\noften exploited by attackers. Keeping these checks is a safety\nmeasure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not\nNULL, to help prevent future bugs in functions that call\nip_append_data() from being exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016300.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0434178f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-November/016301.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7607f232\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-doc-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-source-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-source-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-unsupported-2.4.21-63.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:07:07", "description": "From Red Hat Security Advisory 2009:1550 :\n\nUpdated kernel packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important)\n\n* missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space. These flaws could lead to an information leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n* this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag '-fno-delete-null-pointer-checks' was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : kernel (ELSA-2009-1550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-boot", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-unsupported", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-unsupported", "p-cpe:/a:oracle:linux:kernel-source", "p-cpe:/a:oracle:linux:kernel-unsupported", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2009-1550.NASL", "href": "https://www.tenable.com/plugins/nessus/67955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1550 and \n# Oracle Linux Security Advisory ELSA-2009-1550 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67955);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(32154, 34405, 35185, 35647, 35930, 36176, 36901);\n script_xref(name:\"RHSA\", value:\"2009:1550\");\n\n script_name(english:\"Oracle Linux 3 : kernel (ELSA-2009-1550)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1550 :\n\nUpdated kernel packages that fix several security issues and multiple\nbugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux\nkernel. Frames with sizes near the MTU of an interface may be split\nacross multiple hardware receive descriptors. Receipt of such a frame\ncould leak through a validation check, leading to a corruption of the\nlength check. A remote attacker could use this flaw to send a\nspecially crafted packet that would cause a denial of service or code\nexecution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared\nwhen a setuid or setgid program was executed. A local, unprivileged\nuser could use this flaw to bypass the mmap_min_addr protection\nmechanism and perform a NULL pointer dereference attack, or bypass the\nAddress Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the\nclear_child_tid pointer in the Linux kernel is not cleared. If this\npointer points to a writable portion of the memory of the new program,\nthe kernel could corrupt four bytes of memory, possibly leading to a\nlocal denial of service or privilege escalation. (CVE-2009-2848,\nImportant)\n\n* missing initialization flaws were found in getname() implementations\nin the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and\nROSE protocol implementations in the Linux kernel. Certain data\nstructures in these getname() implementations were not initialized\nproperly before being copied to user-space. These flaws could lead to\nan information leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nBug fixes :\n\n* this update adds the mmap_min_addr tunable and restriction checks to\nhelp prevent unprivileged users from creating new memory mappings\nbelow the minimum address. This can help prevent the exploitation of\nNULL pointer dereference bugs. Note that mmap_min_addr is set to zero\n(disabled) by default for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag '-fno-delete-null-pointer-checks' was added to the\nkernel build options. This prevents gcc from optimizing out NULL\npointer checks after the first use of a pointer. NULL pointer bugs are\noften exploited by attackers. Keeping these checks is a safety\nmeasure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not\nNULL, to help prevent future bugs in functions that call\nip_append_data() from being exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-November/001233.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-1550\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.4\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-BOOT-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-doc-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-source-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-source-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-unsupported-2.4.21-63.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-unsupported-2.4.21-63.0.0.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:37:48", "description": "Updated kernel packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important)\n\n* missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space. These flaws could lead to an information leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n* this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag '-fno-delete-null-pointer-checks' was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-11-04T00:00:00", "type": "nessus", "title": "RHEL 3 : kernel (RHSA-2009:1550)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2848", "CVE-2009-2849", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-boot", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-unsupported", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2009-1550.NASL", "href": "https://www.tenable.com/plugins/nessus/42360", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1550. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42360);\n script_version(\"1.47\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_bugtraq_id(32154, 34405, 35185, 35647, 35930, 36176, 36901);\n script_xref(name:\"RHSA\", value:\"2009:1550\");\n\n script_name(english:\"RHEL 3 : kernel (RHSA-2009:1550)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and multiple\nbugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux\nkernel. Frames with sizes near the MTU of an interface may be split\nacross multiple hardware receive descriptors. Receipt of such a frame\ncould leak through a validation check, leading to a corruption of the\nlength check. A remote attacker could use this flaw to send a\nspecially crafted packet that would cause a denial of service or code\nexecution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared\nwhen a setuid or setgid program was executed. A local, unprivileged\nuser could use this flaw to bypass the mmap_min_addr protection\nmechanism and perform a NULL pointer dereference attack, or bypass the\nAddress Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the\nclear_child_tid pointer in the Linux kernel is not cleared. If this\npointer points to a writable portion of the memory of the new program,\nthe kernel could corrupt four bytes of memory, possibly leading to a\nlocal denial of service or privilege escalation. (CVE-2009-2848,\nImportant)\n\n* missing initialization flaws were found in getname() implementations\nin the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and\nROSE protocol implementations in the Linux kernel. Certain data\nstructures in these getname() implementations were not initialized\nproperly before being copied to user-space. These flaws could lead to\nan information leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nBug fixes :\n\n* this update adds the mmap_min_addr tunable and restriction checks to\nhelp prevent unprivileged users from creating new memory mappings\nbelow the minimum address. This can help prevent the exploitation of\nNULL pointer dereference bugs. Note that mmap_min_addr is set to zero\n(disabled) by default for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag '-fno-delete-null-pointer-checks' was added to the\nkernel build options. This prevents gcc from optimizing out NULL\npointer checks after the first use of a pointer. NULL pointer bugs are\noften exploited by attackers. Keeping these checks is a safety\nmeasure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not\nNULL, to help prevent future bugs in functions that call\nip_append_data() from being exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1385\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3547\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-17866\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/17845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1550\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 119, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1550\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1550\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-doc-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-unsupported-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-source-2.4.21-63.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-unsupported-2.4.21-63.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T15:57:45", "description": "Updated kernel packages that fix security issues are now available for Red Hat Enterprise Linux 4.7 Extended Update Support.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1588)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-1588.NASL", "href": "https://www.tenable.com/plugins/nessus/63902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1588. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63902);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3547\");\n script_bugtraq_id(36901);\n script_xref(name:\"RHSA\", value:\"2009:1588\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1588)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix security issues are now available for\nRed Hat Enterprise Linux 4.7 Extended Update Support.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(),\nand pipe_rdwr_open(). When the mutex lock is not held, the i_pipe\npointer could be released by other processes before it is used to\nupdate the pipe's reader and writer counters. This could lead to a\nlocal denial of service or privilege escalation. (CVE-2009-3547,\nImportant)\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The system must be rebooted\nfor this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-3547.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://kbase.redhat.com/faq/docs/DOC-20481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-1588.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-devel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-doc-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.28.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.28.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:39:01", "description": "CVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nThis update fixes the following security issues :\n\n - a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091103_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60689", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60689);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3547\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nThis update fixes the following security issues :\n\n - a NULL pointer dereference flaw was found in each of the\n following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the\n i_pipe pointer could be released by other processes\n before it is used to update the pipe's reader and writer\n counters. This could lead to a local denial of service\n or privilege escalation. (CVE-2009-3547, Important)\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0911&L=scientific-linux-errata&T=0&P=476\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7739e1b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-89.0.16.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-89.0.16.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:51:51", "description": "This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraid_sas driver was worldwriteable, allowing local users to cause a denial of service or potential code execution.\n\n - The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005)\n\n - A negative offset in a ioctl in the GDTH RAID driver was fixed. (CVE-2009-3080)\n\n - The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. (CVE-2009-4021)\n\n - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue existed because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\nThe rio and sx serial multiport card drivers were disabled via a modprobe blacklist due to severe bugs.