Ubuntu Update for linux vulnerabilities USN-1072-1
2011-02-28T00:00:00
ID OPENVAS:840594 Type openvas Reporter Copyright (c) 2011 Greenbone Networks GmbH Modified 2017-12-01T00:00:00
Description
Ubuntu Update for Linux kernel vulnerabilities USN-1072-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1072_1.nasl 7964 2017-12-01 07:32:11Z santu $
#
# Ubuntu Update for linux vulnerabilities USN-1072-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Gleb Napatov discovered that KVM did not correctly check certain privileged
operations. A local attacker with access to a guest kernel could exploit
this to crash the host system, leading to a denial of service.
(CVE-2010-0435)
Dave Chinner discovered that the XFS filesystem did not correctly order
inode lookups when exported by NFS. A remote attacker could exploit this to
read or write disk blocks that had changed file assignment or had become
unlinked, leading to a loss of privacy. (CVE-2010-2943)
Dan Rosenberg discovered that several network ioctls did not clear kernel
memory correctly. A local user could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)
Dan Jacobson discovered that ThinkPad video output was not correctly
access controlled. A local attacker could exploit this to hang the system,
leading to a denial of service. (CVE-2010-3448)
It was discovered that KVM did not correctly initialize certain CPU
registers. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2010-3698)
It was discovered that Xen did not correctly clean up threads. A local
attacker in a guest system could exploit this to exhaust host system
resources, leading to a denial of serivce. (CVE-2010-3699)
Brad Spengler discovered that stack memory for new a process was not
correctly calculated. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-3858)
Dan Rosenberg discovered that the Linux kernel TIPC implementation
contained multiple integer signedness errors. A local attacker could
exploit this to gain root privileges. (CVE-2010-3859)
Dan Rosenberg discovered that the Linux kernel X.25 implementation
incorrectly parsed facilities. A remote attacker could exploit this to
crash the kernel, leading to a denial of service. (CVE-2010-3873)
Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did
not correctly clear kernel memory. A local attacker could exploit this to
read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)
Vasiliy Kulikov discovered that the Linux kernel sockets implementation did
not properly initialize certain structures. A local attacker could exploit
this to read kernel stack memory, leading to a loss of privacy.
(CVE-2010-3876)
Vasiliy Kulikov discovered that the TIPC interface did not correctly
initialize certain structures. A local attacker could exploit this to
read kernel stack memory, leading to a l ...
Description truncated, for more information please check the Reference URL";
tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-1072-1";
tag_affected = "linux vulnerabilities on Ubuntu 8.04 LTS";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-1072-1/");
script_id(840594);
script_version("$Revision: 7964 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)");
script_tag(name:"cvss_base", value:"7.9");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:C/I:C/A:N");
script_xref(name: "USN", value: "1072-1");
script_cve_id("CVE-2010-0435", "CVE-2010-2943", "CVE-2010-3296", "CVE-2010-3297", "CVE-2010-3448", "CVE-2010-3698", "CVE-2010-3699", "CVE-2010-3858", "CVE-2010-3859", "CVE-2010-3873", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3877", "CVE-2010-3880", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4078", "CVE-2010-4079", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-4248");
script_name("Ubuntu Update for linux vulnerabilities USN-1072-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU8.04 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-386", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-generic", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-openvz", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-rt", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-server", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-virtual", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28-xen", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-386", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-generic", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-openvz", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-rt", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-server", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-virtual", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.24-28-xen", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-386", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-generic", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-server", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug-2.6.24-28-virtual", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-doc-2.6.24", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers-2.6.24-28", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-source-2.6.24", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"acpi-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"acpi-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"block-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"block-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"crypto-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"crypto-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fat-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fat-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fb-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fb-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"firewire-core-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"firewire-core-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"floppy-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"floppy-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fs-core-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fs-core-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fs-secondary-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"fs-secondary-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ide-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ide-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"input-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"input-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ipv6-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ipv6-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"irda-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"irda-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"md-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"md-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"message-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"message-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nfs-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nfs-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-pcmcia-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-shared-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-shared-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-usb-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"nic-usb-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"parport-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"parport-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"pata-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"pata-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"pcmcia-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"pcmcia-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"pcmcia-storage-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"plip-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"plip-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ppp-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"ppp-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"sata-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"sata-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"scsi-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"scsi-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"serial-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"serial-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"socket-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"socket-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"storage-core-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"storage-core-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"usb-modules-2.6.24-28-386-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"usb-modules-2.6.24-28-generic-di", ver:"2.6.24-28.86", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:840594", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for linux vulnerabilities USN-1072-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1072-1", "published": "2011-02-28T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840594", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["1072-1", "http://www.ubuntu.com/usn/usn-1072-1/"], "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "lastseen": "2017-12-04T11:26:37", "viewCount": 0, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2017-12-04T11:26:37", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231068662", "OPENVAS:1361412562310870374", "OPENVAS:1361412562310840595", "OPENVAS:1361412562310840594", "OPENVAS:68662", "OPENVAS:1361412562310840592", "OPENVAS:840595", "OPENVAS:840592", "OPENVAS:881254", "OPENVAS:870374"]}, {"type": "ubuntu", "idList": ["USN-1057-1", "USN-1041-1", "USN-1073-1", "USN-1072-1", "USN-1081-1", "USN-1071-1"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1041-1.NASL", "UBUNTU_USN-1057-1.NASL", "UBUNTU_USN-1072-1.NASL", "UBUNTU_USN-1073-1.NASL", "CENTOS_RHSA-2011-0004.NASL", "UBUNTU_USN-1071-1.NASL", "REDHAT-RHSA-2011-0004.NASL", "ORACLELINUX_ELSA-2011-0004.NASL", "SL_20110104_KERNEL_ON_SL5_X.NASL", "DEBIAN_DSA-2126.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2126-1:370B4"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11275", "SECURITYVULNS:DOC:25229"]}, {"type": "cve", "idList": ["CVE-2010-4080", "CVE-2010-4078", "CVE-2010-4074", "CVE-2010-3297", "CVE-2010-3699", "CVE-2010-3296", "CVE-2010-3448", "CVE-2010-4079", "CVE-2010-4160", "CVE-2010-2943"]}, {"type": "redhat", "idList": ["RHSA-2010:0958", "RHSA-2011:0004", "RHSA-2011:0007", "RHSA-2011:0017", "RHSA-2011:0162"]}, {"type": "centos", "idList": ["CESA-2011:0004", "CESA-2011:0162"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0162", "ELSA-2011-0263", "ELSA-2011-0004"]}, {"type": "fedora", "idList": ["FEDORA:0BE9E110D31"]}], "modified": "2017-12-04T11:26:37", "rev": 2}, "vulnersScore": 7.6}, "pluginID": "840594", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1072_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1072-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dave Chinner discovered that the XFS filesystem did not correctly order\n inode lookups when exported by NFS. A remote attacker could exploit this to\n read or write disk blocks that had changed file assignment or had become\n unlinked, leading to a loss of privacy. (CVE-2010-2943)\n \n Dan Rosenberg discovered that several network ioctls did not clear kernel\n memory correctly. A local user could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n \n Dan Jacobson discovered that ThinkPad video output was not correctly\n access controlled. A local attacker could exploit this to hang the system,\n leading to a denial of service. (CVE-2010-3448)\n \n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2010-3698)\n \n It was discovered that Xen did not correctly clean up threads. A local\n attacker in a guest system could exploit this to exhaust host system\n resources, leading to a denial of serivce. (CVE-2010-3699)\n \n Brad Spengler discovered that stack memory for new a process was not\n correctly calculated. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-3858)\n \n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n \n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to\n read kernel stack memory, leading to a l ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1072-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1072-1/\");\n script_id(840594);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_xref(name: \"USN\", value: \"1072-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-2943\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4248\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1072-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}
{"openvas": [{"lastseen": "2020-08-15T16:26:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1072-1", "modified": "2019-03-13T00:00:00", "published": "2011-02-28T00:00:00", "id": "OPENVAS:1361412562310840594", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840594", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1072-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1072_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1072-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1072-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840594\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_xref(name:\"USN\", value:\"1072-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-2943\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4248\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1072-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1072-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dave Chinner discovered that the XFS filesystem did not correctly order\n inode lookups when exported by NFS. A remote attacker could exploit this to\n read or write disk blocks that had changed file assignment or had become\n unlinked, leading to a loss of privacy. (CVE-2010-2943)\n\n Dan Rosenberg discovered that several network ioctls did not clear kernel\n memory correctly. A local user could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n\n Dan Jacobson discovered that ThinkPad video output was not correctly\n access controlled. A local attacker could exploit this to hang the system,\n leading to a denial of service. (CVE-2010-3448)\n\n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2010-3698)\n\n It was discovered that Xen did not correctly clean up threads. A local\n attacker in a guest system could exploit this to exhaust host system\n resources, leading to a denial of service. (CVE-2010-3699)\n\n Brad Spengler discovered that stack memory for new a process was not\n correctly calculated. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-3858)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n\n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to\n read kernel stack memory, leading to a l ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1071-1", "modified": "2017-12-01T00:00:00", "published": "2011-02-28T00:00:00", "id": "OPENVAS:840595", "href": "http://plugins.openvas.org/nasl.php?oid=840595", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1071_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tavis Ormandy discovered that the Linux kernel did not properly implement\n exception fixup. A local attacker could exploit this to crash the kernel,\n leading to a denial of service. (CVE-2010-3086)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n \n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation\n did not properly initialize certain structures. A local attacker could\n exploit this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the SiS video driver did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4078)\n \n Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver\n did not correctly clear kernel memory. A local attacker could exploit this\n to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,\n CVE-2010-4081)\n \n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n \n James Bottomley discovered that the ICP vortex storage array controller\n driver did not validate certain sizes. A local attacker on a 64bit system\n could exploit this to crash the kernel, leading to a denial of service.\n (CVE-2010-4157)\n \n Dan Rosenberg discovered that the Linux kernel L2TP implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to to crash the kernel, or possibly gain root privileges.\n (CVE-2010-4160)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1071-1\";\ntag_affected = \"linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1071-1/\");\n script_id(840595);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1071-1\");\n script_cve_id(\"CVE-2010-3086\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-08-15T16:25:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1071-1", "modified": "2019-08-06T00:00:00", "published": "2011-02-28T00:00:00", "id": "OPENVAS:1361412562310840595", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840595", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1071-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840595\");\n script_version(\"2019-08-06T11:17:21+0000\");\n script_tag(name:\"last_modification\", value:\"2019-08-06 11:17:21 +0000 (Tue, 06 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1071-1\");\n script_cve_id(\"CVE-2010-3086\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU6\\.06 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1071-1\");\n script_tag(name:\"affected\", value:\"linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Tavis Ormandy discovered that the Linux kernel did not properly implement\n exception fixup. A local attacker could exploit this to crash the kernel,\n leading to a denial of service. (CVE-2010-3086)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n\n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation\n did not properly initialize certain structures. A local attacker could\n exploit this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the SiS video driver did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4078)\n\n Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver\n did not correctly clear kernel memory. A local attacker could exploit this\n to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,\n CVE-2010-4081)\n\n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n\n James Bottomley discovered that the ICP vortex storage array controller\n driver did not validate certain sizes. A local attacker on a 64bit system\n could exploit this to crash the kernel, leading to a denial of service.\n (CVE-2010-4157)\n\n Dan Rosenberg discovered that the Linux kernel L2TP implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to crash the kernel, or possibly gain root privileges.\n (CVE-2010-4160)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-15T16:27:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1073-1", "modified": "2019-03-13T00:00:00", "published": "2011-02-28T00:00:00", "id": "OPENVAS:1361412562310840592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840592", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1073_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1073-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840592\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1073-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4248\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU9\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1073-1\");\n script_tag(name:\"affected\", value:\"linux, linux-ec2 vulnerabilities on Ubuntu 9.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dan Jacobson discovered that ThinkPad video output was not correctly access\n controlled. A local attacker could exploit this to hang the system, leading\n to a denial of service. (CVE-2010-3448)\n\n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n\n Thomas Pollet discovered that the RDS network protocol did not\n check certain iovec buffers. A local attacker could exploit this\n to crash the system or possibly execute arbitrary code as the root\n user. (CVE-2010-3865)\n\n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\n Dan Rosenberg discovered that the CAN protocol on 64bit systems did not\n correctly calculate the size of certain buffers. A local attacker could\n exploit this to crash the system or possibly execute arbitrary code as\n the root user. (CVE-2010-3874)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the USB subsystem did not correctly\n initialize certain structures. A local attacker could exploit this to read ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-virtual\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1073-1", "modified": "2017-12-01T00:00:00", "published": "2011-02-28T00:00:00", "id": "OPENVAS:840592", "href": "http://plugins.openvas.org/nasl.php?oid=840592", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1073_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dan Jacobson discovered that ThinkPad video output was not correctly access\n controlled. A local attacker could exploit this to hang the system, leading\n to a denial of service. (CVE-2010-3448)\n \n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n \n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n \n Thomas Pollet discovered that the RDS network protocol did not\n check certain iovec buffers. A local attacker could exploit this\n to crash the system or possibly execute arbitrary code as the root\n user. (CVE-2010-3865)\n \n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n \n Dan Rosenberg discovered that the CAN protocol on 64bit systems did not\n correctly calculate the size of certain buffers. A local attacker could\n exploit this to crash the system or possibly execute arbitrary code as\n the root user. (CVE-2010-3874)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the USB subsystem did not correctly\n initialize certain structures. A local attacker could exploit this to read ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1073-1\";\ntag_affected = \"linux, linux-ec2 vulnerabilities on Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1073-1/\");\n script_id(840592);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1073-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4248\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-virtual\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.", "modified": "2019-03-18T00:00:00", "published": "2011-01-24T00:00:00", "id": "OPENVAS:136141256231068662", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068662", "type": "openvas", "title": "Debian Security Advisory DSA 2126-1 (linux-2.6)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2126_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2126-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68662\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3067\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3448\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4164\");\n script_name(\"Debian Security Advisory DSA 2126-1 (linux-2.6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB5\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202126-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a privilege escalation, denial of service or information leak. For details, please visit the referenced security advisories.\n\nFor the stable distribution (lenny), this problem has been fixed in version\n2.6.26-26lenny1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your linux-2.6 and user-mode-linux packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.", "modified": "2017-07-07T00:00:00", "published": "2011-01-24T00:00:00", "id": "OPENVAS:68662", "href": "http://plugins.openvas.org/nasl.php?oid=68662", "type": "openvas", "title": "Debian Security Advisory DSA 2126-1 (linux-2.6)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2126_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2126-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a privilege escalation, denial of service or information leak. For details, please visit the referenced security advisories.\n\nFor the stable distribution (lenny), this problem has been fixed in version\n2.6.26-26lenny1.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202126-1\";\n\n\nif(description)\n{\n script_id(68662);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3067\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3448\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4164\");\n script_name(\"Debian Security Advisory DSA 2126-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2011-01-11T00:00:00", "id": "OPENVAS:870374", "href": "http://plugins.openvas.org/nasl.php?oid=870374", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0004-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0004-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n \n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n \n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n \n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n \n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n \n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n \n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00002.html\");\n script_id(870374);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0004-01\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_name(\"RedHat Update for kernel RHSA-2011:0004-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "description": "Check for the Version of kernel", "modified": "2018-01-02T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881254", "href": "http://plugins.openvas.org/nasl.php?oid=881254", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0004 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0004 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n \n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n \n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n \n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n \n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n \n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n \n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n \n * It was found that a malic ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017222.html\");\n script_id(881254);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:12:07 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\",\n \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\",\n \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\",\n \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0004\");\n script_name(\"CentOS Update for kernel CESA-2011:0004 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880516", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0004 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0004 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017221.