ID OPENVAS:841548 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2017-12-01T00:00:00
Description
Check for the Version of linux-ec2
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1940_1.nasl 7958 2017-12-01 06:47:47Z santu $
#
# Ubuntu Update for linux-ec2 USN-1940-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
if(description)
{
script_id(841548);
script_version("$Revision: 7958 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2013-09-12 11:45:59 +0530 (Thu, 12 Sep 2013)");
script_cve_id("CVE-2013-1060", "CVE-2013-1943", "CVE-2013-2206", "CVE-2013-4162");
script_tag(name:"cvss_base", value:"6.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_name("Ubuntu Update for linux-ec2 USN-1940-1");
tag_insight = "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that
allows for privilege escalation. A local user could exploit this flaw to
run commands as root when using the perf tool. (CVE-2013-1060)
Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM
subsystem allocates memory slots for the guest's address space. A local
user could exploit this flaw to gain system privileges or obtain sensitive
information from kernel memory. (CVE-2013-1943)
A flaw was discovered in the SCTP (stream control transfer protocol)
network protocol's handling of duplicate cookies in the Linux kernel. A
remote attacker could exploit this flaw to cause a denial of service
(system crash) on another remote user querying the SCTP connection.
(CVE-2013-2206)
Hannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the
Linux kernel's IPv6 stack. A local user could exploit this flaw to cause a
denial of service (system crash). (CVE-2013-4162)";
tag_affected = "linux-ec2 on Ubuntu 10.04 LTS";
tag_solution = "Please Install the Updated Packages.";
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name: "USN", value: "1940-1");
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-1940-1/");
script_summary("Check for the Version of linux-ec2");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU10.04 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-356-ec2", ver:"2.6.32-356.69", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:841548", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for linux-ec2 USN-1940-1", "description": "Check for the Version of linux-ec2", "published": "2013-09-12T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841548", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["1940-1", "http://www.ubuntu.com/usn/usn-1940-1/"], "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "lastseen": "2017-12-04T11:22:13", "viewCount": 0, "enchantments": {"score": {"value": 7.4, "vector": "NONE", "modified": "2017-12-04T11:22:13", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-2206", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-1943"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29790", "SECURITYVULNS:DOC:29791", "SECURITYVULNS:VULN:13265"]}, {"type": "ubuntu", "idList": ["USN-1941-1", "USN-1945-1", "USN-1944-1", "USN-1943-1", "USN-1946-1", "USN-1940-1", "USN-1947-1", "USN-1942-1", "USN-1939-1", "USN-1938-1"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1939-1.NASL", "SUSE_11_KERNEL-131106.NASL", "UBUNTU_USN-1938-1.NASL", "ORACLELINUX_ELSA-2013-2575.NASL", "UBUNTU_USN-1943-1.NASL", "UBUNTU_USN-1940-1.NASL", "REDHAT-RHSA-2013-1436.NASL", "SUSE_11_KERNEL-131107.NASL", "ORACLELINUX_ELSA-2013-1436.NASL", "CENTOS_RHSA-2013-1436.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123553", "OPENVAS:1361412562310841540", "OPENVAS:841549", "OPENVAS:1361412562310841548", "OPENVAS:841544", "OPENVAS:1361412562310841544", "OPENVAS:1361412562310841549", "OPENVAS:1361412562310871053", "OPENVAS:841540", "OPENVAS:871053"]}, {"type": "suse", "idList": ["SUSE-SU-2013:1748-1", "SUSE-SU-2013:1749-1", "SUSE-SU-2013:1744-1", "SUSE-SU-2013:1750-1"]}, {"type": "redhat", "idList": ["RHSA-2013:1520", "RHSA-2013:0911", "RHSA-2013:1292", "RHSA-2013:1436"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-1292", "ELSA-2013-1292-1", "ELSA-2013-1436", "ELSA-2013-0911", "ELSA-2013-2542", "ELSA-2013-2575"]}, {"type": "centos", "idList": ["CESA-2013:1436", "CESA-2013:0911", "CESA-2013:1292"]}, {"type": "amazon", "idList": ["ALAS-2013-233"]}], "modified": "2017-12-04T11:22:13", "rev": 2}, "vulnersScore": 7.4}, "pluginID": "841548", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1940_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for linux-ec2 USN-1940-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841548);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:45:59 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1940-1\");\n\n tag_insight = \"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A local\nuser could exploit this flaw to gain system privileges or obtain sensitive\ninformation from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel. A\nremote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\";\n\n tag_affected = \"linux-ec2 on Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1940-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1940-1/\");\n script_summary(\"Check for the Version of linux-ec2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-356-ec2\", ver:\"2.6.32-356.69\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Ubuntu Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T06:06:50", "description": "The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.