\n\nFor a full list of changes, please read the RPM changelog.", "cvss3": {}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 6694)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-2903", "CVE-2009-3080", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3939", "CVE-2009-4005", "CVE-2009-4021"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6694.NASL", "href": "https://www.tenable.com/plugins/nessus/49868", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49868);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-3080\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\", \"CVE-2009-3939\", \"CVE-2009-4005\", \"CVE-2009-4021\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 6694)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various bugs and some security issues in the SUSE\nLinux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3939: A sysctl\nvariable of the megaraid_sas driver was worldwriteable, allowing local\nusers to cause a denial of service or potential code execution.\n\n - The collect_rx_frame function in\n drivers/isdn/hisax/hfc_usb.c in the Linux kernel before\n 2.6.32-rc7 allows attackers to have an unspecified\n impact via a crafted HDLC packet that arrives over ISDN\n and triggers a buffer under-read. (CVE-2009-4005)\n\n - A negative offset in a ioctl in the GDTH RAID driver was\n fixed. (CVE-2009-3080)\n\n - The fuse_direct_io function in fs/fuse/file.c in the\n fuse subsystem in the Linux kernel might allow attackers\n to cause a denial of service (invalid pointer\n dereference and OOPS) via vectors possibly related to a\n memory-consumption attack. (CVE-2009-4021)\n\n - Memory leak in the appletalk subsystem in the Linux\n kernel when the appletalk and ipddp modules are loaded\n but the ipddp'N' device is not found, allows remote\n attackers to cause a denial of service (memory\n consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users\n to cause a denial of service (system hang) by creating\n an abstract-namespace AF_UNIX listening socket,\n performing a shutdown operation on this socket, and then\n performing a series of connect operations to this\n socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the\n netlink subsystem in the Linux kernel 2.6.x before\n 2.6.32-rc5, and 2.4.37.6 and earlier, does not\n initialize a certain tcm__pad2 structure member, which\n might allow local users to obtain sensitive information\n from kernel memory via unspecified vectors. NOTE: this\n issue existed because of an incomplete fix for\n CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel\n does not properly verify Concurrent Command Engine (CCE)\n state initialization, which allows local users to cause\n a denial of service (NULL pointer dereference and system\n crash) or possibly gain privileges via unspecified ioctl\n calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\n NFSv4 client in the Linux kernel allows remote NFS\n servers to cause a denial of service (NULL pointer\n dereference and panic) by sending a certain response\n containing incorrect file attributes, which trigger\n attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\nThe rio and sx serial multiport card drivers were disabled via a\nmodprobe blacklist due to severe bugs.\n\nFor a full list of changes, please read the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2005-4881.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2903.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3080.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3612.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3620.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3621.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3726.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3939.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4021.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6694.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-kdumppae-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.58.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-27T14:14:24", "description": "This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraid_sas driver was worldwriteable, allowing local users to cause a denial of service or potential code execution.\n\n - The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005)\n\n - A negative offset in a ioctl in the GDTH RAID driver was fixed. (CVE-2009-3080)\n\n - The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. (CVE-2009-4021)\n\n - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue existed because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\nThe rio and sx serial multiport card drivers were disabled via a modprobe blacklist due to severe bugs.\n\nFor a full list of changes, please read the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 6697)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-2903", "CVE-2009-3080", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3939", "CVE-2009-4005", "CVE-2009-4021"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6697.NASL", "href": "https://www.tenable.com/plugins/nessus/59142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59142);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-3080\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\", \"CVE-2009-3939\", \"CVE-2009-4005\", \"CVE-2009-4021\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 6697)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various bugs and some security issues in the SUSE\nLinux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3939: A sysctl\nvariable of the megaraid_sas driver was worldwriteable, allowing local\nusers to cause a denial of service or potential code execution.