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880516\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0004\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_name(\"CentOS Update for kernel CESA-2011:0004 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n\n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n\n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n\n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n\n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n\n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n\n * It was found that a malic ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-03-01T07:20:03", "description": "Gleb Napatov discovered that KVM did not correctly check certain\nprivileged operations. A local attacker with access to a guest kernel\ncould exploit this to crash the host system, leading to a denial of\nservice. (CVE-2010-0435)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297)\n\nDan Jacobson discovered that ThinkPad video output was not correctly\naccess controlled. A local attacker could exploit this to hang the\nsystem, leading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nIt was discovered that Xen did not correctly clean up threads. A local\nattacker in a guest system could exploit this to exhaust host system\nresources, leading to a denial of serivce. (CVE-2010-3699)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation\nincorrectly parsed facilities. A remote attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation\ndid not correctly clear kernel memory. A local attacker could exploit\nthis to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets\nimplementation did not properly initialize certain structures. A local\nattacker could exploit this to read kernel stack memory, leading to a\nloss of privacy. (CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly\ninitialize certain structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did\nnot properly audit certain bytecodes in netlink messages. A local\nattacker could exploit this to cause the kernel to hang, leading to a\ndenial of service. (CVE-2010-3880)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the USB subsystem did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to to crash the kernel, or possibly gain root privileges.\n(CVE-2010-4160)\n\nIt was discovered that multithreaded exec did not handle CPU timers\ncorrectly. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-4248).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2011-03-01T00:00:00", "title": "Ubuntu 8.04 LTS : linux vulnerabilities (USN-1072-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24"], "id": "UBUNTU_USN-1072-1.NASL", "href": "https://www.tenable.com/plugins/nessus/52475", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1072-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52475);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-2943\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4248\");\n script_bugtraq_id(38607, 42527, 42582, 43221, 43229, 43809, 43810, 44301, 44354, 44500, 44630, 44642, 44648, 44665, 44762, 45028, 45039, 45054, 45058, 45062, 45063, 45074);\n script_xref(name:\"USN\", value:\"1072-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS : linux vulnerabilities (USN-1072-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gleb Napatov discovered that KVM did not correctly check certain\nprivileged operations. A local attacker with access to a guest kernel\ncould exploit this to crash the host system, leading to a denial of\nservice. (CVE-2010-0435)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297)\n\nDan Jacobson discovered that ThinkPad video output was not correctly\naccess controlled. A local attacker could exploit this to hang the\nsystem, leading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nIt was discovered that Xen did not correctly clean up threads. A local\nattacker in a guest system could exploit this to exhaust host system\nresources, leading to a denial of serivce. (CVE-2010-3699)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation\nincorrectly parsed facilities. A remote attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation\ndid not correctly clear kernel memory. A local attacker could exploit\nthis to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets\nimplementation did not properly initialize certain structures. A local\nattacker could exploit this to read kernel stack memory, leading to a\nloss of privacy. (CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly\ninitialize certain structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did\nnot properly audit certain bytecodes in netlink messages. A local\nattacker could exploit this to cause the kernel to hang, leading to a\ndenial of service. (CVE-2010-3880)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the USB subsystem did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to to crash the kernel, or possibly gain root privileges.\n(CVE-2010-4160)\n\nIt was discovered that multithreaded exec did not handle CPU timers\ncorrectly. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-4248).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1072-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-0435\", \"CVE-2010-2943\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4248\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1072-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-386\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-generic\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-openvz\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-rt\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-server\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-virtual\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-28-xen\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-386\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-generic\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-lpia\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-lpiacompat\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-openvz\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-rt\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-server\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-virtual\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-28-xen\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-28-386\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-28-generic\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-28-server\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-28-virtual\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-28.86\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-28.86\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.24 / linux-headers-2.6 / linux-headers-2.6-386 / etc\");\n}\n", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:N"}}, {"lastseen": "2021-03-01T07:20:03", "description": "Tavis Ormandy discovered that the Linux kernel did not properly\nimplement exception fixup. A local attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3086)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation\nincorrectly parsed facilities. A remote attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation\ndid not correctly clear kernel memory. A local attacker could exploit\nthis to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets\nimplementation did not properly initialize certain structures. A local\nattacker could exploit this to read kernel stack memory, leading to a\nloss of privacy. (CVE-2010-3876)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did\nnot properly audit certain bytecodes in netlink messages. A local\nattacker could exploit this to cause the kernel to hang, leading to a\ndenial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that the SiS video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to to crash the kernel, or possibly gain root privileges.\n(CVE-2010-4160).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2011-03-01T00:00:00", "title": "Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1071-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-1071-1.NASL", "href": "https://www.tenable.com/plugins/nessus/52474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1071-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52474);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-3086\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\");\n script_bugtraq_id(43809, 43810, 44354, 44630, 44642, 44648, 44665, 44754, 44762, 45058, 45063);\n script_xref(name:\"USN\", value:\"1071-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1071-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy discovered that the Linux kernel did not properly\nimplement exception fixup. A local attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3086)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation\nincorrectly parsed facilities. A remote attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation\ndid not correctly clear kernel memory. A local attacker could exploit\nthis to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets\nimplementation did not properly initialize certain structures. A local\nattacker could exploit this to read kernel stack memory, leading to a\nloss of privacy. (CVE-2010-3876)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did\nnot properly audit certain bytecodes in netlink messages. A local\nattacker could exploit this to cause the kernel to hang, leading to a\ndenial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that the SiS video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to to crash the kernel, or possibly gain root privileges.\n(CVE-2010-4160).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1071-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3086\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1071-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-386\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-686\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-generic\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-k8\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-server\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-xeon\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-server\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-386\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-686\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-generic\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-k8\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-server\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-xeon\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-server\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-55.93\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-55.93\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-headers-2.6 / linux-headers-2.6-386 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T07:20:03", "description": "Gleb Napatov discovered that KVM did not correctly check certain\nprivileged operations. A local attacker with access to a guest kernel\ncould exploit this to crash the host system, leading to a denial of\nservice. (CVE-2010-0435)\n\nDan Jacobson discovered that ThinkPad video output was not correctly\naccess controlled. A local attacker could exploit this to hang the\nsystem, leading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to gain root privileges. (CVE-2010-3859)\n\nThomas Pollet discovered that the RDS network protocol did not check\ncertain iovec buffers. A local attacker could exploit this to crash\nthe system or possibly execute arbitrary code as the root user.\n(CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation\nincorrectly parsed facilities. A remote attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did\nnot correctly calculate the size of certain buffers. A local attacker\ncould exploit this to crash the system or possibly execute arbitrary\ncode as the root user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation\ndid not correctly clear kernel memory. A local attacker could exploit\nthis to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets\nimplementation did not properly initialize certain structures. A local\nattacker could exploit this to read kernel stack memory, leading to a\nloss of privacy. (CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly\ninitialize certain structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did\nnot properly audit certain bytecodes in netlink messages. A local\nattacker could exploit this to cause the kernel to hang, leading to a\ndenial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that IPC structures were not correctly\ninitialized on 64bit systems. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4073)\n\nDan Rosenberg discovered that the USB subsystem did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to to crash the kernel, or possibly gain root privileges.\n(CVE-2010-4160)\n\nSteve Chen discovered that setsockopt did not correctly check MSS\nvalues. A local attacker could make a specially crafted socket call to\ncrash the system, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly\nhandle merged VMAs. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-4169)\n\nIt was discovered that multithreaded exec did not handle CPU timers\ncorrectly. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not\nhandled correctly for active sockets. A local attacker could exploit\nthis to allocate all available kernel memory, leading to a denial of\nservice. (CVE-2010-4249).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2011-03-01T00:00:00", "title": "Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386"], "id": "UBUNTU_USN-1073-1.NASL", "href": "https://www.tenable.com/plugins/nessus/52476", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1073-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52476);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/10/16 10:34:22\");\n\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4248\", \"CVE-2010-4249\");\n script_bugtraq_id(38607, 42582, 43809, 43810, 43817, 44354, 44500, 44549, 44630, 44642, 44648, 44661, 44665, 44762, 44830, 44861, 45028, 45037, 45058, 45062, 45063, 45074);\n script_xref(name:\"USN\", value:\"1073-1\");\n\n script_name(english:\"Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gleb Napatov discovered that KVM did not correctly check certain\nprivileged operations. A local attacker with access to a guest kernel\ncould exploit this to crash the host system, leading to a denial of\nservice. (CVE-2010-0435)\n\nDan Jacobson discovered that ThinkPad video output was not correctly\naccess controlled. A local attacker could exploit this to hang the\nsystem, leading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to gain root privileges. (CVE-2010-3859)\n\nThomas Pollet discovered that the RDS network protocol did not check\ncertain iovec buffers. A local attacker could exploit this to crash\nthe system or possibly execute arbitrary code as the root user.\n(CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation\nincorrectly parsed facilities. A remote attacker could exploit this to\ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did\nnot correctly calculate the size of certain buffers. A local attacker\ncould exploit this to crash the system or possibly execute arbitrary\ncode as the root user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation\ndid not correctly clear kernel memory. A local attacker could exploit\nthis to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets\nimplementation did not properly initialize certain structures. A local\nattacker could exploit this to read kernel stack memory, leading to a\nloss of privacy. (CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly\ninitialize certain structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did\nnot properly audit certain bytecodes in netlink messages. A local\nattacker could exploit this to cause the kernel to hang, leading to a\ndenial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that IPC structures were not correctly\ninitialized on 64bit systems. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4073)\n\nDan Rosenberg discovered that the USB subsystem did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly\ninitialize certian structures. A local attacker could exploit this to\nread kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly\nclear kernel memory. A local attacker could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation\ncontained multiple integer signedness errors. A local attacker could\nexploit this to to crash the kernel, or possibly gain root privileges.\n(CVE-2010-4160)\n\nSteve Chen discovered that setsockopt did not correctly check MSS\nvalues. A local attacker could make a specially crafted socket call to\ncrash the system, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly\nhandle merged VMAs. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-4169)\n\nIt was discovered that multithreaded exec did not handle CPU timers\ncorrectly. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not\nhandled correctly for active sockets. A local attacker could exploit\nthis to allocate all available kernel memory, leading to a denial of\nservice. (CVE-2010-4249).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1073-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-0435\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4248\", \"CVE-2010-4249\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1073-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-doc\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.31-307.27\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-source-2.6.31\", pkgver:\"2.6.31-307.27\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-386\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-server\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307\", pkgver:\"2.6.31-307.27\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307-ec2\", pkgver:\"2.6.31-307.27\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-386\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-lpia\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-server\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-virtual\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-307-ec2\", pkgver:\"2.6.31-307.27\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.31-22.73\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-source-2.6.31\", pkgver:\"2.6.31-22.73\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc / linux-ec2-doc / linux-ec2-source-2.6.31 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:46:09", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleak. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2010-2963\n Kees Cook discovered an issue in the v4l 32-bit\n compatibility layer for 64-bit systems that allows local\n users with /dev/video write permission to overwrite\n arbitrary kernel memory, potentially leading to a\n privilege escalation. On Debian systems, access to\n /dev/video devices is restricted to members of the\n 'video' group by default.\n\n - CVE-2010-3067\n Tavis Ormandy discovered an issue in the io_submit\n system call. Local users can cause an integer overflow\n resulting in a denial of service.\n\n - CVE-2010-3296\n Dan Rosenberg discovered an issue in the cxgb network\n driver that allows unprivileged users to obtain the\n contents of sensitive kernel memory.\n\n - CVE-2010-3297\n Dan Rosenberg discovered an issue in the eql network\n driver that allows local users to obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3310\n Dan Rosenberg discovered an issue in the ROSE socket\n implementation. On systems with a rose device, local\n users can cause a denial of service (kernel memory\n corruption).\n\n - CVE-2010-3432\n Thomas Dreibholz discovered an issue in the SCTP\n protocol that permits a remote user to cause a denial of\n service (kernel panic).\n\n - CVE-2010-3437\n Dan Rosenberg discovered an issue in the pktcdvd driver.\n Local users with permission to open /dev/pktcdvd/control\n can obtain the contents of sensitive kernel memory or\n cause a denial of service. By default on Debian systems,\n this access is restricted to members of the group\n 'cdrom'.\n\n - CVE-2010-3442\n Dan Rosenberg discovered an issue in the ALSA sound\n system. Local users with permission to open\n /dev/snd/controlC0 can create an integer overflow\n condition that causes a denial of service. By default on\n Debian systems, this access is restricted to members of\n the group 'audio'.\n\n - CVE-2010-3448\n Dan Jacobson reported an issue in the thinkpad-acpi\n driver. On certain Thinkpad systems, local users can\n cause a denial of service (X.org crash) by reading\n /proc/acpi/ibm/video.\n\n - CVE-2010-3477\n Jeff Mahoney discovered an issue in the Traffic Policing\n (act_police) module that allows local users to obtain\n the contents of sensitive kernel memory.\n\n - CVE-2010-3705\n Dan Rosenberg reported an issue in the HMAC processing\n code in the SCTP protocol that allows remote users to\n create a denial of service (memory corruption).\n\n - CVE-2010-3848\n Nelson Elhage discovered an issue in the Econet\n protocol. Local users can cause a stack overflow\n condition with large msg->msgiovlen values that can\n result in a denial of service or privilege escalation.\n\n - CVE-2010-3849\n Nelson Elhage discovered an issue in the Econet\n protocol. Local users can cause a denial of service\n (oops) if a NULL remote addr value is passed as a\n parameter to sendmsg().\n\n - CVE-2010-3850\n Nelson Elhage discovered an issue in the Econet\n protocol. Local users can assign econet addresses to\n arbitrary interfaces due to a missing capabilities\n check.\n\n - CVE-2010-3858\n Brad Spengler reported an issue in the setup_arg_pages()\n function. Due to a bounds-checking failure, local users\n can create a denial of service (kernel oops).\n\n - CVE-2010-3859\n Dan Rosenberg reported an issue in the TIPC protocol.\n When the tipc module is loaded, local users can gain\n elevated privileges via the sendmsg() system call.\n\n - CVE-2010-3873\n Dan Rosenberg reported an issue in the X.25 network\n protocol. Local users can cause heap corruption,\n resulting in a denial of service (kernel panic).\n\n - CVE-2010-3874\n Dan Rosenberg discovered an issue in the Control Area\n Network (CAN) subsystem on 64-bit systems. Local users\n may be able to cause a denial of service (heap\n corruption).\n\n - CVE-2010-3875\n Vasiliy Kulikov discovered an issue in the AX.25\n protocol. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3876\n Vasiliy Kulikov discovered an issue in the Packet\n protocol. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3877\n Vasiliy Kulikov discovered an issue in the TIPC\n protocol. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3880\n Nelson Elhage discovered an issue in the INET_DIAG\n subsystem. Local users can cause the kernel to execute\n unaudited INET_DIAG bytecode, resulting in a denial of\n service.\n\n - CVE-2010-4072\n Kees Cook discovered an issue in the System V shared\n memory subsystem. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-4073\n Dan Rosenberg discovered an issue in the System V shared\n memory subsystem. Local users on 64-bit system can\n obtain the contents of sensitive kernel memory via the\n 32-bit compatible semctl() system call.\n\n - CVE-2010-4074\n Dan Rosenberg reported issues in the mos7720 and mos7840\n drivers for USB serial converter devices. Local users\n with access to these devices can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-4078\n Dan Rosenberg reported an issue in the framebuffer\n driver for SiS graphics chipsets (sisfb). Local users\n with access to the framebuffer device can obtain the\n contents of sensitive kernel memory via the\n FBIOGET_VBLANK ioctl.