\nPer: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n'CWE-476: NULL Pointer Dereference'", "edition": 6, "cvss3": {}, "published": "2013-07-04T21:55:00", "title": "CVE-2013-2206", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 5.4, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2206"], "modified": "2018-01-09T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-2206", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2206", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:55", "description": "The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.", "edition": 6, "cvss3": {}, "published": "2013-07-29T13:59:00", "title": "CVE-2013-4162", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4162"], "modified": "2014-01-04T04:48:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.4.11"], "id": "CVE-2013-4162", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4162", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:50", "description": "The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c.", "edition": 9, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2013-07-16T14:08:00", "title": "CVE-2013-1943", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1943"], "modified": "2020-08-03T15:58:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5.0", "cpe:/o:redhat:enterprise_linux_eus:6.2", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:canonical:ubuntu_linux:10.04"], "id": "CVE-2013-1943", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1943", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2021-02-02T06:06:48", "description": "A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows local users to gain privileges by leveraging control over the buildd account.", "edition": 4, "cvss3": {}, "published": "2013-09-25T10:31:00", "title": "CVE-2013-1060", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1060"], "modified": "2013-10-02T04:23:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:canonical:ubuntu_linux:13.04"], "id": "CVE-2013-1060", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1060", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:37:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:1361412562310841548", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841548", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1940-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1940_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ec2 USN-1940-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841548\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:45:59 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1940-1\");\n\n script_tag(name:\"affected\", value:\"linux-ec2 on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A local\nuser could exploit this flaw to gain system privileges or obtain sensitive\ninformation from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel. A\nremote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1940-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1940-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ec2'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-356-ec2\", ver:\"2.6.32-356.69\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:1361412562310841544", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841544", "type": "openvas", "title": "Ubuntu Update for linux USN-1939-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1939_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1939-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841544\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:39:49 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-1939-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool.\n(CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A local\nuser could exploit this flaw to gain system privileges or obtain sensitive\ninformation from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel. A\nremote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1939-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1939-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-386\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-generic\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-generic-pae\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-ia64\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-lpia\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-powerpc\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-powerpc-smp\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-powerpc64-smp\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-preempt\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-server\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-sparc64\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-sparc64-smp\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-versatile\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-virtual\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-26T11:10:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "description": "Check for the Version of linux", "modified": "2018-01-26T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:841544", "href": "http://plugins.openvas.org/nasl.php?oid=841544", "type": "openvas", "title": "Ubuntu Update for linux USN-1939-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1939_1.nasl 8542 2018-01-26 06:57:28Z teissa $\n#\n# Ubuntu Update for linux USN-1939-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841544);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:39:49 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-1939-1\");\n\n tag_insight = \"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool.\n(CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A local\nuser could exploit this flaw to gain system privileges or obtain sensitive\ninformation from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel. A\nremote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\";\n\n tag_affected = \"linux on Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1939-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1939-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-386\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-generic\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-generic-pae\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-ia64\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-lpia\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-powerpc\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-powerpc-smp\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-powerpc64-smp\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-preempt\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-server\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-sparc64\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-sparc64-smp\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-versatile\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-51-virtual\", ver:\"2.6.32-51.113\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:1361412562310841549", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841549", "type": "openvas", "title": "Ubuntu Update for linux-lts-raring USN-1943-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1943_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-raring USN-1943-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841549\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:47:44 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\",\n \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-raring USN-1943-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-raring on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a\nguest OS. A privileged user in the guest OS could exploit this flaw to\ndestroy data on the disk, even though the guest OS should not be able to\nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1943-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1943-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-raring'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-30-generic\", ver:\"3.8.0-30.44~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-06T00:00:00", "id": "OPENVAS:1361412562310841540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841540", "type": "openvas", "title": "Ubuntu Update for linux USN-1938-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1938_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1938-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841540\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-06 09:37:32 +0530 (Fri, 06 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\",\n \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-1938-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 13.04\");\n script_tag(name:\"insight\", value:\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local could exploit this flaw to run\ncommands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides a guest OS read-only access to disks that support TRIM or SCSI\nUNMAP. A privileged user in the guest OS could exploit this flaw to\ndestroy data on the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. A unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in the setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw to\ncause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1938-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1938-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-30-generic\", ver:\"3.8.0-30.44\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-02-06T13:10:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "description": "Check for the Version of linux-lts-raring", "modified": "2018-02-05T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:841549", "href": "http://plugins.openvas.org/nasl.php?oid=841549", "type": "openvas", "title": "Ubuntu Update for linux-lts-raring USN-1943-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1943_1.nasl 8672 2018-02-05 16:39:18Z teissa $\n#\n# Ubuntu Update for linux-lts-raring USN-1943-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841549);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:47:44 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\",\n \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-raring USN-1943-1\");\n\n tag_insight = \"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a\nguest OS. A privileged user in the guest OS could exploit this flaw to\ndestroy data on the disk, even though the guest OS should not be able to\nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\";\n\n tag_affected = \"linux-lts-raring on Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1943-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1943-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux-lts-raring\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-30-generic\", ver:\"3.8.0-30.44~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:09:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "description": "Check