\n\n - The collect_rx_frame function in\n drivers/isdn/hisax/hfc_usb.c in the Linux kernel before\n 2.6.32-rc7 allows attackers to have an unspecified\n impact via a crafted HDLC packet that arrives over ISDN\n and triggers a buffer under-read. (CVE-2009-4005)\n\n - A negative offset in a ioctl in the GDTH RAID driver was\n fixed. (CVE-2009-3080)\n\n - The fuse_direct_io function in fs/fuse/file.c in the\n fuse subsystem in the Linux kernel might allow attackers\n to cause a denial of service (invalid pointer\n dereference and OOPS) via vectors possibly related to a\n memory-consumption attack. (CVE-2009-4021)\n\n - Memory leak in the appletalk subsystem in the Linux\n kernel when the appletalk and ipddp modules are loaded\n but the ipddp'N' device is not found, allows remote\n attackers to cause a denial of service (memory\n consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users\n to cause a denial of service (system hang) by creating\n an abstract-namespace AF_UNIX listening socket,\n performing a shutdown operation on this socket, and then\n performing a series of connect operations to this\n socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the\n netlink subsystem in the Linux kernel 2.6.x before\n 2.6.32-rc5, and 2.4.37.6 and earlier, does not\n initialize a certain tcm__pad2 structure member, which\n might allow local users to obtain sensitive information\n from kernel memory via unspecified vectors. NOTE: this\n issue existed because of an incomplete fix for\n CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel\n does not properly verify Concurrent Command Engine (CCE)\n state initialization, which allows local users to cause\n a denial of service (NULL pointer dereference and system\n crash) or possibly gain privileges via unspecified ioctl\n calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\n NFSv4 client in the Linux kernel allows remote NFS\n servers to cause a denial of service (NULL pointer\n dereference and panic) by sending a certain response\n containing incorrect file attributes, which trigger\n attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\nThe rio and sx serial multiport card drivers were disabled via a\nmodprobe blacklist due to severe bugs.\n\nFor a full list of changes, please read the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2005-4881.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2903.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3080.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3612.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3620.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3621.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3726.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3939.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4021.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6697.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.58.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.58.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T15:33:29", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - [security] require root for mmap_min_addr (Eric Paris) [518142 518143] (CVE-2009-2695)\n\n - [md] prevent crash when accessing suspend_* sysfs attr (Danny Feng) [518135 518136] (CVE-2009-2849)\n\n - [nfs] knfsd: fix NFSv4 O_EXCL creates (Jeff Layton) [522163 524521] (CVE-2009-3286)\n\n - [fs] fix pipe null pointer dereference (Jeff Moyer) [530938 530939] (CVE-2009-3547)\n\n - [net] r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera) [529143 515857] (CVE-2009-3613)\n\n - [net] tc: fix uninitialized kernel memory leak (Jiri Pirko) [520994 520863](CVE-2009-3228)", "cvss3": {}, "published": "2014-11-26T00:00:00", "type": "nessus", "title": "OracleVM 2.2 : kernel (OVMSA-2009-0033)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2695", "CVE-2009-2849", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3613"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel", "p-cpe:/a:oracle:vm:kernel-devel", "p-cpe:/a:oracle:vm:kernel-ovs", "p-cpe:/a:oracle:vm:kernel-ovs-devel", "cpe:/o:oracle:vm_server:2.2"], "id": "ORACLEVM_OVMSA-2009-0033.NASL", "href": "https://www.tenable.com/plugins/nessus/79470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2009-0033.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79470);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-3228\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3613\");\n script_bugtraq_id(36304, 36472, 36706, 36901);\n\n script_name(english:\"OracleVM 2.2 : kernel (OVMSA-2009-0033)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - [security] require root for mmap_min_addr (Eric Paris)\n [518142 518143] (CVE-2009-2695)\n\n - [md] prevent crash when accessing suspend_* sysfs attr\n (Danny Feng) [518135 518136] (CVE-2009-2849)\n\n - [nfs] knfsd: fix NFSv4 O_EXCL creates (Jeff Layton)\n [522163 524521] (CVE-2009-3286)\n\n - [fs] fix pipe null pointer dereference (Jeff Moyer)\n [530938 530939] (CVE-2009-3547)\n\n - [net] r8169: balance pci_map/unmap pair, use hw padding\n (Ivan Vecera) [529143 515857] (CVE-2009-3613)\n\n - [net] tc: fix uninitialized kernel memory leak (Jiri\n Pirko) [520994 520863](CVE-2009-3228)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2009-November/000039.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6f5df51\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.2\", reference:\"kernel-2.6.18-128.2.1.4.12.el5\")) flag++;\nif (rpm_check(release:\"OVS2.2\", reference:\"kernel-devel-2.6.18-128.2.1.4.12.el5\")) flag++;\nif (rpm_check(release:\"OVS2.2\", reference:\"kernel-ovs-2.6.18-128.2.1.4.12.el5\")) flag++;\nif (rpm_check(release:\"OVS2.2\", reference:\"kernel-ovs-devel-2.6.18-128.2.1.4.12.el5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-ovs / kernel-ovs-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:00:48", "description": "CVE-2009-2695 kernel: SELinux and mmap_min_addr\n\nCVE-2009-3228 kernel: tc: uninitialised kernel memory leak\n\nCVE-2009-3286 kernel: O_EXCL creates on NFSv4 are broken\n\nCVE-2009-2908 kernel ecryptfs NULL pointer dereference\n\nCVE-2009-3613 kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)\n\n - a NULL pointer dereference flaw was found in the eCryptfs implementation in the Linux kernel. A local attacker could use this flaw to cause a local denial of service or escalate their privileges. (CVE-2009-2908, Important)\n\n - a flaw was found in the NFSv4 implementation. The kernel would do an unnecessary permission check after creating a file. This check would usually fail and leave the file with the permission bits set to random values. Note:\n This is a server-side only issue. (CVE-2009-3286, Important)\n\n - a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and pipe_rdwr_open()

Debian Security Advisory DSA 1927-1 (linux-2.6)

Description

Related