\n\n - CVE-2010-4079\n Dan Rosenberg reported an issue in the ivtvfb driver\n used for the Hauppauge PVR-350 card. Local users with\n access to the framebuffer device can obtain the contents\n of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\n\n - CVE-2010-4080\n Dan Rosenberg discovered an issue in the ALSA driver for\n RME Hammerfall DSP audio devices. Local users with\n access to the audio device can obtain the contents of\n sensitive kernel memory via the\n SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\n - CVE-2010-4081\n Dan Rosenberg discovered an issue in the ALSA driver for\n RME Hammerfall DSP MADI audio devices. Local users with\n access to the audio device can obtain the contents of\n sensitive kernel memory via the\n SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\n - CVE-2010-4083\n Dan Rosenberg discovered an issue in the semctl system\n call. Local users can obtain the contents of sensitive\n kernel memory through usage of the semid_ds structure.\n\n - CVE-2010-4164\n Dan Rosenberg discovered an issue in the X.25 network\n protocol. Remote users can achieve a denial of service\n (infinite loop) by taking advantage of an integer\n underflow in the facility parsing code.", "edition": 27, "published": "2010-11-29T00:00:00", "title": "Debian DSA-2126-1 : linux-2.6 - privilege escalation/denial of service/information leak", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "modified": "2010-11-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:linux-2.6"], "id": "DEBIAN_DSA-2126.NASL", "href": "https://www.tenable.com/plugins/nessus/50825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2126. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50825);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3067\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3448\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4164\");\n script_bugtraq_id(38607, 42529, 43221, 43229, 43353, 43368, 43480, 43551, 43701, 43787, 43809, 43810, 44242, 44301, 44354, 44630, 44642, 44661, 44665, 45054, 45055, 45058, 45062, 45063);\n script_xref(name:\"DSA\", value:\"2126\");\n\n script_name(english:\"Debian DSA-2126-1 : linux-2.6 - privilege escalation/denial of service/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleak. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2010-2963\n Kees Cook discovered an issue in the v4l 32-bit\n compatibility layer for 64-bit systems that allows local\n users with /dev/video write permission to overwrite\n arbitrary kernel memory, potentially leading to a\n privilege escalation. On Debian systems, access to\n /dev/video devices is restricted to members of the\n 'video' group by default.\n\n - CVE-2010-3067\n Tavis Ormandy discovered an issue in the io_submit\n system call. Local users can cause an integer overflow\n resulting in a denial of service.\n\n - CVE-2010-3296\n Dan Rosenberg discovered an issue in the cxgb network\n driver that allows unprivileged users to obtain the\n contents of sensitive kernel memory.\n\n - CVE-2010-3297\n Dan Rosenberg discovered an issue in the eql network\n driver that allows local users to obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3310\n Dan Rosenberg discovered an issue in the ROSE socket\n implementation. On systems with a rose device, local\n users can cause a denial of service (kernel memory\n corruption).\n\n - CVE-2010-3432\n Thomas Dreibholz discovered an issue in the SCTP\n protocol that permits a remote user to cause a denial of\n service (kernel panic).\n\n - CVE-2010-3437\n Dan Rosenberg discovered an issue in the pktcdvd driver.\n Local users with permission to open /dev/pktcdvd/control\n can obtain the contents of sensitive kernel memory or\n cause a denial of service. By default on Debian systems,\n this access is restricted to members of the group\n 'cdrom'.\n\n - CVE-2010-3442\n Dan Rosenberg discovered an issue in the ALSA sound\n system. Local users with permission to open\n /dev/snd/controlC0 can create an integer overflow\n condition that causes a denial of service. By default on\n Debian systems, this access is restricted to members of\n the group 'audio'.\n\n - CVE-2010-3448\n Dan Jacobson reported an issue in the thinkpad-acpi\n driver. On certain Thinkpad systems, local users can\n cause a denial of service (X.org crash) by reading\n /proc/acpi/ibm/video.\n\n - CVE-2010-3477\n Jeff Mahoney discovered an issue in the Traffic Policing\n (act_police) module that allows local users to obtain\n the contents of sensitive kernel memory.\n\n - CVE-2010-3705\n Dan Rosenberg reported an issue in the HMAC processing\n code in the SCTP protocol that allows remote users to\n create a denial of service (memory corruption).\n\n - CVE-2010-3848\n Nelson Elhage discovered an issue in the Econet\n protocol. Local users can cause a stack overflow\n condition with large msg->msgiovlen values that can\n result in a denial of service or privilege escalation.\n\n - CVE-2010-3849\n Nelson Elhage discovered an issue in the Econet\n protocol. Local users can cause a denial of service\n (oops) if a NULL remote addr value is passed as a\n parameter to sendmsg().\n\n - CVE-2010-3850\n Nelson Elhage discovered an issue in the Econet\n protocol. Local users can assign econet addresses to\n arbitrary interfaces due to a missing capabilities\n check.\n\n - CVE-2010-3858\n Brad Spengler reported an issue in the setup_arg_pages()\n function. Due to a bounds-checking failure, local users\n can create a denial of service (kernel oops).\n\n - CVE-2010-3859\n Dan Rosenberg reported an issue in the TIPC protocol.\n When the tipc module is loaded, local users can gain\n elevated privileges via the sendmsg() system call.\n\n - CVE-2010-3873\n Dan Rosenberg reported an issue in the X.25 network\n protocol. Local users can cause heap corruption,\n resulting in a denial of service (kernel panic).\n\n - CVE-2010-3874\n Dan Rosenberg discovered an issue in the Control Area\n Network (CAN) subsystem on 64-bit systems. Local users\n may be able to cause a denial of service (heap\n corruption).\n\n - CVE-2010-3875\n Vasiliy Kulikov discovered an issue in the AX.25\n protocol. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3876\n Vasiliy Kulikov discovered an issue in the Packet\n protocol. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3877\n Vasiliy Kulikov discovered an issue in the TIPC\n protocol. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-3880\n Nelson Elhage discovered an issue in the INET_DIAG\n subsystem. Local users can cause the kernel to execute\n unaudited INET_DIAG bytecode, resulting in a denial of\n service.\n\n - CVE-2010-4072\n Kees Cook discovered an issue in the System V shared\n memory subsystem. Local users can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-4073\n Dan Rosenberg discovered an issue in the System V shared\n memory subsystem. Local users on 64-bit system can\n obtain the contents of sensitive kernel memory via the\n 32-bit compatible semctl() system call.\n\n - CVE-2010-4074\n Dan Rosenberg reported issues in the mos7720 and mos7840\n drivers for USB serial converter devices. Local users\n with access to these devices can obtain the contents of\n sensitive kernel memory.\n\n - CVE-2010-4078\n Dan Rosenberg reported an issue in the framebuffer\n driver for SiS graphics chipsets (sisfb). Local users\n with access to the framebuffer device can obtain the\n contents of sensitive kernel memory via the\n FBIOGET_VBLANK ioctl.\n\n - CVE-2010-4079\n Dan Rosenberg reported an issue in the ivtvfb driver\n used for the Hauppauge PVR-350 card. Local users with\n access to the framebuffer device can obtain the contents\n of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\n\n - CVE-2010-4080\n Dan Rosenberg discovered an issue in the ALSA driver for\n RME Hammerfall DSP audio devices. Local users with\n access to the audio device can obtain the contents of\n sensitive kernel memory via the\n SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\n - CVE-2010-4081\n Dan Rosenberg discovered an issue in the ALSA driver for\n RME Hammerfall DSP MADI audio devices. Local users with\n access to the audio device can obtain the contents of\n sensitive kernel memory via the\n SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\n - CVE-2010-4083\n Dan Rosenberg discovered an issue in the semctl system\n call. Local users can obtain the contents of sensitive\n kernel memory through usage of the semid_ds structure.\n\n - CVE-2010-4164\n Dan Rosenberg discovered an issue in the X.25 network\n protocol. Remote users can achieve a denial of service\n (infinite loop) by taking advantage of an integer\n underflow in the facility parsing code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3297\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3432\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3477\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2126\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-26lenny1.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update :\n\n Debian 5.0 (lenny) \n user-mode-linux 2.6.26-1um-2+26lenny1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"linux-doc-2.6.26\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-486\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-4kc-malta\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-5kc-malta\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686-bigmem\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-alpha\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-arm\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-armel\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-hppa\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-i386\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-ia64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mipsel\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-powerpc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-s390\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-sparc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-generic\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-legacy\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-openvz\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-vserver\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-xen\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-footbridge\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-iop32x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-itanium\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-ixp4xx\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-mckinley\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-orion5x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-versatile\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-itanium\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-s390x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-486\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-4kc-malta\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-5kc-malta\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686-bigmem\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-generic\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-legacy\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-footbridge\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-iop32x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-itanium\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-ixp4xx\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-mckinley\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-orion5x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390-tape\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64-smp\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-versatile\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-itanium\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-s390x\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-libc-dev\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-manual-2.6.26\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-patch-debian-2.6.26\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-source-2.6.26\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-support-2.6.26-2\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-tree-2.6.26\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-686\", reference:\"2.6.26-26lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-amd64\", reference:\"2.6.26-26lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:08:41", "description": "Updated kernel packages that fix multiple security issues, several\nbugs, and add an enhancement are now available for Red Hat Enterprise\nLinux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's\nStream Control Transmission Protocol (SCTP) implementation. A remote\nattacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the\nLinux kernel's sound subsystem. A local, unprivileged user on a 32-bit\nsystem could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859,\nImportant)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged\nuser could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to\ncause a denial of service on the host system running the Xen\nhypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's\nmodule for monitoring the sockets of INET transport protocols. By\nsending a netlink message with certain bytecode, a local, unprivileged\nuser could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth\ndriver in the Linux kernel. A local user with access to '/dev/gdth' on\na 64-bit system could use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in\nRHSA-2009:1243 introduced a regression. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2010-4161,\nModerate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor\ncould place invalid data in the memory that the guest shared with the\nblkback and blktap back-end drivers, resulting in a denial of service\non the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks\nimplementation for the POSIX clock interface. A local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2010-4248,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson\nElhage for reporting CVE-2010-3880; Alan Cox for reporting\nCVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs and add\nthe enhancement noted in the Technical Notes. The system must be\nrebooted for this update to take effect.", "edition": 30, "published": "2011-01-05T00:00:00", "title": "RHEL 5 : kernel (RHSA-2011:0004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2011-01-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2011-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/51417", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0004. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51417);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_bugtraq_id(43480, 43787, 43809, 44301, 44354, 44549, 44630, 44648, 44665, 45014, 45028, 45029, 45039, 45064);\n script_xref(name:\"RHSA\", value:\"2011:0004\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2011:0004)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues, several\nbugs, and add an enhancement are now available for Red Hat Enterprise\nLinux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's\nStream Control Transmission Protocol (SCTP) implementation. A remote\nattacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the\nLinux kernel's sound subsystem. A local, unprivileged user on a 32-bit\nsystem could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859,\nImportant)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged\nuser could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to\ncause a denial of service on the host system running the Xen\nhypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's\nmodule for monitoring the sockets of INET transport protocols. By\nsending a netlink message with certain bytecode, a local, unprivileged\nuser could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth\ndriver in the Linux kernel. A local user with access to '/dev/gdth' on\na 64-bit system could use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in\nRHSA-2009:1243 introduced a regression. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2010-4161,\nModerate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor\ncould place invalid data in the memory that the guest shared with the\nblkback and blktap back-end drivers, resulting in a denial of service\non the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks\nimplementation for the POSIX clock interface. A local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2010-4248,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson\nElhage for reporting CVE-2010-3880; Alan Cox for reporting\nCVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs and add\nthe enhancement noted in the Technical Notes. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3432\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4248\"\n );\n # http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?056c0c27\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0004\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2011:0004\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0004\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-194.32.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-194.32.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:26:50", "description": "Updated kernel packages that fix multiple security issues, several\nbugs, and add an enhancement are now available for Red Hat Enterprise\nLinux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's\nStream Control Transmission Protocol (SCTP) implementation. A remote\nattacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the\nLinux kernel's sound subsystem. A local, unprivileged user on a 32-bit\nsystem could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859,\nImportant)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged\nuser could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to\ncause a denial of service on the host system running the Xen\nhypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's\nmodule for monitoring the sockets of INET transport protocols. By\nsending a netlink message with certain bytecode, a local, unprivileged\nuser could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth\ndriver in the Linux kernel. A local user with access to '/dev/gdth' on\na 64-bit system could use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in\nRHSA-2009:1243 introduced a regression. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2010-4161,\nModerate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor\ncould place invalid data in the memory that the guest shared with the\nblkback and blktap back-end drivers, resulting in a denial of service\non the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks\nimplementation for the POSIX clock interface. A local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2010-4248,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson\nElhage for reporting CVE-2010-3880; Alan Cox for reporting\nCVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs and add\nthe enhancement noted in the Technical Notes. The system must be\nrebooted for this update to take effect.", "edition": 28, "published": "2011-01-07T00:00:00", "title": "CentOS 5 : kernel (CESA-2011:0004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2011-01-07T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-PAE-devel", "p-cpe:/a:centos:centos:kernel-xen-devel", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:kernel-PAE", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2011-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/51426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0004 and \n# CentOS Errata and Security Advisory 2011:0004 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51426);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_bugtraq_id(43480, 43787, 43809, 44301, 44354, 44549, 44630, 44648, 44665, 45014, 45028, 45029, 45039, 45064);\n script_xref(name:\"RHSA\", value:\"2011:0004\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2011:0004)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues, several\nbugs, and add an enhancement are now available for Red Hat Enterprise\nLinux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's\nStream Control Transmission Protocol (SCTP) implementation. A remote\nattacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the\nLinux kernel's sound subsystem. A local, unprivileged user on a 32-bit\nsystem could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859,\nImportant)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged\nuser could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to\ncause a denial of service on the host system running the Xen\nhypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's\nmodule for monitoring the sockets of INET transport protocols. By\nsending a netlink message with certain bytecode, a local, unprivileged\nuser could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth\ndriver in the Linux kernel. A local user with access to '/dev/gdth' on\na 64-bit system could use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in\nRHSA-2009:1243 introduced a regression. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2010-4161,\nModerate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor\ncould place invalid data in the memory that the guest shared with the\nblkback and blktap back-end drivers, resulting in a denial of service\non the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks\nimplementation for the POSIX clock interface. A local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2010-4248,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson\nElhage for reporting CVE-2010-3880; Alan Cox for reporting\nCVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs and add\nthe enhancement noted in the Technical Notes. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017221.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d986667\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017222.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ff8cb93a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-194.32.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:45:34", "description": "From Red Hat Security Advisory 2011:0004 :\n\nUpdated kernel packages that fix multiple security issues, several\nbugs, and add an enhancement are now available for Red Hat Enterprise\nLinux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's\nStream Control Transmission Protocol (SCTP) implementation. A remote\nattacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the\nLinux kernel's sound subsystem. A local, unprivileged user on a 32-bit\nsystem could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859,\nImportant)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged\nuser could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to\ncause a denial of service on the host system running the Xen\nhypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's\nmodule for monitoring the sockets of INET transport protocols. By\nsending a netlink message with certain bytecode, a local, unprivileged\nuser could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth\ndriver in the Linux kernel. A local user with access to '/dev/gdth' on\na 64-bit system could use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in\nRHSA-2009:1243 introduced a regression. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2010-4161,\nModerate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor\ncould place invalid data in the memory that the guest shared with the\nblkback and blktap back-end drivers, resulting in a denial of service\non the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks\nimplementation for the POSIX clock interface. A local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2010-4248,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson\nElhage for reporting CVE-2010-3880; Alan Cox for reporting\nCVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs and add\nthe enhancement noted in the Technical Notes. The system must be\nrebooted for this update to take effect.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : kernel (ELSA-2011-0004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-PAE", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-xen-devel", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-PAE-devel", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-xen"], "id": "ORACLELINUX_ELSA-2011-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/68176", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0004 and \n# Oracle Linux Security Advisory ELSA-2011-0004 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68176);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_bugtraq_id(43480, 43787, 43809, 44301, 44354, 44549, 44630, 44648, 44665, 45014, 45028, 45029, 45039, 45064);\n script_xref(name:\"RHSA\", value:\"2011:0004\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2011-0004)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0004 :\n\nUpdated kernel packages that fix multiple security issues, several\nbugs, and add an enhancement are now available for Red Hat Enterprise\nLinux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's\nStream Control Transmission Protocol (SCTP) implementation. A remote\nattacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the\nLinux kernel's sound subsystem. A local, unprivileged user on a 32-bit\nsystem could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859,\nImportant)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged\nuser could use this flaw to cause a denial of service or escalate\ntheir privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to\ncause a denial of service on the host system running the Xen\nhypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's\nmodule for monitoring the sockets of INET transport protocols. By\nsending a netlink message with certain bytecode, a local, unprivileged\nuser could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth\ndriver in the Linux kernel. A local user with access to '/dev/gdth' on\na 64-bit system could use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in\nRHSA-2009:1243 introduced a regression. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2010-4161,\nModerate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor\ncould place invalid data in the memory that the guest shared with the\nblkback and blktap back-end drivers, resulting in a denial of service\non the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks\nimplementation for the POSIX clock interface. A local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2010-4248,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson\nElhage for reporting CVE-2010-3880; Alan Cox for reporting\nCVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs and add\nthe enhancement noted in the Technical Notes. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-January/001781.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2011-0004\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-194.32.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-194.32.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:45:21", "description": "This update fixes the following security issues :\n\n - A flaw was found in sctp_packet_config() in the Linux\n kernel's Stream Control Transmission Protocol (SCTP)\n implementation. A remote attacker could use this flaw to\n cause a denial of service. (CVE-2010-3432, Important)\n\n - A missing integer overflow check was found in\n snd_ctl_new() in the Linux kernel's sound subsystem. A\n local, unprivileged user on a 32-bit system could use\n this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n\n - A heap overflow flaw in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC)\n implementation could allow a local, unprivileged user to\n escalate their privileges. (CVE-2010-3859, Important)\n\n - An integer overflow flaw was found in the Linux kernel's\n Reliable Datagram Sockets (RDS) protocol implementation.\n A local, unprivileged user could use this flaw to cause\n a denial of service or escalate their privileges.\n (CVE-2010-3865, Important)\n\n - A flaw was found in the Xenbus code for the unified\n block-device I/O interface back end. A privileged guest\n user could use this flaw to cause a denial of service on\n the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n\n - Missing sanity checks were found in setup_arg_pages() in\n the Linux kernel. When making the size of the argument\n and environment area on the stack very large, it could\n trigger a BUG_ON(), resulting in a local denial of\n service. (CVE-2010-3858, Moderate)\n\n - A flaw was found in inet_csk_diag_dump() in the Linux\n kernel's module for monitoring the sockets of INET\n transport protocols. By sending a netlink message with\n certain bytecode, a local, unprivileged user could cause\n a denial of service. (CVE-2010-3880, Moderate)\n\n - Missing sanity checks were found in gdth_ioctl_alloc()\n in the gdth driver in the Linux kernel. A local user\n with access to '/dev/gdth' on a 64-bit system could use\n this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n - The fix put into kernel-2.6.18-164.el5 introduced a\n regression. A local, unprivileged user could use this\n flaw to cause a denial of service. (CVE-2010-4161,\n Moderate)\n\n - A NULL pointer dereference flaw was found in the\n Bluetooth HCI UART driver in the Linux kernel. A local,\n unprivileged user could use this flaw to cause a denial\n of service. (CVE-2010-4242, Moderate)\n\n - It was found that a malicious guest running on the Xen\n hypervisor could place invalid data in the memory that\n the guest shared with the blkback and blktap back-end\n drivers, resulting in a denial of service on the host\n system. (CVE-2010-4247, Moderate)\n\n - A flaw was found in the Linux kernel's CPU time clocks\n implementation for the POSIX clock interface. A local,\n unprivileged user could use this flaw to cause a denial\n of service. (CVE-2010-4248, Moderate)\n\n - Missing initialization flaws in the Linux kernel could\n lead to information leaks. (CVE-2010-3876,\n CVE-2010-4083, Low)\n\nThis update also fixes several bugs and adds an enhancement.\n\nThe system must be rebooted for this update to take effect.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110104_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60929", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60929);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - A flaw was found in sctp_packet_config() in the Linux\n kernel's Stream Control Transmission Protocol (SCTP)\n implementation. A remote attacker could use this flaw to\n cause a denial of service. (CVE-2010-3432, Important)\n\n - A missing integer overflow check was found in\n snd_ctl_new() in the Linux kernel's sound subsystem. A\n local, unprivileged user on a 32-bit system could use\n this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n\n - A heap overflow flaw in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC)\n implementation could allow a local, unprivileged user to\n escalate their privileges. (CVE-2010-3859, Important)\n\n - An integer overflow flaw was found in the Linux kernel's\n Reliable Datagram Sockets (RDS) protocol implementation.\n A local, unprivileged user could use this flaw to cause\n a denial of service or escalate their privileges.\n (CVE-2010-3865, Important)\n\n - A flaw was found in the Xenbus code for the unified\n block-device I/O interface back end. A privileged guest\n user could use this flaw to cause a denial of service on\n the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n\n - Missing sanity checks were found in setup_arg_pages() in\n the Linux kernel. When making the size of the argument\n and environment area on the stack very large, it could\n trigger a BUG_ON(), resulting in a local denial of\n service. (CVE-2010-3858, Moderate)\n\n - A flaw was found in inet_csk_diag_dump() in the Linux\n kernel's module for monitoring the sockets of INET\n transport protocols. By sending a netlink message with\n certain bytecode, a local, unprivileged user could cause\n a denial of service. (CVE-2010-3880, Moderate)\n\n - Missing sanity checks were found in gdth_ioctl_alloc()\n in the gdth driver in the Linux kernel. A local user\n with access to '/dev/gdth' on a 64-bit system could use\n this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n - The fix put into kernel-2.6.18-164.el5 introduced a\n regression. A local, unprivileged user could use this\n flaw to cause a denial of service. (CVE-2010-4161,\n Moderate)\n\n - A NULL pointer dereference flaw was found in the\n Bluetooth HCI UART driver in the Linux kernel. A local,\n unprivileged user could use this flaw to cause a denial\n of service. (CVE-2010-4242, Moderate)\n\n - It was found that a malicious guest running on the Xen\n hypervisor could place invalid data in the memory that\n the guest shared with the blkback and blktap back-end\n drivers, resulting in a denial of service on the host\n system. (CVE-2010-4247, Moderate)\n\n - A flaw was found in the Linux kernel's CPU time clocks\n implementation for the POSIX clock interface. A local,\n unprivileged user could use this flaw to cause a denial\n of service. (CVE-2010-4248, Moderate)\n\n - Missing initialization flaws in the Linux kernel could\n lead to information leaks. (CVE-2010-3876,\n CVE-2010-4083, Low)\n\nThis update also fixes several bugs and adds an enhancement.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1101&L=scientific-linux-errata&T=0&P=78\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?99a5cd87\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-194.32.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-194.32.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T07:20:02", "description": "Dave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3297)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2011-02-04T00:00:00", "title": "Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1057-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-1057-1.NASL", "href": "https://www.tenable.com/plugins/nessus/51870", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1057-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51870);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-2943\", \"CVE-2010-3297\", \"CVE-2010-4072\");\n script_bugtraq_id(42527, 43229, 45054);\n script_xref(name:\"USN\", value:\"1057-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1057-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3297)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1057-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-2943\", \"CVE-2010-3297\", \"CVE-2010-4072\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1057-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-386\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-686\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-generic\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-k8\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-server\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-amd64-xeon\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-55-server\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-386\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-686\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-generic\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-k8\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-server\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-amd64-xeon\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-55-server\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-55.91\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-55.91\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-headers-2.6 / linux-headers-2.6-386 / etc\");\n}\n", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:N"}}, {"lastseen": "2021-03-01T07:19:55", "description": "Ben Hawkes discovered that the Linux kernel did not correctly filter\nregisters on 64bit kernels when performing 32bit system calls. On a\n64bit system, a local attacker could manipulate 32bit system calls to\ngain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly\nvalidate permissions when using the clone function. A local attacker\ncould overwrite the contents of file handles that were opened for\nappend-only, or potentially read arbitrary contents, leading to a loss\nof privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not\ncorrectly validate memory regions. A local attacker with access to the\nvideo card could read and write arbitrary kernel memory to gain root\nprivileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle\nmutexes. A local attacker could exploit this to crash the kernel,\nleading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly\nclear kernel memory. A local attacker could read kernel heap memory,\nleading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check\nif a write operation was available. If the mmap_min-addr sysctl was\nchanged from the Ubuntu default to a value of 0, a local attacker\ncould exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly\nclear heap memory. A local attacker with CAP_NET_ADMIN privileges\ncould exploit this to read portions of kernel heap memory, leading to\na loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2011-01-11T00:00:00", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943", "CVE-2010-4080", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4157", "CVE-2010-3858", "CVE-2010-2537", "CVE-2010-2962", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386"], "id": "UBUNTU_USN-1041-1.NASL", "href": "https://www.tenable.com/plugins/nessus/51453", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1041-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51453);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2943\", \"CVE-2010-2962\", \"CVE-2010-3079\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3698\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-4072\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4157\", \"CVE-2010-4242\", \"CVE-2010-4655\");\n script_bugtraq_id(41847, 41854, 42527, 43221, 43226, 43229, 43355, 43684, 44067, 44301, 44427, 45054);\n script_xref(name:\"USN\", value:\"1041-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux kernel did not correctly filter\nregisters on 64bit kernels when performing 32bit system calls. On a\n64bit system, a local attacker could manipulate 32bit system calls to\ngain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly\nvalidate permissions when using the clone function. A local attacker\ncould overwrite the contents of file handles that were opened for\nappend-only, or potentially read arbitrary contents, leading to a loss\nof privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not\ncorrectly validate memory regions. A local attacker with access to the\nvideo card could read and write arbitrary kernel memory to gain root\nprivileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle\nmutexes. A local attacker could exploit this to crash the kernel,\nleading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly\nclear kernel memory. A local attacker could read kernel heap memory,\nleading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check\nif a write operation was available. If the mmap_min-addr sysctl was\nchanged from the Ubuntu default to a value of 0, a local attacker\ncould exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly\nclear heap memory. A local attacker with CAP_NET_ADMIN privileges\ncould exploit this to read portions of kernel heap memory, leading to\na loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1041-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2943\", \"CVE-2010-2962\", \"CVE-2010-3079\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3698\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-4072\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4157\", \"CVE-2010-4242\", \"CVE-2010-4655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1041-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-doc\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-source-2.6.31\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-lpia\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-virtual\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-source-2.6.31\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-doc\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-source-2.6.32\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-lpia\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-versatile\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-virtual\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-source-2.6.32\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-common\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-doc\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-versatile\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.35-1024.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-source-2.6.35\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-common\", pkgver:\"2.6.35-24.42\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc / linux-ec2-doc / linux-ec2-source-2.6.31 / etc\");\n}\n", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:N"}}], "ubuntu": [{"lastseen": "2020-08-15T13:56:26", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "description": "Gleb Napatov discovered that KVM did not correctly check certain privileged \noperations. A local attacker with access to a guest kernel could exploit \nthis to crash the host system, leading to a denial of service. \n(CVE-2010-0435)\n\nDave Chinner discovered that the XFS filesystem did not correctly order \ninode lookups when exported by NFS. A remote attacker could exploit this to \nread or write disk blocks that had changed file assignment or had become \nunlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel \nmemory correctly. A local user could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n\nDan Jacobson discovered that ThinkPad video output was not correctly \naccess controlled. A local attacker could exploit this to hang the system, \nleading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2010-3698)\n\nIt was discovered that Xen did not correctly clean up threads. A local \nattacker in a guest system could exploit this to exhaust host system \nresources, leading to a denial of serivce. (CVE-2010-3699)\n\nBrad Spengler discovered that stack memory for new a process was not \ncorrectly calculated. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not \nclear kernel memory correctly. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that the USB subsystem did not correctly \ninitialize certian structures. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2010-4248)", "edition": 7, "modified": "2011-02-25T00:00:00", "published": "2011-02-25T00:00:00", "id": "USN-1072-1", "href": "https://ubuntu.com/security/notices/USN-1072-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-15T13:43:57", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "description": "Tavis Ormandy discovered that the Linux kernel did not properly implement \nexception fixup. A local attacker could exploit this to crash the kernel, \nleading to a denial of service. (CVE-2010-3086)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation \ndid not properly initialize certain structures. A local attacker could \nexploit this to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)", "edition": 6, "modified": "2011-02-25T00:00:00", "published": "2011-02-25T00:00:00", "id": "USN-1071-1", "href": "https://ubuntu.com/security/notices/USN-1071-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-15T13:52:16", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "description": "Gleb Napatov discovered that KVM did not correctly check certain privileged \noperations. A local attacker with access to a guest kernel could exploit \nthis to crash the host system, leading to a denial of service. \n(CVE-2010-0435)\n\nDan Jacobson discovered that ThinkPad video output was not correctly access \ncontrolled. A local attacker could exploit this to hang the system, leading \nto a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nThomas Pollet discovered that the RDS network protocol did not \ncheck certain iovec buffers. A local attacker could exploit this \nto crash the system or possibly execute arbitrary code as the root \nuser. (CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not \ncorrectly calculate the size of certain buffers. A local attacker could \nexploit this to crash the system or possibly execute arbitrary code as \nthe root user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized \non 64bit systems. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that the USB subsystem did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly \nclear kernel memory. A local attacker could exploit this to read kernel \nstack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A \nlocal attacker could make a specially crafted socket call to crash the \nsystem, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly \nhandle merged VMAs. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4169)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not handled \ncorrectly for active sockets. A local attacker could exploit this to \nallocate all available kernel memory, leading to a denial of service. \n(CVE-2010-4249)", "edition": 6, "modified": "2011-02-25T00:00:00", "published": "2011-02-25T00:00:00", "id": "USN-1073-1", "href": "https://ubuntu.com/security/notices/USN-1073-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-11T11:52:45", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943"], "description": "Dave Chinner discovered that the XFS filesystem did not correctly order \ninode lookups when exported by NFS. A remote attacker could exploit this to \nread or write disk blocks that had changed file assignment or had become \nunlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel \nmemory correctly. A local user could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-3297)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not \nclear kernel memory correctly. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4072)", "edition": 6, "modified": "2011-02-03T00:00:00", "published": "2011-02-03T00:00:00", "id": "USN-1057-1", "href": "https://ubuntu.com/security/notices/USN-1057-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-11T11:56:57", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943", "CVE-2010-4080", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4157", "CVE-2010-3858", "CVE-2010-2537", "CVE-2014-0205", "CVE-2010-2962", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "description": "Louis Rilling and Matthieu Fertr\u00e9 reported a use after free error in the \nLinux kernel's futex_wait function. A local user could exploit this flaw to \ncause a denial of service (system crash) or possibly gain privileges via a \nspecially crafted application. (CVE-2014-0205)\n\nBen Hawkes discovered that the Linux kernel did not correctly filter \nregisters on 64bit kernels when performing 32bit system calls. On a 64bit \nsystem, a local attacker could manipulate 32bit system calls to gain root \nprivileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly \nvalidate permissions when using the clone function. A local attacker could \noverwrite the contents of file handles that were opened for append-only, or \npotentially read arbitrary contents, leading to a loss of privacy. \n(CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly order \ninode lookups when exported by NFS. A remote attacker could exploit this to \nread or write disk blocks that had changed file assignment or had become \nunlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly \nvalidate memory regions. A local attacker with access to the video card \ncould read and write arbitrary kernel memory to gain root privileges. \n(CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A \nlocal attacker could exploit this to crash the kernel, leading to a denial \nof service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel \nmemory correctly. A local user could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, \nCVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not \ncorrectly calculated. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly clear \nkernel memory. A local attacker could read kernel heap memory, leading to a \nloss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not \nclear kernel memory correctly. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a \nwrite operation was available. If the mmap_min-addr sysctl was changed from \nthe Ubuntu default to a value of 0, a local attacker could exploit this \nflaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly clear \nheap memory. A local attacker with CAP_NET_ADMIN privileges could exploit \nthis to read portions of kernel heap memory, leading to a loss of privacy. \n(CVE-2010-4655)", "edition": 69, "modified": "2011-01-10T00:00:00", "published": "2011-01-10T00:00:00", "id": "USN-1041-1", "href": "https://ubuntu.com/security/notices/USN-1041-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:24:05", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3865", "CVE-2011-4621", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4649", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2011-0006", "CVE-2010-3698", "CVE-2010-4650", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-4648", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4250", "CVE-2010-4342"], "description": "It was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-3698)\n\nThomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered a leak in the kernel's inotify_init() system call. \nA local, unprivileged user could exploit this to cause a denial of service. \n(CVE-2010-4250)\n\nNelson Elhage discovered that Econet did not correctly handle AUN packets \nover UDP. A local attacker could send specially crafted traffic to crash \nthe system, leading to a denial of service. (CVE-2010-4342)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nAn error was reported in the kernel's ORiNOCO wireless driver's handling of \nTKIP countermeasures. This reduces the amount of time an attacker needs \nbreach a wireless network using WPA+TKIP for security. (CVE-2010-4648)\n\nDan Carpenter discovered that the Infiniband driver did not correctly \nhandle certain requests. A local user could exploit this to crash the \nsystem or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nAn error was discovered in the kernel's handling of CUSE (Character device \nin Userspace). A local attacker might exploit this flaw to escalate \nprivilege, if access to /dev/cuse has been modified to allow non-root \nusers. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture (IMA). \nChanges made by an attacker might not be discovered by IMA, if SELinux was \ndisabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nIt was discovered that some import kernel threads can be blocked by a user \nlevel process. An unprivileged local user could exploit this flaw to cause \na denial of service. (CVE-2011-4621)", "edition": 5, "modified": "2011-03-02T00:00:00", "published": "2011-03-02T00:00:00", "id": "USN-1081-1", "href": "https://ubuntu.com/security/notices/USN-1081-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:24:31", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-2126-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nNovember 26, 2010 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/information leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-2963 CVE-2010-3067 CVE-2010-3296 CVE-2010-3297\n CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442\n CVE-2010-3448 CVE-2010-3477 CVE-2010-3705 CVE-2010-3848\n CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3859\n CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876\n CVE-2010-3877 CVE-2010-3880 CVE-2010-4072 CVE-2010-4073\n CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080\n CVE-2010-4081 CVE-2010-4083 CVE-2010-4164\nDebian Bug(s) :\n \nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a privilege escalation, denial of service or information leak. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2010-2963\n\n Kees Cook discovered an issue in the v4l 32-bit compatibility layer for\n 64-bit systems that allows local users with /dev/video write permission to\n overwrite arbitrary kernel memory, potentially leading to a privilege\n escalation. On Debian systems, access to /dev/video devices is restricted to\n members of the 'video' group by default.\n\nCVE-2010-3067\n\n Tavis Ormandy discovered an issue in the io_submit system call. Local users\n can cause an integer overflow resulting in a denial of service.\n\nCVE-2010-3296\n\n Dan Rosenberg discovered an issue in the cxgb network driver that allows\n unprivileged users to obtain the contents of sensitive kernel memory.\n\nCVE-2010-3297\n\n Dan Rosenberg discovered an issue in the eql network driver that allows\n local users to obtain the contents of sensitive kernel memory.\n\nCVE-2010-3310\n\n Dan Rosenberg discovered an issue in the ROSE socket implementation. On\n systems with a rose device, local users can cause a denial of service\n (kernel memory corruption).\n\nCVE-2010-3432\n\n Thomas Dreibholz discovered an issue in the SCTP protocol that permits a\n remote user to cause a denial of service (kernel panic).\n\nCVE-2010-3437\n\n Dan Rosenberg discovered an issue in the pktcdvd driver. Local users with\n permission to open /dev/pktcdvd/control can obtain the contents of sensitive\n kernel memory or cause a denial of service. By default on Debian systems,\n this access is restricted to members of the group 'cdrom'.\n\nCVE-2010-3442\n\n Dan Rosenberg discovered an issue in the ALSA sound system. Local users with\n permission to open /dev/snd/controlC0 can create an integer overflow\n condition that causes a denial of service. By default on Debian systems,\n this access is restricted to members of the group 'audio'.\n\nCVE-2010-3448\n\n Dan Jacobson reported an issue in the thinkpad-acpi driver. On certain\n Thinkpad systems, local users can cause a denial of service (X.org crash) by\n reading /proc/acpi/ibm/video.\n\nCVE-2010-3477\n\n Jeff Mahoney discovered an issue in the Traffic Policing (act_police) module\n that allows local users to obtain the contents of sensitive kernel memory.\n\nCVE-2010-3705\n\n Dan Rosenberg reported an issue in the HMAC processing code in the SCTP\n protocol that allows remote users to create a denial of service (memory\n corruption).\n\nCVE-2010-3848\n\n Nelson Elhage discovered an issue in the Econet protocol. Local users can\n cause a stack overflow condition with large msg->msgiovlen values that can\n result in a denial of service or privilege escalation.\n\nCVE-2010-3849\n\n Nelson Elhage discovered an issue in the Econet protocol. Local users can\n cause a denial of service (oops) if a NULL remote addr value is passed as a\n parameter to sendmsg().\n\nCVE-2010-3850\n\n Nelson Elhage discovered an issue in the Econet protocol. Local users can\n assign econet addresses to arbitrary interfaces due to a missing\n capabilities check.\n\nCVE-2010-3858\n\n Brad Spengler reported an issue in the setup_arg_pages() function. Due to a\n bounds-checking failure, local users can create a denial of service (kernel\n oops).\n\nCVE-2010-3859\n\n Dan Rosenberg reported an issue in the TIPC protocol. When the tipc module\n is loaded, local users can gain elevated privileges via the sendmsg() system\n call.\n\nCVE-2010-3873\n\n Dan Rosenberg reported an issue in the X.25 network protocol. Local users\n can cause heap corruption, resulting in a denial of service (kernel panic).\n\nCVE-2010-3874\n\n Dan Rosenberg discovered an issue in the Control Area Network (CAN)\n subsystem on 64-bit systems. Local users may be able to cause a denial of\n service (heap corruption).\n\nCVE-2010-3875\n\n Vasiliy Kulikov discovered an issue in the AX.25 protocol. Local users can\n obtain the contents of sensitive kernel memory.\n\nCVE-2010-3876\n\n Vasiliy Kulikov discovered an issue in the Packet protocol. Local users can\n obtain the contents of sensitive kernel memory.\n\nCVE-2010-3877\n\n Vasiliy Kulikov discovered an issue in the TIPC protocol. Local users can\n obtain the contents of sensitive kernel memory.\n\nCVE-2010-3880\n\n Nelson Elhage discovered an issue in the INET_DIAG subsystem. Local users\n can cause the kernel to execute unaudited INET_DIAG bytecode, resulting in a\n denial of service.\n\nCVE-2010-4072\n\n Kees Cook discovered an issue in the System V shared memory subsystem.\n Local users can obtain the contents of sensitive kernel memory.\n\nCVE-2010-4073\n\n Dan Rosenberg discovered an issue in the System V shared memory subsystem.\n Local users on 64-bit system can obtain the contents of sensitive kernel\n memory via the 32-bit compatible semctl() system call.\n\nCVE-2010-4074\n\n Dan Rosenberg reported issues in the mos7720 and mos7840 drivers for USB\n serial converter devices. Local users with access to these devices can\n obtain the contents of sensitive kernel memory.\n\nCVE-2010-4078\n\n Dan Rosenberg reported an issue in the framebuffer driver for SiS graphics\n chipesets (sisfb). Local users with access to the framebuffer device can\n obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\n\nCVE-2010-4079\n\n Dan Rosenberg reported an issue in the ivtvfb driver used for the Hauppauge\n PVR-350 card. Local users with access to the framebuffer device can obtain\n the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\n \nCVE-2010-4080\n\n Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP\n audio devices. Local users with access to the audio device can obtain the\n contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO\n ioctl.\n\nCVE-2010-4081\n\n Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP\n MADI audio devices. Local users with access to the audio device can obtain\n the contents of sensitive kernel memory via the\n SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\nCVE-2010-4083\n\n Dan Rosenberg discovered an issue in the semctl system call. Local users can\n obtain the contents of sensitive kernel memory through usage of the semid_ds\n structure.\n\nCVE-2010-4164\n\n Dan Rosenberg discovered an issue in the X.25 network protocol. Remote users\n can achieve a denial of service (infinite loop) by taking advantage of an\n integer underflow in the facility parsing code.\n\nFor the stable distribution (lenny), this problem has been fixed in version\n2.6.26-26lenny1.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 5.0 (lenny)\n user-mode-linux 2.6.26-1um-2+26lenny1\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,\nmipsel, powerpc, s390 and sparc. The update for mips will be released once it\nbecomes available.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.dsc\n Size/MD5 checksum: 6426 25d46333cc7f2b28b4312df096d875a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz\n Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.diff.gz\n Size/MD5 checksum: 8002336 26391b13d5a39afdb2591dc888a568b8\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-26lenny1_all.deb\n Size/MD5 checksum: 4850414 de2ec8da8f7dab48ce65014401ae52e7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-26lenny1_all.deb\n Size/MD5 checksum: 113254 e8f1973916d469640345a1c21421dfdf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-26lenny1_all.deb\n Size/MD5 checksum: 1808942 ee7d18519868ee02f56fef2341c527ea\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-26lenny1_all.deb\n Size/MD5 checksum: 128506 065f966fa5f38283d8c5add43a952d0e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-26lenny1_all.deb\n Size/MD5 checksum: 3006772 e94a5e6a2f144c31d88db997c2db8e1f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-26lenny1_all.deb\n Size/MD5 checksum: 49471548 0ec635ad97a262914262a7812e9e2ce6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 747090 97fac497384d4e23463efd91f4cc6e0d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 368956 4f6d2e6c5535f0b64836b094178b259e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 3551142 ed27877320f4ab66757cad34462b4df1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 28539060 62095485cb584ea9775c038247c8453e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 29258774 36a1eccda8a1a6f330ad0707a07695b4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 112660 9eadae84e38579f69ac8415995aff91d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 28560146 6f671d59c6761eb6a91b667d8859ebf4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 369490 1b21492f700e66406ddf902b4cfd1fff\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 112682 5669ed2b63dfd7e25f1bed3f3c557e8b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb\n Size/MD5 checksum: 370732 744a8a3bb0751181a11b909b7f2c8741\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 755464 a76803db0471a09013fcc410e2bd1a7c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 391070 2af9113ceb56dd2a79a448ec1eb74452\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 1812222 800310a26af8edc580fc57d8da9b14ae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 3727512 5cadd7b974521b7c5ccc278968631e57\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 3859380 6fd2da7ef7a274fd0aed9701374533a5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 112652 ceed8afd8da64b6cb39f4619b7faa310\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 112640 ff01f002d79cc143476afa6d907127a4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 3783174 1822a9f0434abafe5e2dd84718c7e6bc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 20937036 2a5fa1622b4747705e74348ce23baa5b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 401434 9288349bcf9919e8be6fbb21ff3a8f66\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 21104766 7719bc85bb26d356f24620924a8c4283\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 393366 91d81407ad8be69d8f65b4f850ba5b1a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 20956050 f9e8825e29f45d42627cfa1dd62569ea\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 112686 c5110416ee580c5cfe71c58eadef2a22\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 3759946 08746b9bc1d832b52f245269440b2bd6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 19322068 48031c2d9ce732ed6bf79103050166dd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-26lenny1_amd64.deb\n Size/MD5 checksum: 394064 ddaa87681b7f3e9c0d155ead5302de4a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 112776 769f5204e3edc4a3dd501f0254e97e5b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 752794 6b11a353eddc1de6463615f0c5f69701\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 371914 5eece356f6b47bab5afdbd0d3c724240\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 12487514 b6a0886ca511e0dd2b7cd61319923edd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 356688 d62c6595ced0b11b0c2dc906254a5bd2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 11722022 82ee74470a3bfd7448da7ea9a092cf80\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 4146542 0b20edfd5914b550d21c035dab0146b4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 11434794 d8e4c25a2b94a7dc1c43226f80572203\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 366896 69fc71b9d4a6d1926975f22160a6ca95\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 112736 78f106b38803939df3cacdebf280b5e1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 369740 61f68bbd18a0ac4f23e4d9aeb649a4a9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-26lenny1_arm.deb\n Size/MD5 checksum: 10288198 15384b7d3708de3ffa1e9c17849db12f\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 11684250 7d6165f32980b4bdf9174d0603a4e914\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 367986 0fa930045394fa7bf2f1660edea036a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 112734 3291126b417654ea56968e2369a54879\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 366188 d58ece9a482933c133e6a31fffbdaf4b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 339524 728cced0ac92768f5fe216d23a2cc223\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 11396252 9bf2717abad67374cc197d25956f0c11\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 369858 736c45757463cc47d12daa64d13627fa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 4145910 5f10aec830d3c114d1d600cc4ed25ef8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 754724 8da96ea4780a69374788ac140e85298c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 112772 f158d96c80dd4c903be325d11a1a2704\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 9609544 c1a690b822e8a9d94336aa9146df21b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-26lenny1_armel.deb\n Size/MD5 checksum: 12448536 2bc10e5d383940aff2f7b54e5ca84267\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 16390762 49ae803109f72ecc5f65cc0ab2a274d2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 305004 4447819b9e77572ea89388395dc328c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 303956 c54d283e4148b3eb1aed0e9e2f9b4135\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 307006 92fe6b41bd11a836c273ed0736396a18\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 112760 10bdcd03154924f5afb34dc670886eb8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 15796706 c530209aab49e2068f14e484b6db59fd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 3601768 e804a1671f76f3b35bfac3bbecc4b1a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 112728 d95be16830e352fbdf8f4250f762003b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 17689704 2ce0de928b0de084a5ee21da0a58407e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 17137918 750e28de7bb1e261f636ccba8fcab308\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 764742 dbc6af80dc674736661b498edfc3a5e4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-26lenny1_hppa.deb\n Size/MD5 checksum: 305576 58916c39063873b84cf419379053b5e2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 1598590 dc693b0a5fd1594615de4c5bfb51e3a2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 401634 19b303053ef842f9dbcb05fbf9079c86\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 412706 9a6dc9914b57224d41697dd85251ad74\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 414016 fbd71b61ce54978f4df2b3e851fa7c28\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 414584 2ebea5008b5a724ecdb19079e8f86e9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 18216302 86ea992d0efbd38a88f5b7fc9465f38d\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 112640 68e5cb0e49e3b0e2beb8075edf84a357\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 770174 317eaad69bb2d30be37fffe2ba516ebc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 3870582 20d8147847c2ee48b5b8e186c5aa2dd8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 20407918 b98e78be196bcfdd8395341c517d68a4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 3811776 d2e42bd89a509d9a3f9cd57ba7699195\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 20528204 19e4258f60a0fd94691f21dd3bef8804\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 20546188 e9dc6af2f445e672b6d80e8391402cc6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 413080 5a5160ce3a4308aa477d091a1fe8127a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 112706 9ada4ab06b22be004eee1160b21d1f2a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 3950190 ca68b70d434125f799c5208161e105b9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 418434 28870494c0609b93b67808c043a62dfb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 20428344 2137508d1b187b0b364bedbaf46e1ea9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 3846426 73b6b13e86bac670f3073c5a8b2943f7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 399948 ba847a3f96345613a25f839972e6f0ed\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 21049612 7af7a78a4c5964620a476ad5c6066887\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 20369056 721ee6c463d845e9d6f8013ac38ba1d7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 20705350 fc2fc201e24a62fd2574d51999195182\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 112654 80a1bd5e7cf38414cc184ac3645ce5da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-26lenny1_i386.deb\n Size/MD5 checksum: 412120 2f95a4695398f1e4ce933b0fb018e6f5\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 112688 0951a8f0fcf20010b4fd72e8794454ea\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 361828 fa942ddabe46359a026caee5ff78cf94\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 34255886 885360588d0a9d8519164b605b884384\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 361400 17899521a5c8690a0d316797d15b9a5d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 3694882 3f8c27edf54fa2af2593b786138d5aa6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 34440396 f8f45a9dd6e8d05bb29ba21f4100b271\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 3662038 7e20eabb6a01ceafb2b934e09743209b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 34380728 c245751f72228c02f40706c0754dc4bc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 112654 0dda61d2b3dc3529995059957ba8d523\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 34192832 89c734c816323509cb81a8c06d503775\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 362186 3de48033c683c0b0723845ba52d97311\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 754152 8f457306ee6f9f6a0dde6a85b60ba28e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-26lenny1_ia64.deb\n Size/MD5 checksum: 361772 ab078e4b7347c34373294d7bd48f5f77\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 15061864 c0c33ea0339f836d537deea40041ebbf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 362194 4307fcc7be5e03bf84e65542ee773896\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 28579670 e8f6dbeb2b27ecaa64a7648102068197\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 305764 5f9c8534fd78687ee198c3c9575423ac\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 112730 62463422f9e70ee2f54d09ebc429c47d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 112784 22de96fa5ed52cfaba506f0f4c7c085c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 3970148 e494271e4f18315b4c5e3f8692bedadd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 19686560 5a1734bb17cfd9ee65a411c3801ccf6d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 362326 f79daf88f7b6813c7c005b8b9dd87460\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 300858 3775978c2a2c713ac1b15b9fb62dc021\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 306226 c23551d6d68208c7adebb3acf2523ca6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 23078776 0d0cf1ded5d13ab9ab1b7563ded158a3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 19681376 5a4951e8708a86af494f4038d9a32eca\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_mipsel.deb\n Size/MD5 checksum: 763218 a434c9b6829adb49282e1f50edbc8024\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 3785444 6e5a16d27250c50d7db3bb10e0fb0254\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 23590652 148679b5cb6bfed70c84dc3f1128f77b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 366624 253c73347bea4dfb6867aceeb66a758b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 367926 4c79229ecaf6ec2f64a79842101313c2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 367420 e98a64747b70a7fc4b96dc5c3a984d9c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 749102 0398a006ed76f440b23c9e6f31274756\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 373602 d35a94e121b4835db9c8935269966669\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 23160128 24bc9e9bb6ad333636effdab5d34288c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 23564700 0f2a1dda40f8c7de0e82f5f6de29f9a1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 112660 629d68ca03f2477c95da86870aa023e2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 3817674 565cee7c648e4f13df99144664bf190f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 375258 291bf04c8df940c91a46662980ac6465\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 23425562 36274877b4bd887a757def9494cc7adc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 23482334 a467fd6e79497aacc73e59334c59b6a6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-26lenny1_powerpc.deb\n Size/MD5 checksum: 112700 665500b5f7af3e53f23a703198f855d7\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 3570228 561ea2d62add917cb1e60678e2f17c61\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 3537872 78fb9e63d73e11bd712a33f97bca0944\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 235500 e229f77bbb800763ce13f19d7a2a4d11\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 7785146 534a269198bc118b178d26c164fc8293\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 1635456 c2d7e85eb8a011fc9234ab6a70001575\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 747430 9c445557fac2df3194cb798eb71d1bee\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 234894 2178ac16ec7024918552f6ebd85aedd3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 112654 1610747370c332f27faae88f0a1ec939\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 7495176 816fcfd7bc444538d77c2c3f6c12157e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 7846266 40b261d1b256db145d7040e1909d915c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 236538 cb7f28a2a97f7d9ff3538bb4bcc87698\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-26lenny1_s390.deb\n Size/MD5 checksum: 112670 7455f2dcbb8ca1b9dfacf7c16436b34b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 112678 65a66260c80f6159a91baf145d247e73\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 14635110 c06723fccef45d3a020ca459ceb9f563\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 305254 4a86ed1ca9373e7039fb5c2721080024\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 306952 8290985574053c62b656c105ef31d4ec\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 803152 7945838b907ff50d35b0695640c3e387\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 3823362 d8828a0ae77cdd0c37548d503dd53359\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 306648 dad43f6b5944e37931ea645be76ad560\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 14295956 0441024e85b3bf3a402d18004be74f6a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 14616366 45a1f5c59b0376b3fa77e07d8058e0e7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 3788552 c2aa5e3bf20bb154f2876bdd3a5211f0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_sparc.deb\n Size/MD5 checksum: 112660 953336bb8af079d2e42fdbc9141b6d4b\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2010-11-27T04:52:28", "published": "2010-11-27T04:52:28", "id": "DEBIAN:DSA-2126-1:370B4", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00177.html", "title": "[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues", "type": "debian", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-2126-1 security@debian.org\r\nhttp://www.debian.org/security/ dann frazier\r\nNovember 26, 2010 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : privilege escalation/denial of service/information leak\r\nProblem type : local/remote\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2010-2963 CVE-2010-3067 CVE-2010-3296 CVE-2010-3297\r\n CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442\r\n CVE-2010-3448 CVE-2010-3477 CVE-2010-3705 CVE-2010-3848\r\n CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3859\r\n CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876\r\n CVE-2010-3877 CVE-2010-3880 CVE-2010-4072 CVE-2010-4073\r\n CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080\r\n CVE-2010-4081 CVE-2010-4083 CVE-2010-4164\r\nDebian Bug(s) :\r\n \r\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\r\nto a privilege escalation, denial of service or information leak. The Common\r\nVulnerabilities and Exposures project identifies the following problems:\r\n\r\nCVE-2010-2963\r\n\r\n Kees Cook discovered an issue in the v4l 32-bit compatibility layer for\r\n 64-bit systems that allows local users with /dev/video write permission to\r\n overwrite arbitrary kernel memory, potentially leading to a privilege\r\n escalation. On Debian systems, access to /dev/video devices is restricted to\r\n members of the 'video' group by default.\r\n\r\nCVE-2010-3067\r\n\r\n Tavis Ormandy discovered an issue in the io_submit system call. Local users\r\n can cause an integer overflow resulting in a denial of service.\r\n\r\nCVE-2010-3296\r\n\r\n Dan Rosenberg discovered an issue in the cxgb network driver that allows\r\n unprivileged users to obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-3297\r\n\r\n Dan Rosenberg discovered an issue in the eql network driver that allows\r\n local users to obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-3310\r\n\r\n Dan Rosenberg discovered an issue in the ROSE socket implementation. On\r\n systems with a rose device, local users can cause a denial of service\r\n (kernel memory corruption).