for the Version of linux", "modified": "2018-01-26T00:00:00", "published": "2013-09-06T00:00:00", "id": "OPENVAS:841540", "href": "http://plugins.openvas.org/nasl.php?oid=841540", "type": "openvas", "title": "Ubuntu Update for linux USN-1938-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1938_1.nasl 8542 2018-01-26 06:57:28Z teissa $\n#\n# Ubuntu Update for linux USN-1938-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841540);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-06 09:37:32 +0530 (Fri, 06 Sep 2013)\");\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\",\n \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-1938-1\");\n\n tag_insight = \"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local could exploit this flaw to run\ncommands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides a guest OS read-only access to disks that support TRIM or SCSI\nUNMAP. A privileged user in the guest OS could exploit this flaw to\ndestroy data on the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. A unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in the setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw to\ncause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\";\n\n tag_affected = \"linux on Ubuntu 13.04\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1938-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1938-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-30-generic\", ver:\"3.8.0-30.44\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1059", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-4163", "CVE-2013-2164"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:1361412562310841543", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841543", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1942-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1942_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1942-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841543\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:38:37 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1059\", \"CVE-2013-1060\", \"CVE-2013-2164\", \"CVE-2013-2232\",\n \"CVE-2013-2234\", \"CVE-2013-2851\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1942-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2013-1059)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nJonathan Salwan discovered an information leak in the Linux kernel's cdrom\ndriver. A local user can exploit this leak to obtain sensitive information\nfrom kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nKees Cook discovered a format string vulnerability in the Linux kernel's\ndisk block layer. A local user with administrator privileges could exploit\nthis flaw to gain kernel privileges. (CVE-2013-2851)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1942-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1942-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1437-omap4\", ver:\"3.2.0-1437.56\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-18T11:09:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1059", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-4163", "CVE-2013-2164"], "description": "Check for the Version of linux", "modified": "2018-01-18T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:841545", "href": "http://plugins.openvas.org/nasl.php?oid=841545", "type": "openvas", "title": "Ubuntu Update for linux USN-1941-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1941_1.nasl 8456 2018-01-18 06:58:40Z teissa $\n#\n# Ubuntu Update for linux USN-1941-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841545);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:40:47 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2013-1059\", \"CVE-2013-1060\", \"CVE-2013-2164\", \"CVE-2013-2232\",\n \"CVE-2013-2234\", \"CVE-2013-2851\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Ubuntu Update for linux USN-1941-1\");\n\n tag_insight = \"Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2013-1059)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nJonathan Salwan discovered an information leak in the Linux kernel's cdrom\ndriver. A local user can exploit this leak to obtain sensitive information\nfrom kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nKees Cook discovered a format string vulnerability in the Linux kernel's\ndisk block layer. A local user with administrator privileges could exploit\nthis flaw to gain kernel privileges. (CVE-2013-2851)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\";\n\n tag_affected = \"linux on Ubuntu 12.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1941-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1941-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-generic\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-generic-pae\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-highbank\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-omap\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-powerpc-smp\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-powerpc64-smp\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-53-virtual\", ver:\"3.2.0-53.81\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-09-12T00:00:00", "id": "OPENVAS:1361412562310841547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841547", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1946", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1946.