\r\n\r\nCVE-2010-3432\r\n\r\n Thomas Dreibholz discovered an issue in the SCTP protocol that permits a\r\n remote user to cause a denial of service (kernel panic).\r\n\r\nCVE-2010-3437\r\n\r\n Dan Rosenberg discovered an issue in the pktcdvd driver. Local users with\r\n permission to open /dev/pktcdvd/control can obtain the contents of sensitive\r\n kernel memory or cause a denial of service. By default on Debian systems,\r\n this access is restricted to members of the group 'cdrom'.\r\n\r\nCVE-2010-3442\r\n\r\n Dan Rosenberg discovered an issue in the ALSA sound system. Local users with\r\n permission to open /dev/snd/controlC0 can create an integer overflow\r\n condition that causes a denial of service. By default on Debian systems,\r\n this access is restricted to members of the group 'audio'.\r\n\r\nCVE-2010-3448\r\n\r\n Dan Jacobson reported an issue in the thinkpad-acpi driver. On certain\r\n Thinkpad systems, local users can cause a denial of service (X.org crash) by\r\n reading /proc/acpi/ibm/video.\r\n\r\nCVE-2010-3477\r\n\r\n Jeff Mahoney discovered an issue in the Traffic Policing (act_police) module\r\n that allows local users to obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-3705\r\n\r\n Dan Rosenberg reported an issue in the HMAC processing code in the SCTP\r\n protocol that allows remote users to create a denial of service (memory\r\n corruption).\r\n\r\nCVE-2010-3848\r\n\r\n Nelson Elhage discovered an issue in the Econet protocol. Local users can\r\n cause a stack overflow condition with large msg->msgiovlen values that can\r\n result in a denial of service or privilege escalation.\r\n\r\nCVE-2010-3849\r\n\r\n Nelson Elhage discovered an issue in the Econet protocol. Local users can\r\n cause a denial of service (oops) if a NULL remote addr value is passed as a\r\n parameter to sendmsg().\r\n\r\nCVE-2010-3850\r\n\r\n Nelson Elhage discovered an issue in the Econet protocol. Local users can\r\n assign econet addresses to arbitrary interfaces due to a missing\r\n capabilities check.\r\n\r\nCVE-2010-3858\r\n\r\n Brad Spengler reported an issue in the setup_arg_pages() function. Due to a\r\n bounds-checking failure, local users can create a denial of service (kernel\r\n oops).\r\n\r\nCVE-2010-3859\r\n\r\n Dan Rosenberg reported an issue in the TIPC protocol. When the tipc module\r\n is loaded, local users can gain elevated privileges via the sendmsg() system\r\n call.\r\n\r\nCVE-2010-3873\r\n\r\n Dan Rosenberg reported an issue in the X.25 network protocol. Local users\r\n can cause heap corruption, resulting in a denial of service (kernel panic).\r\n\r\nCVE-2010-3874\r\n\r\n Dan Rosenberg discovered an issue in the Control Area Network (CAN)\r\n subsystem on 64-bit systems. Local users may be able to cause a denial of\r\n service (heap corruption).\r\n\r\nCVE-2010-3875\r\n\r\n Vasiliy Kulikov discovered an issue in the AX.25 protocol. Local users can\r\n obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-3876\r\n\r\n Vasiliy Kulikov discovered an issue in the Packet protocol. Local users can\r\n obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-3877\r\n\r\n Vasiliy Kulikov discovered an issue in the TIPC protocol. Local users can\r\n obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-3880\r\n\r\n Nelson Elhage discovered an issue in the INET_DIAG subsystem. Local users\r\n can cause the kernel to execute unaudited INET_DIAG bytecode, resulting in a\r\n denial of service.\r\n\r\nCVE-2010-4072\r\n\r\n Kees Cook discovered an issue in the System V shared memory subsystem.\r\n Local users can obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-4073\r\n\r\n Dan Rosenberg discovered an issue in the System V shared memory subsystem.\r\n Local users on 64-bit system can obtain the contents of sensitive kernel\r\n memory via the 32-bit compatible semctl() system call.\r\n\r\nCVE-2010-4074\r\n\r\n Dan Rosenberg reported issues in the mos7720 and mos7840 drivers for USB\r\n serial converter devices. Local users with access to these devices can\r\n obtain the contents of sensitive kernel memory.\r\n\r\nCVE-2010-4078\r\n\r\n Dan Rosenberg reported an issue in the framebuffer driver for SiS graphics\r\n chipesets (sisfb). Local users with access to the framebuffer device can\r\n obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\r\n\r\nCVE-2010-4079\r\n\r\n Dan Rosenberg reported an issue in the ivtvfb driver used for the Hauppauge\r\n PVR-350 card. Local users with access to the framebuffer device can obtain\r\n the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\r\n \r\nCVE-2010-4080\r\n\r\n Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP\r\n audio devices. Local users with access to the audio device can obtain the\r\n contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO\r\n ioctl.\r\n\r\nCVE-2010-4081\r\n\r\n Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP\r\n MADI audio devices. Local users with access to the audio device can obtain\r\n the contents of sensitive kernel memory via the\r\n SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\r\n\r\nCVE-2010-4083\r\n\r\n Dan Rosenberg discovered an issue in the semctl system call. Local users can\r\n obtain the contents of sensitive kernel memory through usage of the semid_ds\r\n structure.\r\n\r\nCVE-2010-4164\r\n\r\n Dan Rosenberg discovered an issue in the X.25 network protocol. Remote users\r\n can achieve a denial of service (infinite loop) by taking advantage of an\r\n integer underflow in the facility parsing code.\r\n\r\nFor the stable distribution (lenny), this problem has been fixed in version\r\n2.6.26-26lenny1.\r\n\r\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\r\n\r\nThe following matrix lists additional source packages that were rebuilt for\r\ncompatibility with or to take advantage of this update:\r\n\r\n Debian 5.0 (lenny)\r\n user-mode-linux 2.6.26-1um-2+26lenny1\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,\r\nmipsel, powerpc, s390 and sparc. The update for mips will be released once it\r\nbecomes available.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.dsc\r\n Size/MD5 checksum: 6426 25d46333cc7f2b28b4312df096d875a8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz\r\n Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.diff.gz\r\n Size/MD5 checksum: 8002336 26391b13d5a39afdb2591dc888a568b8\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-26lenny1_all.deb\r\n Size/MD5 checksum: 4850414 de2ec8da8f7dab48ce65014401ae52e7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-26lenny1_all.deb\r\n Size/MD5 checksum: 113254 e8f1973916d469640345a1c21421dfdf\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-26lenny1_all.deb\r\n Size/MD5 checksum: 1808942 ee7d18519868ee02f56fef2341c527ea\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-26lenny1_all.deb\r\n Size/MD5 checksum: 128506 065f966fa5f38283d8c5add43a952d0e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-26lenny1_all.deb\r\n Size/MD5 checksum: 3006772 e94a5e6a2f144c31d88db997c2db8e1f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-26lenny1_all.deb\r\n Size/MD5 checksum: 49471548 0ec635ad97a262914262a7812e9e2ce6\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 747090 97fac497384d4e23463efd91f4cc6e0d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 368956 4f6d2e6c5535f0b64836b094178b259e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 3551142 ed27877320f4ab66757cad34462b4df1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 28539060 62095485cb584ea9775c038247c8453e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 29258774 36a1eccda8a1a6f330ad0707a07695b4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 112660 9eadae84e38579f69ac8415995aff91d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 28560146 6f671d59c6761eb6a91b667d8859ebf4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 369490 1b21492f700e66406ddf902b4cfd1fff\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 112682 5669ed2b63dfd7e25f1bed3f3c557e8b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb\r\n Size/MD5 checksum: 370732 744a8a3bb0751181a11b909b7f2c8741\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 755464 a76803db0471a09013fcc410e2bd1a7c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 391070 2af9113ceb56dd2a79a448ec1eb74452\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 1812222 800310a26af8edc580fc57d8da9b14ae\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 3727512 5cadd7b974521b7c5ccc278968631e57\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 3859380 6fd2da7ef7a274fd0aed9701374533a5\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 112652 ceed8afd8da64b6cb39f4619b7faa310\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 112640 ff01f002d79cc143476afa6d907127a4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 3783174 1822a9f0434abafe5e2dd84718c7e6bc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 20937036 2a5fa1622b4747705e74348ce23baa5b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 401434 9288349bcf9919e8be6fbb21ff3a8f66\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 21104766 7719bc85bb26d356f24620924a8c4283\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 393366 91d81407ad8be69d8f65b4f850ba5b1a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 20956050 f9e8825e29f45d42627cfa1dd62569ea\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 112686 c5110416ee580c5cfe71c58eadef2a22\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 3759946 08746b9bc1d832b52f245269440b2bd6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 19322068 48031c2d9ce732ed6bf79103050166dd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-26lenny1_amd64.deb\r\n Size/MD5 checksum: 394064 ddaa87681b7f3e9c0d155ead5302de4a\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 112776 769f5204e3edc4a3dd501f0254e97e5b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 752794 6b11a353eddc1de6463615f0c5f69701\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 371914 5eece356f6b47bab5afdbd0d3c724240\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 12487514 b6a0886ca511e0dd2b7cd61319923edd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 356688 d62c6595ced0b11b0c2dc906254a5bd2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 11722022 82ee74470a3bfd7448da7ea9a092cf80\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 4146542 0b20edfd5914b550d21c035dab0146b4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 11434794 d8e4c25a2b94a7dc1c43226f80572203\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 366896 69fc71b9d4a6d1926975f22160a6ca95\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 112736 78f106b38803939df3cacdebf280b5e1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 369740 61f68bbd18a0ac4f23e4d9aeb649a4a9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-26lenny1_arm.deb\r\n Size/MD5 checksum: 10288198 15384b7d3708de3ffa1e9c17849db12f\r\n\r\narmel architecture (ARM EABI)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 11684250 7d6165f32980b4bdf9174d0603a4e914\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 367986 0fa930045394fa7bf2f1660edea036a8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 112734 3291126b417654ea56968e2369a54879\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 366188 d58ece9a482933c133e6a31fffbdaf4b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 339524 728cced0ac92768f5fe216d23a2cc223\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 11396252 9bf2717abad67374cc197d25956f0c11\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 369858 736c45757463cc47d12daa64d13627fa\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 4145910 5f10aec830d3c114d1d600cc4ed25ef8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 754724 8da96ea4780a69374788ac140e85298c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 112772 f158d96c80dd4c903be325d11a1a2704\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 9609544 c1a690b822e8a9d94336aa9146df21b2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-26lenny1_armel.deb\r\n Size/MD5 checksum: 12448536 2bc10e5d383940aff2f7b54e5ca84267\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 16390762 49ae803109f72ecc5f65cc0ab2a274d2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 305004 4447819b9e77572ea89388395dc328c8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 303956 c54d283e4148b3eb1aed0e9e2f9b4135\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 307006 92fe6b41bd11a836c273ed0736396a18\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 112760 10bdcd03154924f5afb34dc670886eb8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 15796706 c530209aab49e2068f14e484b6db59fd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 3601768 e804a1671f76f3b35bfac3bbecc4b1a8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 112728 d95be16830e352fbdf8f4250f762003b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 17689704 2ce0de928b0de084a5ee21da0a58407e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 17137918 750e28de7bb1e261f636ccba8fcab308\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 764742 dbc6af80dc674736661b498edfc3a5e4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-26lenny1_hppa.deb\r\n Size/MD5 checksum: 305576 58916c39063873b84cf419379053b5e2\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 1598590 dc693b0a5fd1594615de4c5bfb51e3a2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 401634 19b303053ef842f9dbcb05fbf9079c86\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 412706 9a6dc9914b57224d41697dd85251ad74\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 414016 fbd71b61ce54978f4df2b3e851fa7c28\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 414584 2ebea5008b5a724ecdb19079e8f86e9d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 18216302 86ea992d0efbd38a88f5b7fc9465f38d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 112640 68e5cb0e49e3b0e2beb8075edf84a357\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 770174 317eaad69bb2d30be37fffe2ba516ebc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 3870582 20d8147847c2ee48b5b8e186c5aa2dd8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 20407918 b98e78be196bcfdd8395341c517d68a4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 3811776 d2e42bd89a509d9a3f9cd57ba7699195\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 20528204 19e4258f60a0fd94691f21dd3bef8804\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 20546188 e9dc6af2f445e672b6d80e8391402cc6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 413080 5a5160ce3a4308aa477d091a1fe8127a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 112706 9ada4ab06b22be004eee1160b21d1f2a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 3950190 ca68b70d434125f799c5208161e105b9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 418434 28870494c0609b93b67808c043a62dfb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 20428344 2137508d1b187b0b364bedbaf46e1ea9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 3846426 73b6b13e86bac670f3073c5a8b2943f7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 399948 ba847a3f96345613a25f839972e6f0ed\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 21049612 7af7a78a4c5964620a476ad5c6066887\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 20369056 721ee6c463d845e9d6f8013ac38ba1d7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 20705350 fc2fc201e24a62fd2574d51999195182\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 112654 80a1bd5e7cf38414cc184ac3645ce5da\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-26lenny1_i386.deb\r\n Size/MD5 checksum: 412120 2f95a4695398f1e4ce933b0fb018e6f5\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 112688 0951a8f0fcf20010b4fd72e8794454ea\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 361828 fa942ddabe46359a026caee5ff78cf94\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 34255886 885360588d0a9d8519164b605b884384\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 361400 17899521a5c8690a0d316797d15b9a5d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 3694882 3f8c27edf54fa2af2593b786138d5aa6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 34440396 f8f45a9dd6e8d05bb29ba21f4100b271\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 3662038 7e20eabb6a01ceafb2b934e09743209b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 34380728 c245751f72228c02f40706c0754dc4bc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 112654 0dda61d2b3dc3529995059957ba8d523\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 34192832 89c734c816323509cb81a8c06d503775\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 362186 3de48033c683c0b0723845ba52d97311\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 754152 8f457306ee6f9f6a0dde6a85b60ba28e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-26lenny1_ia64.deb\r\n Size/MD5 checksum: 361772 ab078e4b7347c34373294d7bd48f5f77\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 15061864 c0c33ea0339f836d537deea40041ebbf\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 362194 4307fcc7be5e03bf84e65542ee773896\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 28579670 e8f6dbeb2b27ecaa64a7648102068197\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 305764 5f9c8534fd78687ee198c3c9575423ac\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 112730 62463422f9e70ee2f54d09ebc429c47d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 112784 22de96fa5ed52cfaba506f0f4c7c085c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 3970148 e494271e4f18315b4c5e3f8692bedadd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 19686560 5a1734bb17cfd9ee65a411c3801ccf6d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 362326 f79daf88f7b6813c7c005b8b9dd87460\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 300858 3775978c2a2c713ac1b15b9fb62dc021\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 306226 c23551d6d68208c7adebb3acf2523ca6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 23078776 0d0cf1ded5d13ab9ab1b7563ded158a3\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 19681376 5a4951e8708a86af494f4038d9a32eca\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_mipsel.deb\r\n Size/MD5 checksum: 763218 a434c9b6829adb49282e1f50edbc8024\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 3785444 6e5a16d27250c50d7db3bb10e0fb0254\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 23590652 148679b5cb6bfed70c84dc3f1128f77b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 366624 253c73347bea4dfb6867aceeb66a758b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 367926 4c79229ecaf6ec2f64a79842101313c2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 367420 e98a64747b70a7fc4b96dc5c3a984d9c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 749102 0398a006ed76f440b23c9e6f31274756\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 373602 d35a94e121b4835db9c8935269966669\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 23160128 24bc9e9bb6ad333636effdab5d34288c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 23564700 0f2a1dda40f8c7de0e82f5f6de29f9a1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 112660 629d68ca03f2477c95da86870aa023e2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 3817674 565cee7c648e4f13df99144664bf190f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 375258 291bf04c8df940c91a46662980ac6465\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 23425562 36274877b4bd887a757def9494cc7adc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 23482334 a467fd6e79497aacc73e59334c59b6a6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-26lenny1_powerpc.deb\r\n Size/MD5 checksum: 112700 665500b5f7af3e53f23a703198f855d7\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 3570228 561ea2d62add917cb1e60678e2f17c61\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 3537872 78fb9e63d73e11bd712a33f97bca0944\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 235500 e229f77bbb800763ce13f19d7a2a4d11\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 7785146 534a269198bc118b178d26c164fc8293\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 1635456 c2d7e85eb8a011fc9234ab6a70001575\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 747430 9c445557fac2df3194cb798eb71d1bee\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 234894 2178ac16ec7024918552f6ebd85aedd3\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 112654 1610747370c332f27faae88f0a1ec939\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 7495176 816fcfd7bc444538d77c2c3f6c12157e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 7846266 40b261d1b256db145d7040e1909d915c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 236538 cb7f28a2a97f7d9ff3538bb4bcc87698\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-26lenny1_s390.deb\r\n Size/MD5 checksum: 112670 7455f2dcbb8ca1b9dfacf7c16436b34b\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 112678 65a66260c80f6159a91baf145d247e73\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 14635110 c06723fccef45d3a020ca459ceb9f563\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 305254 4a86ed1ca9373e7039fb5c2721080024\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 306952 8290985574053c62b656c105ef31d4ec\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 803152 7945838b907ff50d35b0695640c3e387\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 3823362 d8828a0ae77cdd0c37548d503dd53359\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 306648 dad43f6b5944e37931ea645be76ad560\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 14295956 0441024e85b3bf3a402d18004be74f6a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 14616366 45a1f5c59b0376b3fa77e07d8058e0e7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 3788552 c2aa5e3bf20bb154f2876bdd3a5211f0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_sparc.deb\r\n Size/MD5 checksum: 112660 953336bb8af079d2e42fdbc9141b6d4b\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQIcBAEBCAAGBQJM8Iz7AAoJEBv4PF5U/IZAmxgQAKZnNnl12BAo2vfE/mUkrJD4\r\njVWZNPR6f1og5c9qOqL4hoPNfwTo5I8w2PNG1RoDswg5GkJyJ7fxvKNKBIdIveHx\r\np1sjHhHBQYgskM1livzrq/7YD6KnkZtKjy6kmbK2v3L/jYMY5BNyrbsCoJatMoOX\r\nOb5S3Y/Ke11QZ8K3dctFtcky8qvhB5NxqYrOhoU4H63MjPlCIkN4hgN2Ioolmu17\r\nKKQdGtX36zKwaK24ouYiCfhkaIl8bA3qlZz0TtyTuEedTsvF6f6gj3nS/oqnTerN\r\nhKaw9n1nKsPj1s4y9PFmYsDBNYPWWjfGZRc4Slf23Tqq4UjkH7AIvV3p9XJ9jZPR\r\nhWlXu5xHLi4+qDKK16/959bmEfUd7hxjvJB7Fa7zB002JHyIp8rF+7U7L29eAjKb\r\nDz1sErp5W3e5TIGZJ1nwK/zPw4YlOihJehzN3bUDkBHrIWtISDKQOHTS3Jvte3Aq\r\nwk13GU+3kq/OwFcoz9fwmmKABOilYKNkGLtHePhiNEX3hYcvQ8qJaDn8yECvNjA6\r\n4AdZW+3/vazLCth8xS1cjinFy4Np3uV3DaUNw23po4V7LkrBpavgmAHpl9hEbLvH\r\nVKYAlFQA1S/VVH7sWVMQWvumOITxjp6rbAWs5ZfyJSqi8sVEUjNnl/+cMNXt8RNZ\r\nFknbJ4nNZutx8NS7w1Wx\r\n=DDxb\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-12-01T00:00:00", "published": "2010-12-01T00:00:00", "id": "SECURITYVULNS:DOC:25229", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25229", "title": "[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues", "type": "securityvulns", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:39", "bulletinFamily": "software", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "description": "Multiple DoS conditions, priviloege esclations, memory leaks from kernel memory, DoS via SCTP protocol, DoS via X.25.", "edition": 1, "modified": "2010-12-09T00:00:00", "published": "2010-12-09T00:00:00", "id": "SECURITYVULNS:VULN:11275", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11275", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2021-02-02T05:45:02", "description": "drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which allows local users to cause a denial of service (system hang) via a (1) read or (2) write operation.", "edition": 8, "cvss3": {}, "published": "2011-01-03T20:00:00", "title": "CVE-2010-3448", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3448"], "modified": "2020-08-06T15:41:00", "cpe": [], "id": "CVE-2010-3448", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3448", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2021-02-02T05:45:04", "description": "Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call.", "edition": 7, "cvss3": {}, "published": "2011-01-07T12:00:00", "title": "CVE-2010-4160", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4160"], "modified": "2020-08-14T16:54:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:opensuse:opensuse:11.2", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:suse:linux_enterprise_server:9", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:suse:linux_enterprise_desktop:11"], "id": "CVE-2010-4160", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4160", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:45:03", "description": "The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c.", "edition": 7, "cvss3": {}, "published": "2010-11-29T16:00:00", "title": "CVE-2010-4074", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4074"], "modified": "2020-08-10T16:18:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "cpe:/o:linux:linux_kernel:2.6.36"], "id": "CVE-2010-4074", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4074", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:45:03", "description": "The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.", "edition": 7, "cvss3": {}, "published": "2010-11-29T16:00:00", "title": "CVE-2010-4078", "type": "cve", "cwe": ["CWE-909"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4078"], "modified": "2020-08-13T13:13:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:opensuse:opensuse:11.2", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:linux:linux_kernel:2.6.36", "cpe:/o:opensuse:opensuse:11.3", "cpe:/o:suse:linux_enterprise_real_time_extension:11"], "id": "CVE-2010-4078", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4078", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:45:03", "description": "The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.", "edition": 7, "cvss3": {}, "published": "2010-11-29T16:00:00", "title": "CVE-2010-4079", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4079"], "modified": "2020-08-12T18:06:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "cpe:/o:linux:linux_kernel:2.6.36"], "id": "CVE-2010-4079", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4079", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.36:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:45:01", "description": "The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.", "edition": 7, "cvss3": {}, "published": "2010-09-30T15:00:00", "title": "CVE-2010-3296", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3296"], "modified": "2020-08-10T19:19:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "cpe:/o:linux:linux_kernel:2.6.36", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "cpe:/o:opensuse:opensuse:11.1", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_real_time_extension:11", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:suse:linux_enterprise_desktop:11"], "id": "CVE-2010-3296", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3296", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2021-02-02T05:45:02", "description": "The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.", "edition": 4, "cvss3": {}, "published": "2010-12-08T20:00:00", "title": "CVE-2010-3699", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 5.