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1946\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841547\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-12 11:43:52 +0530 (Thu, 12 Sep 2013)\");\n script_cve_id(\"CVE-2012-5374\", \"CVE-2012-5375\", \"CVE-2013-1060\", \"CVE-2013-2140\",\n \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1946\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 13.04\");\n script_tag(name:\"insight\", value:\"A denial of service flaw was discovered in the Btrfs file system in the\nLinux kernel. A local user could cause a denial of service by creating a\nlarge number of files with names that have the same CRC32 hash value.\n(CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the\nLinux kernel. A local user could cause a denial of service (prevent file\ncreation) for a victim, by creating a file with a specific CRC32C hash\nvalue in a directory important to the victim. (CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw to\nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a\nguest OS. A privileged user in the guest OS could exploit this flaw to\ndestroy data on the disk, even though the guest OS should not be able to\nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\nconnect to an IPv4 destination. An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation\nin the Linux kernel. An local user could exploit this flaw to examine\npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\nkernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4163)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1946\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1946/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-232-omap4\", ver:\"3.5.0-232.48\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-03-01T07:26:30", "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A\nlocal user could exploit this flaw to gain system privileges or obtain\nsensitive information from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1940-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2"], "id": "UBUNTU_USN-1940-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69808", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1940-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69808);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n script_bugtraq_id(60466, 60715);\n script_xref(name:\"USN\", value:\"1940-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1940-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A\nlocal user could exploit this flaw to gain system privileges or obtain\nsensitive information from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1940-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1940-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-356-ec2\", pkgver:\"2.6.32-356.69\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T07:26:30", "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A\nlocal user could exploit this flaw to gain system privileges or obtain\nsensitive information from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-1939-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1939-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69807", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1939-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69807);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n script_bugtraq_id(60466, 60715);\n script_xref(name:\"USN\", value:\"1939-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-1939-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\nsubsystem allocates memory slots for the guest's address space. A\nlocal user could exploit this flaw to gain system privileges or obtain\nsensitive information from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol)\nnetwork protocol's handling of duplicate cookies in the Linux kernel.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash) on another remote user querying the SCTP connection.\n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1939-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1060\", \"CVE-2013-1943\", \"CVE-2013-2206\", \"CVE-2013-4162\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1939-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-386\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-generic\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-generic-pae\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-lpia\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-preempt\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-server\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-versatile\", pkgver:\"2.6.32-51.113\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-51-virtual\", pkgver:\"2.6.32-51.113\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:40:39", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to\nversion 3.0.101 and also includes various other bug and security\nfixes.\n\nThe following features have been added :\n\n - Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n\n - Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n\n - Drivers: hv: Move vmbus version definitions to hyperv.h\n (FATE#314665). The following security issue has been\n fixed :\n\n - The sctp_sf_do_5_2_4_dupcook function in\n net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of\n service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact via crafted SCTP\n traffic. (bnc#826102). (CVE-2013-2206)\n\nThe following non-security bugs have been fixed :\n\n - mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n\n - mm, memcg: move all oom handling to memcontrol.c.\n\n - mm, oom: avoid looping when chosen thread detaches its\n mm.\n\n - mm, oom: fold oom_kill_task() into oom_kill_process().\n\n - mm, oom: introduce helper function to process threads\n during scan.\n\n - mm, oom: reduce dependency on tasklist_lock (Reduce\n tasklist_lock hold times). (bnc#821259)\n\n - mm: do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times). (bnc#821259)\n\n - iommu/vt-d: add quirk for broken interrupt remapping on\n 55XX chipsets. (bnc#844513)\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset. (bnc#844513)\n\n - iommu/vt-d: Only warn about broken interrupt remapping.\n (bnc#844513)\n\n - iommu: Remove stack trace from broken irq remapping\n warning. (bnc#844513)\n\n - intel-iommu: Fix leaks in pagetable freeing.\n (bnc#841402)\n\n - Revert aer_recover_queue() __GENKSYMS__ hack, add a fake\n symset with the previous value instead. (bnc#847721)\n\n - i2c: ismt: initialize DMA buffer. (bnc#843753)\n\n - powerpc/irq: Run softirqs off the top of the irq stack.\n (bnc#847319)\n\n - quirks: add touchscreen that is dazzeled by remote\n wakeup. (bnc#835930)\n\n - kernel: sclp console hangs (bnc#841498, LTC#95711).\n\n - tty/hvc_iucv: Disconnect IUCV connection when lowering\n DTR (bnc#839973,LTC#97595).\n\n - tty/hvc_console: Add DTR/RTS callback to handle HUPCL\n control (bnc#839973,LTC#97595).\n\n - softirq: reduce latencies. (bnc#797526)\n\n - X.509: Remove certificate date checks. (bnc#841656)\n\n - config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.\n (bnc#837372)\n\n - splice: fix racy pipe->buffers uses. (bnc#827246)\n\n - blktrace: fix race with open trace files and directory\n removal. (bnc#832292)\n\n - rcu: Do not trigger false positive RCU stall detection.\n (bnc#834204)\n\n - kernel: allow program interruption filtering in user\n space (bnc#837596, LTC#97332).\n\n - Audit: do not print error when LSMs disabled.\n (bnc#842057)\n\n - SUNRPC: close a rare race in xs_tcp_setup_socket.\n (bnc#794824)\n\n - Btrfs: fix negative qgroup tracking from owner\n accounting. (bnc#821948)\n\n - cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields.\n (bnc#804950)\n\n - NFS: make nfs_flush_incompatible more generous.\n (bnc#816099)\n\n - xfs: growfs: use uncached buffers for new headers.\n (bnc#842604)\n\n - NFS: do not try to use lock state when we hold a\n delegation. (bnc#831029)\n\n - NFS: nfs_lookup_revalidate(): fix a leak. (bnc#828894)\n\n - fs: do_add_mount()/umount -l races. (bnc#836801)\n\n - xfs: avoid double-free in xfs_attr_node_addname.\n\n - xfs: Check the return value of xfs_buf_get().\n (bnc#842604)\n\n - iscsi: do not hang in endless loop if no targets\n present. (bnc#841094)\n\n - scsi_dh_alua: Allow get_alua_data() to return NULL.\n (bnc#839407)\n\n - cifs: revalidate directories instiantiated via FIND_ in\n order to handle DFS referrals. (bnc#831143)\n\n - cifs: do not instantiate new dentries in readdir for\n inodes that need to be revalidated immediately.\n (bnc#831143)\n\n - cifs: rename cifs_readdir_lookup to cifs_prime_dcache\n and make it void return. (bnc#831143)\n\n - cifs: get rid of blind d_drop() in readdir. (bnc#831143)\n\n - cifs: cleanup cifs_filldir. (bnc#831143)\n\n - cifs: on send failure, readjust server sequence number\n downward. (bnc#827966)\n\n - cifs: adjust sequence number downward after signing\n NT_CANCEL request. (bnc#827966)\n\n - cifs: on send failure, readjust server sequence number\n downward. (bnc#827966)\n\n - cifs: adjust sequence number downward after signing\n NT_CANCEL request. (bnc#827966)\n\n - reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list. (bnc#837803)\n\n - reiserfs: remove useless flush_old_journal_lists.\n\n - lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt. (bnc#763463)\n\n - md: Throttle number of pending write requests in\n md/raid10. (bnc#833858)\n\n - dm: ignore merge_bvec for snapshots when safe.\n (bnc#820848)\n\n - ata: Set proper SK when CK_COND is set. (bnc#833588)\n\n - Btrfs: abort unlink trans in missed error case.\n\n - Btrfs: add all ioctl checks before user change for quota\n operations.\n\n - Btrfs: add a rb_tree to improve performance of ulist\n search.\n\n - Btrfs: add btrfs_fs_incompat helper.\n\n - Btrfs: add ioctl to wait for qgroup rescan completion.\n\n - Btrfs: add log message stubs.\n\n - Btrfs: add missing error checks to add_data_references.\n\n - Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP\n handler.\n\n - Btrfs: add missing error handling to read_tree_block.\n\n - Btrfs: add missing mounting options in\n btrfs_show_options().\n\n - Btrfs: add sanity checks regarding to parsing mount\n options.\n\n - Btrfs: add some missing iput()s in btrfs_orphan_cleanup.\n\n - Btrfs: add tree block level sanity check.\n\n - Btrfs: allocate new chunks if the space is not enough\n for global rsv.\n\n - Btrfs: allow file data clone within a file.\n\n - Btrfs: allow superblock mismatch from older mkfs.\n\n - Btrfs: annotate quota tree for lockdep.\n\n - Btrfs: automatic rescan after 'quota enable' command\n (FATE#312751).\n\n - Btrfs: change how we queue blocks for backref checking.