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.7, "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3699"], "modified": "2018-10-10T20:05:00", "cpe": ["cpe:/a:citrix:xen:3.4.3", "cpe:/a:citrix:xen:3.0.4", "cpe:/a:citrix:xen:3.2.2", "cpe:/a:citrix:xen:3.0.3", "cpe:/a:citrix:xen:3.3.2", "cpe:/a:citrix:xen:3.3.0", "cpe:/a:citrix:xen:3.1.3", "cpe:/a:citrix:xen:3.4.1", "cpe:/a:citrix:xen:3.3.1", "cpe:/a:citrix:xen:3.2.3", "cpe:/a:citrix:xen:3.4.2", "cpe:/a:citrix:xen:3.0.2", "cpe:/a:citrix:xen:3.2.0", "cpe:/a:citrix:xen:3.1.4", "cpe:/a:citrix:xen:3.4.0", "cpe:/a:citrix:xen:3.2.1"], "id": "CVE-2010-3699", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3699", "cvss": {"score": 2.7, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:45:03", "description": "The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.", "edition": 7, "cvss3": {}, "published": "2010-11-30T22:14:00", "title": "CVE-2010-4080", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4080"], "modified": "2020-08-12T19:34:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:opensuse:opensuse:11.2", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:linux:linux_kernel:2.6.36", "cpe:/o:opensuse:opensuse:11.3", "cpe:/o:suse:linux_enterprise_real_time_extension:11"], "id": "CVE-2010-4080", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4080", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:45:01", "description": "The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.", "edition": 7, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2010-09-30T15:00:00", "title": "CVE-2010-2943", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2943"], "modified": "2020-08-10T16:09:00", "cpe": ["cpe:/a:avaya:aura_communication_manager:5.2", "cpe:/o:canonical:ubuntu_linux:6.06", "cpe:/o:vmware:esx:4.1", "cpe:/a:avaya:iq:5.1", "cpe:/a:avaya:aura_voice_portal:5.0", "cpe:/a:avaya:aura_presence_services:6.1.1", "cpe:/a:avaya:aura_system_manager:6.1.1", "cpe:/a:avaya:aura_session_manager:5.2", "cpe:/a:avaya:aura_system_manager:6.0", "cpe:/a:avaya:aura_system_platform:6.0", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "cpe:/a:avaya:aura_system_manager:5.2", "cpe:/a:avaya:aura_system_platform:1.1", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/a:avaya:aura_session_manager:6.0", "cpe:/a:avaya:aura_system_manager:6.1", "cpe:/a:avaya:aura_session_manager:1.1", "cpe:/a:avaya:iq:5.0", "cpe:/a:avaya:aura_presence_services:6.1", "cpe:/a:avaya:aura_voice_portal:5.1", "cpe:/o:vmware:esx:4.0", "cpe:/a:avaya:aura_presence_services:6.0"], "id": "CVE-2010-2943", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2943", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:avaya:aura_communication_manager:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_presence_services:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:-:*:*:*", "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_presence_services:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_platform:6.0:-:*:*:*:*:*:*", "cpe:2.3:a:avaya:iq:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_manager:5.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_presence_services:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_voice_portal:5.1:-:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_manager:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_session_manager:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_session_manager:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_platform:6.0:sp1:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_session_manager:1.1:*:*:*:*:*:*:*", "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:iq:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_manager:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_voice_portal:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_platform:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_system_manager:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:avaya:aura_voice_portal:5.1:sp1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2021-02-02T05:45:01", "description": "The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.", "edition": 7, "cvss3": {}, "published": "2010-09-30T15:00:00", "title": "CVE-2010-3297", "type": "cve", "cwe": ["CWE-909"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3297"], "modified": "2020-08-13T14:41:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:6.06", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:linux:linux_kernel:2.6.36", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "cpe:/o:opensuse:opensuse:11.1", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_real_time_extension:11", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:suse:linux_enterprise_desktop:11"], "id": "CVE-2010-3297", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3297", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:46:58", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3432", "CVE-2010-3442", "CVE-2010-3699", "CVE-2010-3858", "CVE-2010-3859", "CVE-2010-3865", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-4242", "CVE-2010-4247", "CVE-2010-4248"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation. A remote attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3432,\nImportant)\n\n* A missing integer overflow check was found in snd_ctl_new() in the Linux\nkernel's sound subsystem. A local, unprivileged user on a 32-bit system\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged user\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to cause a\ndenial of service on the host system running the Xen hypervisor.\n(CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on the\nstack very large, it could trigger a BUG_ON(), resulting in a local denial\nof service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\nmonitoring the sockets of INET transport protocols. By sending a netlink\nmessage with certain bytecode, a local, unprivileged user could cause a\ndenial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\nintroduced a regression. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2010-4161, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor could\nplace invalid data in the memory that the guest shared with the blkback and\nblktap back-end drivers, resulting in a denial of service on the host\nsystem. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks implementation for\nthe POSIX clock interface. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4248, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for\nreporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy\nKulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement. Documentation\nfor the bug fixes and the enhancement will be available shortly from the\nTechnical Notes document, linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs and add the enhancement\nnoted in the Technical Notes. The system must be rebooted for this update\nto take effect.\n", "modified": "2017-09-08T12:09:38", "published": "2011-01-04T05:00:00", "id": "RHSA-2011:0004", "href": "https://access.redhat.com/errata/RHSA-2011:0004", "type": "redhat", "title": "(RHSA-2011:0004) Important: kernel security, bug fix, and enhancement update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:45:58", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4075", "CVE-2010-4080", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4158", "CVE-2010-4242", "CVE-2010-4249"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A heap overflow flaw was found in the Linux kernel's Transparent\nInter-Process Communication protocol (TIPC) implementation. A local,\nunprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use these flaws to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX\nsockets. A local, unprivileged user could use this flaw to trigger a\ndenial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local,\nunprivileged user could use these flaws to cause information leaks.\n(CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\nCVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\nNossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\nCVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\nreporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\nCVE-2010-4158.\n\nThis update also fixes the following bugs:\n\n* A flaw was found in the Linux kernel where, if used in conjunction with\nanother flaw that can result in a kernel Oops, could possibly lead to\nprivilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\nsysctl panic_on_oops variable is turned on by default. However, as a\npreventive measure if the variable is turned off by an administrator, this\nupdate addresses the issue. Red Hat would like to thank Nelson Elhage for\nreporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\nachieved by using page-based sk_buff buffers without any packet split. The\nentire frame data is copied to the page(s) rather than some to the\nskb->data area and some to the page(s) when performing a typical\npacket-split. This caused problems with the filtering code and frames were\ngetting dropped before they were received by listening applications. This\nbug could eventually lead to the IP address being released and not being\nable to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was\nchanged (for an affected interface using the e1000e driver). With this\nupdate, frames are no longer dropped and an IP address is correctly\nre-acquired after a previous release. (BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2017-09-08T12:20:25", "published": "2011-01-18T05:00:00", "id": "RHSA-2011:0162", "href": "https://access.redhat.com/errata/RHSA-2011:0162", "type": "redhat", "title": "(RHSA-2011:0162) Important: kernel security and bug fix update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:59", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2962", "CVE-2010-3432", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3858", "CVE-2010-3861", "CVE-2010-3874", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4074", "CVE-2010-4075", "CVE-2010-4077", "CVE-2010-4079", "CVE-2010-4080", "CVE-2010-4082", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4158", "CVE-2010-4169"], "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* Missing sanity checks in the Intel i915 driver in the Linux kernel could\nallow a local, unprivileged user to escalate their privileges.\n(CVE-2010-2962, Important)\n\n* A flaw in sctp_packet_config() in the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation could allow a remote attacker\nto cause a denial of service. (CVE-2010-3432, Important)\n\n* A missing integer overflow check in snd_ctl_new() in the Linux kernel's\nsound subsystem could allow a local, unprivileged user on a 32-bit system\nto cause a denial of service or escalate their privileges. (CVE-2010-3442,\nImportant)\n\n* A flaw in sctp_auth_asoc_get_hmac() in the Linux kernel's SCTP\nimplementation. When iterating through the hmac_ids array, it did not reset\nthe last id element if it was out of range. This could allow a remote\nattacker to cause a denial of service. (CVE-2010-3705, Important)\n\n* Missing sanity checks in setup_arg_pages() in the Linux kernel. When\nmaking the size of the argument and environment area on the stack very\nlarge, it could trigger a BUG_ON(), resulting in a local denial of service.\n(CVE-2010-3858, Moderate)\n\n* A flaw in ethtool_get_rxnfc() in the Linux kernel's ethtool IOCTL\nhandler. When it is called with a large info.rule_cnt, it could allow a\nlocal user to cause an information leak. (CVE-2010-3861, Moderate)\n\n* A flaw in bcm_connect() in the Linux kernel's Controller Area Network\n(CAN) Broadcast Manager. On 64-bit systems, writing the socket address may\noverflow the procname character array. (CVE-2010-3874, Moderate)\n\n* A flaw in inet_csk_diag_dump() in the Linux kernel's module for\nmonitoring the sockets of INET transport protocols. By sending a netlink\nmessage with certain bytecode, a local, unprivileged user could cause a\ndenial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks in gdth_ioctl_alloc() in the gdth driver in the\nLinux kernel, could allow a local user with access to \"/dev/gdth\" on a\n64-bit system to cause a denial of service or escalate their privileges.\n(CVE-2010-4157, Moderate)\n\n* A use-after-free flaw in the mprotect() system call could allow a local,\nunprivileged user to cause a local denial of service. (CVE-2010-4169,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073,\nCVE-2010-4074, CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080,\nCVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2010-2962,\nCVE-2010-3861, and CVE-2010-4072; Dan Rosenberg for reporting\nCVE-2010-3442, CVE-2010-3705, CVE-2010-3874, CVE-2010-4073, CVE-2010-4074,\nCVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4082,\nCVE-2010-4083, and CVE-2010-4158; Brad Spengler for reporting\nCVE-2010-3858; Nelson Elhage for reporting CVE-2010-3880; and Vasiliy\nKulikov for reporting CVE-2010-3876.\n\nBug fixes:\n\n* A vulnerability in the 32-bit compatibility code for the VIDIOCSMICROCODE\nIOCTL in the Video4Linux implementation. It does not affect Red Hat\nEnterprise MRG, but as a preventive measure, this update removes the code.\nRed Hat would like to thank Kees Cook for reporting this vulnerability.\n(BZ#642469)\n\n* The kernel-rt spec file was missing the crypto, drm, generated, and trace\nheader directories when generating the kernel-rt-devel package, resulting\nin out-of-tree modules failing to build. (BZ#608784)\n\n* On computers without a supported Performance Monitoring Unit, a crash\nwould occur when running the \"perf top\" command, and occasionally other\nperf commands. perf software events are now marked as IRQ safe to avoid\nthis crash. (BZ#647434)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2019-03-22T23:44:26", "published": "2010-12-08T05:00:00", "id": "RHSA-2010:0958", "href": "https://access.redhat.com/errata/RHSA-2010:0958", "type": "redhat", "title": "(RHSA-2010:0958) Important: kernel-rt security and bug fix update", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-08T12:03:58", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2492", "CVE-2010-3067", "CVE-2010-3078", "CVE-2010-3080", "CVE-2010-3298", "CVE-2010-3477", "CVE-2010-3861", "CVE-2010-3865", "CVE-2010-3874", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4074", "CVE-2010-4075", "CVE-2010-4077", "CVE-2010-4079", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4082", "CVE-2010-4083", "CVE-2010-4158", "CVE-2010-4160", "CVE-2010-4162", "CVE-2010-4163", "CVE-2010-4242", "CVE-2010-4248", "CVE-2010-4249", "CVE-2010-4263", "CVE-2010-4525", "CVE-2010-4668"], "description": "* Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable\npermissions (which it does not, by default, on Red Hat Enterprise Linux 6),\na local, unprivileged user could use this flaw to cause a denial of service\nor possibly escalate their privileges. (CVE-2010-2492, Important)\n\n* Integer overflow in the RDS protocol implementation could allow a local,\nunprivileged user to cause a denial of service or escalate their\nprivileges. (CVE-2010-3865, Important)\n\n* Missing boundary checks in the PPP over L2TP sockets implementation could\nallow a local, unprivileged user to cause a denial of service or escalate\ntheir privileges. (CVE-2010-4160, Important)\n\n* NULL pointer dereference in the igb driver. If both Single Root I/O\nVirtualization (SR-IOV) and promiscuous mode were enabled on an interface\nusing igb, it could result in a denial of service when a tagged VLAN packet\nis received on that interface. (CVE-2010-4263, Important)\n\n* Missing initialization flaw in the XFS file system implementation, and in\nthe network traffic policing implementation, could allow a local,\nunprivileged user to cause an information leak. (CVE-2010-3078,\nCVE-2010-3477, Moderate)\n\n* NULL pointer dereference in the Open Sound System compatible sequencer\ndriver could allow a local, unprivileged user with access to /dev/sequencer\nto cause a denial of service. /dev/sequencer is only accessible to root and\nusers in the audio group by default. (CVE-2010-3080, Moderate)\n\n* Flaw in the ethtool IOCTL handler could allow a local user to cause an\ninformation leak. (CVE-2010-3861, Moderate)\n\n* Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast\nManager. On 64-bit systems, writing the socket address may overflow the\nprocname character array. (CVE-2010-3874, Moderate)\n\n* Flaw in the module for monitoring the sockets of INET transport\nprotocols could allow a local, unprivileged user to cause a denial of\nservice. (CVE-2010-3880, Moderate)\n\n* Missing boundary checks in the block layer implementation could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2010-4162,\nCVE-2010-4163, CVE-2010-4668, Moderate)\n\n* NULL pointer dereference in the Bluetooth HCI UART driver could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2010-4242,\nModerate)\n\n* Flaw in the Linux kernel CPU time clocks implementation for the POSIX\nclock interface could allow a local, unprivileged user to cause a denial of\nservice. (CVE-2010-4248, Moderate)\n\n* Flaw in the garbage collector for AF_UNIX sockets could allow a local,\nunprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)\n\n* Missing upper bound integer check in the AIO implementation could allow a\nlocal, unprivileged user to cause an information leak. (CVE-2010-3067, Low)\n\n* Missing initialization flaws could lead to information leaks.\n(CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,\nCVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,\nCVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)\n\n* Missing initialization flaw in KVM could allow a privileged host user\nwith access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)\n\nRed Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;\nThomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting\nCVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,\nCVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,\nCVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,\nand CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis\nOrmandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for\nreporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting\nCVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for\nreporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and\nStephan Mueller of atsec information security for reporting CVE-2010-4525.\n", "modified": "2018-06-06T20:24:06", "published": "2011-01-11T05:00:00", "id": "RHSA-2011:0007", "href": "https://access.redhat.com/errata/RHSA-2011:0007", "type": "redhat", "title": "(RHSA-2011:0007) Important: kernel security and bug fix update", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-08T12:04:38", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3296", "CVE-2010-3877", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4075", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4158", "CVE-2010-4238", "CVE-2010-4243", "CVE-2010-4255", "CVE-2010-4263", "CVE-2010-4343"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A NULL pointer dereference flaw was found in the igb driver in the Linux\nkernel. If both the Single Root I/O Virtualization (SR-IOV) feature and\npromiscuous mode were enabled on an interface using igb, it could result in\na denial of service when a tagged VLAN packet is received on that\ninterface. (CVE-2010-4263, Important)\n\n* A missing sanity check was found in vbd_create() in the Xen hypervisor\nimplementation. As CD-ROM drives are not supported by the blkback back-end\ndriver, attempting to use a virtual CD-ROM drive with blkback could trigger\na denial of service (crash) on the host system running the Xen hypervisor.\n(CVE-2010-4238, Moderate)\n\n* A flaw was found in the Linux kernel execve() system call implementation.\nA local, unprivileged user could cause large amounts of memory to be\nallocated but not visible to the OOM (Out of Memory) killer, triggering a\ndenial of service. (CVE-2010-4243, Moderate)\n\n* A flaw was found in fixup_page_fault() in the Xen hypervisor\nimplementation. If a 64-bit para-virtualized guest accessed a certain area\nof memory, it could cause a denial of service on the host system running\nthe Xen hypervisor. (CVE-2010-4255, Moderate)\n\n* A missing initialization flaw was found in the bfa driver used by Brocade\nFibre Channel Host Bus Adapters. A local, unprivileged user could use this\nflaw to cause a denial of service by reading a file in the\n\"/sys/class/fc_host/host#/statistics/\" directory. (CVE-2010-4343, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072,\nCVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158,\nLow)\n\nRed Hat would like to thank Kosuke Tatsukawa for reporting CVE-2010-4263;\nVladymyr Denysov for reporting CVE-2010-4238; Brad Spengler for reporting\nCVE-2010-4243; Dan Rosenberg for reporting CVE-2010-3296, CVE-2010-4073,\nCVE-2010-4075, CVE-2010-4080, CVE-2010-4081, and CVE-2010-4158; Vasiliy\nKulikov for reporting CVE-2010-3877; and Kees Cook for reporting\nCVE-2010-4072.\n\nThese updated packages also include several hundred bug fixes for and\nenhancements to the Linux kernel. Space precludes documenting each of these\nchanges in this advisory and users are directed to the Red Hat Enterprise\nLinux 5.6 Release Notes for information on the most significant of these\nchanges:\n\nhttp://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Release_Notes/index.html\n\nRefer to the kernel chapter in the Red Hat Enterprise Linux 5.6 Technical\nNotes for further information:\n\nhttp://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Technical_Notes/kernel.html\n\nAll Red Hat Enterprise Linux 5 users are advised to install these updated\npackages, which address these vulnerabilities as well as fixing the bugs\nand adding the enhancements noted in the Red Hat Enterprise Linux 5.6\nRelease Notes and Technical Notes. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2017-09-08T12:09:36", "published": "2011-01-13T05:00:00", "id": "RHSA-2011:0017", "href": "https://access.redhat.com/errata/RHSA-2011:0017", "type": "redhat", "title": "(RHSA-2011:0017) Important: Red Hat Enterprise Linux 5.6 kernel security and bug fix update", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:52", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "description": "[2.6.18-194.32.1.0.1.el5]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- Add entropy support to igb (John Sobecki) [orabug 7607479]\n- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]\n- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]\n [bz 7258]\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)\n [orabug 7579314]\n- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]\n- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin)\n [orabug 9504524]\n- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]\n RDS: Fix BUG_ONs to not fire when in a tasklet\n ipoib: Fix lockup of the tx queue\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\n RDS: Properly unmap when getting a remote access error (Tina Yang)\n RDS: Fix locking in rds_send_drop_to()\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)\n [orabug 9245919]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n[2.6.18-194.32.1.el5]\n- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [664416 663853]\n[2.6.18-194.31.1.el5]\n- [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [663381 660580]\n- [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [663353 656492]\n- [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [663353 656492]\n- [fs] nfs: clean up nfs_create_request (Jeff Layton) [663353 656492]\n- [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [636412 635999] {CVE-2010-3699}\n[2.6.18-194.30.1.el5]\n- [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [658079 655119]\n- [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656265 656266] {CVE-2010-4248}\n- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645226 645227] {CVE-2010-3858}\n- [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651266 651267] {CVE-2010-3880}\n- [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645871 645872] {CVE-2010-3859}\n- [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655664 655666] {CVE-2010-4242}\n- [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [656208 654546] {CVE-2010-4247}\n- [virt] xen: don't leak dev refs on bad xenbus transitions (Laszlo Ersek) [636412 635999] {CVE-2010-3699}\n- [scsi] lpfc: fix crashes on NULL pnode dereference (Rob Evers) [658864 649489]\n- [scsi] qla2xxx: check null fcport in _queuecommands (Chad Dupuis) [657029 644863]\n- [fs] gfs2: fix race in unlinked inode deallocation (Robert S Peterson) [651811 643165]\n- [scsi] lpfc: fix a BUG_ON in lpfc_abort_handler (Rob Evers) [658378 639028]\n- [scsi] re-enable transistions from OFFLINE to RUNNING (Mike Christie) [658934 641193]\n- [scsi] scsi_dh_alua: handle transitioning state correctly (Mike Snitzer) [657028 619361]\n- [misc] add round_jiffies_up and related routines (Michal Schmidt) [658520 556476]\n- [fs] fix dcache accounting bug (Josef Bacik) [658857 596548]\n- [usb] uhci: fix oops in uhci_scan_schedule (Pete Zaitcev) [657319 516851]\n- [scsi] lpfc: fix panic in lpfc_scsi_cmd_iocb_cmpl (Rob Evers) [658379 603806]\n[2.6.18-194.29.1.el5]\n- [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647421 647422] {CVE-2010-3865}\n- [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652536 652537] {CVE-2010-4161}\n- [net] packet: fix information leak to userland (Jiri Pirko) [649897 649898] {CVE-2010-3876}\n- [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648721 648722] {CVE-2010-4083}\n- [misc] kernel: remove yield from stop_machine paths (Oleg Nesterov) [651818 634454]\n- [fs] dlm: reduce cond_resched during send (David Teigland) [653335 604139]\n- [fs] dlm: use TCP_NODELAY (David Teigland) [653335 604139]\n- [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637866 637867] {CVE-2010-3432}\n- [net] bonding: no lock on copy/clear VLAN list on slave (Andy Gospodarek) [652561 627974]\n- [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651175 651176] {CVE-2010-4157}\n- [kernel] add stop_machine barrier to fix lock contention (Prarit Bhargava) [651818 634454]\n[2.6.18-194.28.1.el5]\n- [net] bnx2: Increase max rx ring size from 1K to 2K (Andy Gospodarek) [649255 640026]\n- [net] bnx2: fixup broken NAPI accounting (Andy Gospodarek) [649255 640026]\n- [pci] include DL580 G7 in bfsort whitelist (Tony Camuso) [646765 644879]\n- [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638483 638484] {CVE-2010-3442}\n- [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [643339 571495]\n- [fs] execve: fix interactivity and response to SIGKILL (Dave Anderson) [643344 629176]\n- [usb] fix test of wrong variable in create_by_name (Don Howard) [643347 594635]\n- [fs] gfs2: fix stuck in inode wait, no glocks stuck (Robert S Peterson) [651805 595397]\n- [net] gro: fix bogus gso_size on the first fraglist entry (Herbert Xu) [648938 588015]\n- [virt] xen: fix Connected state after netback dev closed (Paolo Bonzini) [643345 591548]\n- [net] tun: orphan an skb on tx (Michael S. Tsirkin) [643348 584412]\n[2.6.18-194.27.1.el5]\n- [net] netxen: fix set mac addr (Andy Gospodarek) [647681 562937]", "edition": 4, "modified": "2011-01-04T00:00:00", "published": "2011-01-04T00:00:00", "id": "ELSA-2011-0004", "href": "http://linux.oracle.com/errata/ELSA-2011-0004.html", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "description": "[2.6.9-89.35.1.0.1.EL]\n- [XEN] fix cpu hotplug crash (Joe Jin) [orabug 7521308]\n- [XEN] Bring up vcpus before khelper init (Joe Jin) [orabug 7521308]\n- [XEN] flush the tlb cache immediately (Dave McCracken, Scott Shi) [orabug 9138767]\n- fix skb alignment that was causing sendto() to fail with EFAULT\n (Olaf Kirch) [orabug 6845794] - fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]\n- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)\n [orabug 6125546]\n- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]\n- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]\n- use lfence instead of cpuid instruction to implement memory barriers\n (Herbert van den Bergh) [orabug 7452412]\n- add netpoll support to xen netfront (Tina Yang) [orabz 7261]\n- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)\n [orabug 7175395]\n- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit\n dom0 [orabug 7452107] xenstore\n- [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki,\n Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]\n- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)\n [orabug 6110605]\n- [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)\n- port EL5U3 patch to adjust totalhigh_pages in the balloon driver\n [orabug 8300888]\n- check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514]\n- [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]\n- fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]\n- [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug 8425237]\n- FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson)\n [orabug 7708133]\n- [x86_64]: fix x86_64 largesmp kernel reboot hang (Joe Jin) [orabug bug9126592]\n- [nfs]: fix file attribute caching (Chuck Lever, Herbert van den Bergh)\n [orabug 8449921]\n- [mm] revert patch #2042 (John Sobecki) [orabug 8895251]\n- [x86_64] Add compat32 support for readahead and fadvise64 (John Haxby)\n [orabug 9458826]\n- [XEN] free pte on hugetlb_prefault to avoid the clear_page race\n (Dave McCracken, Joe Jin) [orabug 9493665]\n- [XEN] Flush tlb cache immediately to avoid clear_page race (Dave McCracken,\n Joe Jin) [orabug 9488844]\n- [aio] remove limit on number of retries (Srinivas Eeda) [orabug 10044782]\n[2.6.9-89.35.1]\n-unix: fix local socket dos (Neil Horman) [656757 656758] {CVE-2010-4249}\n-serial: clean data before filling it (Mauro Carvalho Chehab) [648808 648809]\n-net: fix reception of completely page backed sk_buffs (Andy Gospodarek) [664667 500921]\n-net: filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651700 651701] {CVE-2010-4158}\n[2.6.9-89.34.1]\n-alsa: rme9652: prevent reading uninitialized stack memory (Stanislaw Gruszka) [648806 648807] {CVE-2010-4080}\n-bluetooth: fix missing null check (Jarod Wilson) [655662 655663] {CVE-2010-4242}\n-ipc: initialize structure memory to zero for compat functions (Xiaotian Feng) [648810 648811] {CVE-2010-4073}\n-ipc: shm: fix information leak to userland (Xiaotian Feng) [648816 648817] {CVE-2010-4072}\n-kernel: failure to revert address limit override in oops error path (Dave Anderson) [659568 659569] {CVE-2010-4258}\n-net: limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [656871 651924] {CVE-2010-3859}\n-net: packet: fix information leak to userland (Jiri Pirko) [649895 649896] {CVE-2010-3876}\n-scsi: gdth: integer overflow in ioc_general (Frantisek Hrbata) [651173 651174] {CVE-2010-4157}\n-sys_semctl: semctl fix kernel stack leakage (Xiaotian Feng) [648793 648794] {CVE-2010-4083}", "edition": 4, "modified": "2011-01-18T00:00:00", "published": "2011-01-18T00:00:00", "id": "ELSA-2011-0162", "href": "http://linux.oracle.com/errata/ELSA-2011-0162.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-3432", "CVE-2010-4075", "CVE-2010-4655"], "description": "[2.6.9-100]\n-cxgb3: prevent reading uninitialized stack memory to fix xgb_extension_ioctl infoleak (Eugene Teo) [633153] {CVE-2010-3296}\n-mlx4: disable MSI-X by default (Andy Gospodarek) [530596]\n-ext3: call fs invalidatepage instead of block_invalidatepage (Josef Bacik) [488611]\n-av7110: check for negative array offset (Mauro Carvalho Chehab) [672400] {CVE-2011-0521}\n-ext3: don not dirty unmapped data buffers (Josef Bacik) [488611]\n-net: clear heap allocations for privileged ethtool actions (Jiri Pirko) [672431] {CVE-2010-4655}\n[2.6.9-99]\n-bonding: fix active backup failover due to jiffie wrap (Andy Gospodarek) [641112]\n[2.6.9-98]\n-sound: fix a buffer overflow in the oss mixer (David Howells) [667619] {CVE-2010-4527}\n[2.6.9-97]\n-fs: fix filesystem corruption on ext2 (Alexander Viro) [662839]\n-sky2: fix oops in sky2_xmit_frame after tx timeout (Don Howard) [614559]\n-netdump: fix netdump failures on large memory systems (Neil Horman) [488557]\n[2.6.9-96]\n-usb: ehci amd periodic frame list table quirk (Don Zickus) [651334]\n-fs: truncate blocks outside i_size after O_DIRECT write error (Eric Sandeen) [665067]\n[2.6.9-95]\n-jbd: skip buffers that have a different jh (Josef Bacik) [488611]\n-unix: fix local socket dos (Neil Horman) [656758] {CVE-2010-4249}\n-s390x: qdio: fix zfcp stall with more than 63 active qdio devices (Hendrik Brueckner) [662130]\n-ehci-hcd: fix fatal error during bootup (Don Zickus) [656447]\n[2.6.9-94]\n-modules: sysctl to block module loading (Jerome Marchand) [645220]\n-redhat: added config_security_dmesg_restrict option (Frantisek Hrbata) [653252]\n-kernel: restrict unprivileged access to kernel syslog (Frantisek Hrbata) [653252]\n-sysctl: introduce ctl_unnumbered definition in sysctl.h (Frantisek Hrbata) [653252]\n-usb: allow usbstorage to have luns greater than 2TB (Don Zickus) [658824]\n-serial: clean data before filling it (Mauro Carvalho Chehab) [648809] {CVE-2010-4075}\n-sched: fix task starvation on Hyperthreaded cpus (Vitaly Mayatskikh) [488089]\n-s390: sclp: handle zero length event buffers (Hans-Joachim Picht) [487692]\n[2.6.9-93]\n-kernel: failure to revert address limit override in oops error path (Dave Anderson) [659569] {CVE-2010-4258}\n-nfsv4: fix oops in nfs4_kill_super (Jeff Layton) [660448]\n-net: filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651701] {CVE-2010-4158}\n-net: limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [651924] {CVE-2010-3859}\n-bluetooth: fix missing null check (Jarod Wilson) [655663] {CVE-2010-4242}\n-ipc: initialize structure memory to zero for compat functions (Xiaotian Feng) [648811] {CVE-2010-4073}\n-ipc: shm: fix information leak to userland (Xiaotian Feng) [648817] {CVE-2010-4072}\n-netfront: default to copying instead of flipping (Laszlo Ersek) [653505]\n-net: packet: fix information leak to userland (Jiri Pirko) [649896] {CVE-2010-3876}\n-scsi: gdth: integer overflow in ioc_general (Frantisek Hrbata) [651174] {CVE-2010-4157}\n-sys_semctl: semctl fix kernel stack leakage (Xiaotian Feng) [648794] {CVE-2010-4083}\n-alsa: rme9652: prevent reading uninitialized stack memory (Stanislaw Gruszka) [648807] {CVE-2010-4080}\n-fs: only return EIO once on msync/fsync after IO failure (Rik van Riel) [645633]\n-xen: virtio_net: add get_drvinfo() to virtio_net (Laszlo Ersek) [647196]\n-xen: netfront: add get_drvinfo() to netfront (Laszlo Ersek) [647187]\n-kernel: fix possible integer overflow in mm/fremap.c (Larry Woodman) [637045]\n[2.6.9-92]\n-mm: revert patch to reduce large file latency during writebacks (Larry Woodman) [488070]\n[2.6.9-91]\n-mm: prevent panic when setting /proc/sys/vm/nr_hugepages (Larry Woodman) [647567]\n-net: sctp: do not reset the packet during sctp_packet_config() (Jiri Pirko) [637865] {CVE-2010-3432}\n-scsi: fix panic in sysfs_hash_and_remove() when scsi device is removed (Mark Goodwin) [533299]\n[2.6.9-90]\n-kernel: prevent heap corruption in snd_ctl_new() (Jerome Marchand) [638482] {CVE-2010-3442}\n-forcedeth: latest bugfixes from upstream (Ivan Vecera) [552953]\n-forcedeth: remove CONFIG_FORCEDETH_NAPI=y from config-generic (Ivan Vecera) [552953]\n[2.6.9-89.45]\n-scsi: scsi_do_req submitted commands (tape) never complete when device goes (Rob Evers) [636289]\n-scsi: log msg when getting unit attention (Mike Christie) [585430]\n-jbd: fix panic in jbd when running bashmemory (Josef Bacik) [488611]\n-qla2xxx: work around hypertransport sync flood error on sun x4200 with qla2xxx (Chad Dupuis) [621621]\n-aio: implement request batching for better merging and throughput (Jeff Moyer) [508377]\n-fs: a bunch of patches to fix various nfsd/iget() races (Alexander Viro) [189918]\n-net: bonding: add debug module option (Jiri Pirko) [247116]\n-fix fd leaks if pipe() is called with an invalid address (Amerigo Wang) [509627]\n[2.6.9-89.44]\n-ide-scsi: fix deadlock in ide-scsi error handler (Doug Ledford) [526966]\n-mlx4_core: allocate sufficient memory for interrupt table (Doug Ledford) [530596]\n-mptbase: panic with domain validation while rebuilding after the disk is replaced (Rob Evers) [476874]\n-fs: buffer: __block_write_full_page simplification by removing last_bh logic (Jeff Moyer) [472752]\n-fs: buffer: __block_write_full_page speedup by removing get_bh() and put_bh() (Jeff Moyer) [472752]\n-fs: buffer: __block_write_full_page race fix (Jeff Moyer) [472752]\n-kernel: fix integer overflow in groups_search (Jerome Marchand) [457519]\n-cifs: remove bogus check in ntlm session setup code (Jeff Layton) [604786]\n-cifs: when renaming don not try to unlink negative dentry (Jeff Layton) [500904]\n-autofs4: fix lookup deadlock when user space uses a signal (Ian Kent) [477017]\n-fs: make sure data stored into inode is properly seen before unlocking new inode (Eric Sandeen) [563920]\n-ipc: hard_msgmax should be higher not lower on 64bit (Amerigo Wang) [525815]\n-fs: fix file truncations when both suid and write permissions set (Amerigo Wang) [525398]\n-block: fix rcu accesses in partition statistics (Jerome Marchand) [517523]\n-kernel headers: fix missing defintion that causes build break (Neil Horman) [504593]\n[2.6.9-89.43]\n-aacraid: fix file system going into read only mode (Rob Evers) [624713]\n-blkfront: xen domu, raid1, lvm, iscsi target export with blockio bug (Paolo Bonzini) [490148]\n-cciss: change version from 2.6.20.RH2 to 2.6.20.RH3 (Tomas Henzl) [594086]\n-cciss: added printk in do_cciss_request before BUG() (Tomas Henzl) [594086]\n-cciss: fix a nulll pointer dereference in complete_command() (Tomas Henzl) [594086]\n-cciss: fix an issue when sending command with no data (Tomas Henzl) [594086]\n-mm: honor __GFP_NOFAIL flag in __alloc_pages() (Lachlan McIlroy) [605455]\n-xen: fix crashing of x86 hvm guest on x86_64 (Radim Krcmar) [637658]\n-xen: hide xenbus warnings on hvm guest shutdown (Radim Krcmar) [505081]\n-powernow-k8: fix errant print statement during voltage transitions (Bhavna Sarathy) [217829]\n-fusion: add sleep before subsequent tur in scan function (Tomas Henzl) [495236]\n-bonding: fix a race condition in calls to slave mii ioctls (Flavio Leitner) [621209]\n-s390x: cio: vary off on chpid 00 causes unexpected recovery actions (Hendrik Brueckner) [619855]\n-netfilter: arp_tables: fix unaligned accesses caused by casting strings to long (Jiri Pirko) [591638]\n-net: neigh: fix state transition incomplete->failed via netlink request (Jiri Pirko) [485904]\n-x86_64: floating point state corruption after handling the signal (Oleg Nesterov) [564381]\n-pidhashing: enforce pid_max_limit in sysctls and lower pid_max_limit on 32bit systems (Jiri Pirko) [525941]\n-s390: cio: linux does not boot through xautolog with conmode 3270 (Hans-Joachim Picht) [526282]\n-net: fix proc net ip_conntrack seq_file operations (Danny Feng) [524884]\n-ia64: swiotlb: fix swiotlb pci_map_sg error handling (Tomas Henzl) [525427]\n-xen: try harder to balloon up under memory pressure (Andrew Jones) [507847]\n-mm: fix bogus memory node assumption in huge page allocation (AMEET M. PARANJAPE) [506827]\n-kernel: binfmt_misc c: avoid potential kernel stack overflow (Vitaly Mayatskikh) [459466]\n-net: fix ipvs wrr scheduler bug of updating current weight (Vitaly Mayatskikh) [462717]\n[2.6.9-89.42]\n-net: actually copy input_dev to new sk_buff in skb_clone (Andy Gospodarek) [616710]\n-net: fix reception of completely page backed sk_buffs (Andy Gospodarek) [500921]\n-net: fix various snmp counter issues (Thomas Graf) [500889]\n-xen: can enter tickless mode with rcu pending and hang (Paolo Bonzini) [427998]\n-xen: fix occasional deadlocks in xen netfront (Paolo Bonzini) [480937]\n-xen: xenbus suspend_mutex remains locked on trans fail (Paolo Bonzini) [456649]\n-ext2: put explicit checks to not divide by zero (Josef Bacik) [500181]\n-usb: ehci split iso fixes, full speed audio etc (Don Zickus) [624117]\n-xenbus: implement O_NONBLOCK for /proc/xen/xenbus (Paolo Bonzini) [607261]\n-nfs: initialize nfs_open_context list member at allocation time (Jeff Layton) [634632]\n-cifs: fix dentry hash calculation for case insensitive mounts (Jeff Layton) [562949]\n-cifs: fix length calculation for converted unicode readdir names (Jeff Layton) [562949]\n[2.6.9-89.41]\n-bonding: fix ALB mode to balance traffic on vlans (Flavio Leitner) [640803]\n[2.6.9-89.40]\n-bonding: interface doesn t issue igmp report on slave interface during failover (Flavio Leitner) [637556]\n[2.6.9-89.39]\n-net: fix info leak in police code (Neil Horman) [636390] {CVE-2010-3477}\n-aio: check for multiplication overflow in io_submit (Jeff Moyer) [629447] {CVE-2010-3067}\n-fs: buffer.c: fix race in __block_prepare_write (Jeff Moyer) [480404]\n-3c59x: fix deadlock in irq handler tx path when netconsole in use (Neil Horman) [557380]\n-udp: use memory barrier in datagram_poll (Flavio Leitner) [546251]\n[2.6.9-89.38]\n-compat: make compat_alloc_user_space incorporate the access_ok (Xiaotian Feng) [634462] {CVE-2010-3081}\n-ext3: ensure inode is deleted from orphan list in ext3_direct_io() (Lachlan McIlroy) [629143]\n-sb800: add quirk for iso on amd sb800 (Pete Zaitcev) [537447]\n[2.6.9-89.37]\n-virtio_net: Fix MAX_PACKET_LEN to support 802.1Q VLANs (Michael S. Tsirkin) [607533]\n-do_generic_mapping_read: clear page errors when issuing a fresh read of the page (Rik van Riel) [481371]\n-ide: backport VIA PCI chipset ids to via82cxxx driver (Mauro Carvalho Chehab) [504778]\n-nfsd4: relax new lock seqid check (Jeff Layton) [577369]\n-igb: fix transmission of jumbo frames with mtu>=2100 (Stefan Assmann) [494597]\n-net: fix tcp conntrack to handle the half opened connection correctly (Jiri Pirko) [531914]\n-net: fix promisc refcounting for interfaces listening for multicast traffic (Neil Horman) [481292]\n-sctp: assign tsns earlier to avoid reordering (Neil Horman) [532045]\n-cciss: switch to using hlist to fix panic (Tomas Henzl) [479090]\n-nfs: statfs error handling and error message fix (Jeff Layton) [520018]\n-kthreads: fix kthread_create vs kthread_stop race (Oleg Nesterov) [519006]\n[2.6.9-89.36]\n-nfsd4: fix share conflict tests in nfs_check_open() (Jeff Layton) [510184]\n-nfsd4: move open owner checks from nfsd4_process_open2 into new function (Jeff Layton) [510184]\n-nfsd4: renew lease on seqid modifying operations (Jeff Layton) [508752]\n-ahci: add SATA GEN3 related messages (David Milburn) [512715]\n-igmp: fix ip_mc_sf_allow() race due to a lock problem (Flavio Leitner) [562904]\n-xen: don not recreate xenfb thread on every restore (Chris Lalancette) [543823]\n-bcm5709: update firmware for bcm5709 from version 4.4.23 to 4.6.15 (John Feeney) [532858]\n-net: apply broken_stats workaround to 5706 and 5708 (Flavio Leitner) [515274]\n-nfsd: fix races when cleaning up after last nfsd thread exits (Jeff Layton) [501500]\n-nfs: nfsd returns nfs4_ok when the owner opens a file with permission set to 000 (Peter Staubach) [507527]\n-nfsv4: send the delegation stateid for setattr calls (Jeff Layton) [502884]\n-nfsv4: fix up races in nfs4_proc_setattr (Jeff Layton) [502884]\n-nfsv4: don t reuse expired nfs4_state_owner structs (Jeff Layton) [502884]\n-nfsv4: fix a credential reference leak in nfs4_get_state_owner (Jeff Layton) [502884]\n-nfsv4: poll more aggressively when handling nfs4err_delay (Jeff Layton) [502884]\n-nfsv4: flush nfsv4 work workqueue before killing superblock (Jeff Layton) [501335]\n-nfsv4: only queue nfs4_close_state job when called by rpciod (Jeff Layton) [501335]\n-nfsv4: switch nfs4 workqueue to a per client queue (Jeff Layton) [501335]\n-nfs: mounted nfsv4/krb5 export inaccessible following an nfs server reboot (Harshula) [514684] ", "edition": 72, "modified": "2011-02-23T00:00:00", "published": "2011-02-23T00:00:00", "id": "ELSA-2011-0263", "href": "http://linux.oracle.com/errata/ELSA-2011-0263.html", "title": "Oracle Linux 4.9 kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:25:38", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0004\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation. A remote attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3432,\nImportant)\n\n* A missing integer overflow check was found in snd_ctl_new() in the Linux\nkernel's sound subsystem. A local, unprivileged user on a 32-bit system\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged user\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to cause a\ndenial of service on the host system running the Xen hypervisor.\n(CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on the\nstack very large, it could trigger a BUG_ON(), resulting in a local denial\nof service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\nmonitoring the sockets of INET transport protocols. By sending a netlink\nmessage with certain bytecode, a local, unprivileged user could cause a\ndenial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\nintroduced a regression. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2010-4161, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor could\nplace invalid data in the memory that the guest shared with the blkback and\nblktap back-end drivers, resulting in a denial of service on the host\nsystem. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks implementation for\nthe POSIX clock interface. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4248, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for\nreporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy\nKulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement. Documentation\nfor the bug fixes and the enhancement will be available shortly from the\nTechnical Notes document, linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs and add the enhancement\nnoted in the Technical Notes. The system must be rebooted for this update\nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/029259.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/029260.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0004.html", "edition": 3, "modified": "2011-01-06T12:23:15", "published": "2011-01-06T12:23:15", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/029259.html", "id": "CESA-2011:0004", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-17T03:28:55", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0162\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A heap overflow flaw was found in the Linux kernel's Transparent\nInter-Process Communication protocol (TIPC) implementation. A local,\nunprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use these flaws to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX\nsockets. A local, unprivileged user could use this flaw to trigger a\ndenial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local,\nunprivileged user could use these flaws to cause information leaks.\n(CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\nCVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\nNossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\nCVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\nreporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\nCVE-2010-4158.\n\nThis update also fixes the following bugs:\n\n* A flaw was found in the Linux kernel where, if used in conjunction with\nanother flaw that can result in a kernel Oops, could possibly lead to\nprivilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\nsysctl panic_on_oops variable is turned on by default. However, as a\npreventive measure if the variable is turned off by an administrator, this\nupdate addresses the issue. Red Hat would like to thank Nelson Elhage for\nreporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\nachieved by using page-based sk_buff buffers without any packet split. The\nentire frame data is copied to the page(s) rather than some to the\nskb->data area and some to the page(s) when performing a typical\npacket-split. This caused problems with the filtering code and frames were\ngetting dropped before they were received by listening applications. This\nbug could eventually lead to the IP address being released and not being\nable to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was\nchanged (for an affected interface using the e1000e driver). With this\nupdate, frames are no longer dropped and an IP address is correctly\nre-acquired after a previous release. (BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/029283.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/029284.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0162.html", "edition": 6, "modified": "2011-01-27T09:26:05", "published": "2011-01-27T09:25:23", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/029283.html", "id": "CESA-2011:0162", "title": "kernel security update", "type": "centos", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2962", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-3880", "CVE-2010-3904", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4075", "CVE-2010-4077", "CVE-2010-4248"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2010-12-05T00:42:46", "published": "2010-12-05T00:42:46", "id": "FEDORA:0BE9E110D31", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: kernel-2.6.35.9-64.fc14", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}