\n\n - Btrfs: check if leafs parent exists before pushing items\n around.\n\n - Btrfs: check if we can nocow if we do not have data\n space.\n\n - Btrfs: check return value of commit when recovering log.\n\n - Btrfs: clean snapshots one by one.\n\n - Btrfs: cleanup destroy_marked_extents.\n\n - Btrfs: cleanup fs roots if we fail to mount.\n\n - Btrfs: cleanup orphaned root orphan item.\n\n - Btrfs: cleanup reloc roots properly on error.\n\n - Btrfs: Cleanup some redundant codes in\n btrfs_lookup_csums_range().\n\n - Btrfs: clean up transaction abort messages.\n\n - Btrfs: cleanup unused arguments of btrfs_csum_data.\n\n - Btrfs: clear received_uuid field for new writable\n snapshots.\n\n - Btrfs: compare relevant parts of delayed tree refs.\n\n - Btrfs: cover more error codes in btrfs_decode_error.\n\n - Btrfs: creating the subvolume qgroup automatically when\n enabling quota.\n\n - Btrfs: deal with bad mappings in btrfs_map_block.\n\n - Btrfs: deal with errors in write_dev_supers.\n\n - Btrfs: deal with free space cache errors while replaying\n log.\n\n - Btrfs: deprecate subvolrootid mount option.\n\n - Btrfs: do away with non-whole_page extent I/O.\n\n - Btrfs: do delay iput in sync_fs.\n\n - Btrfs: do not clear our orphan item runtime flag on\n eexist.\n\n - Btrfs: do not continue if out of memory happens.\n\n - Btrfs: do not offset physical if we are compressed.\n\n - Btrfs: do not pin while under spin lock.\n\n - Btrfs: do not abort the current transaction if there is\n no enough space for inode cache.\n\n - Btrfs: do not allow a subvol to be deleted if it is the\n default subovl.\n\n - Btrfs: do not BUG_ON() in btrfs_num_copies.\n\n - Btrfs: do not bug_on when we fail when cleaning up\n transactions.\n\n - Btrfs: do not call readahead hook until we have read the\n entire eb.\n\n - Btrfs: do not delete fs_roots until after we cleanup the\n transaction.\n\n - Btrfs: dont do log_removal in insert_new_root.\n\n - Btrfs: do not force pages under writeback to finish when\n aborting.\n\n - Btrfs: do not ignore errors from\n btrfs_run_delayed_items.\n\n - Btrfs: do not invoke btrfs_invalidate_inodes() in the\n spin lock context.\n\n - Btrfs: do not miss inode ref items in\n BTRFS_IOC_INO_LOOKUP.\n\n - Btrfs: do not NULL pointer deref on abort.\n\n - Btrfs: do not panic if we are trying to drop too many\n refs.\n\n - Btrfs: do not steal the reserved space from the global\n reserve if their space type is different.\n\n - Btrfs: do not stop searching after encountering the\n wrong item.\n\n - Btrfs: do not try and free ebs twice in log replay.\n\n - Btrfs: do not use global block reservation for inode\n cache truncation.\n\n - Btrfs: do not wait on ordered extents if we have a trans\n open.\n\n - Btrfs: Drop inode if inode root is NULL.\n\n - Btrfs: enhance superblock checks.\n\n - Btrfs: exclude logged extents before replying when we\n are mixed.\n\n - Btrfs: explicitly use global_block_rsv for quota_tree.\n\n - Btrfs: fall back to global reservation when removing\n subvolumes.\n\n - Btrfs: fix a bug of snapshot-aware defrag to make it\n work on partial extents.\n\n - Btrfs: fix accessing a freed tree root.\n\n - Btrfs: fix accessing the root pointer in tree mod log\n functions.\n\n - Btrfs: fix all callers of read_tree_block.\n\n - Btrfs: fix a warning when disabling quota.\n\n - Btrfs: fix a warning when updating qgroup limit.\n\n - Btrfs: fix backref walking when we hit a compressed\n extent.\n\n - Btrfs: fix bad extent logging.\n\n - Btrfs: fix broken nocow after balance.\n\n - Btrfs: fix confusing edquot happening case.\n\n - Btrfs: fix double free in the iterate_extent_inodes().\n\n - Btrfs: fix error handling in btrfs_ioctl_send().\n\n - Btrfs: fix error handling in make/read block group.\n\n - Btrfs: fix estale with btrfs send.\n\n - Btrfs: fix extent buffer leak after backref walking.\n\n - Btrfs: fix extent logging with O_DIRECT into prealloc.\n\n - Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is\n specified.\n\n - Btrfs: fix get set label blocking against balance.\n\n - Btrfs: fix infinite loop when we abort on mount.\n\n - Btrfs: fix inode leak on kmalloc failure in tree-log.c.\n\n - Btrfs: fix lockdep warning.\n\n - Btrfs: fix lock leak when resuming snapshot deletion.\n\n - Btrfs: fix memory leak of orphan block rsv.\n\n - Btrfs: fix missing check about ulist_add() in qgroup.c.\n\n - Btrfs: fix missing check before creating a qgroup\n relation.\n\n - Btrfs: fix missing check in the btrfs_qgroup_inherit().\n\n - Btrfs: fix off-by-one in fiemap.\n\n - Btrfs: fix oops when writing dirty qgroups to disk.\n\n - Btrfs: fix possible infinite loop in slow caching.\n\n - Btrfs: fix possible memory leak in replace_path().\n\n - Btrfs: fix possible memory leak in the\n find_parent_nodes().\n\n - Btrfs: fix printing of non NULL terminated string.\n\n - Btrfs: fix qgroup rescan resume on mount.\n\n - Btrfs: fix reada debug code compilation.\n\n - Btrfs: fix the error handling wrt orphan items.\n\n - Btrfs: fix transaction throttling for delayed refs.\n\n - Btrfs: fix tree mod log regression on root split\n operations.\n\n - Btrfs: fix unblocked autodefraggers when remount.\n\n - Btrfs: fix unlock after free on rewinded tree blocks.\n\n - Btrfs: fix unprotected root node of the subvolumes inode\n rb-tree.\n\n - Btrfs: fix use-after-free bug during umount.\n\n - Btrfs: free csums when we are done scrubbing an extent.\n\n - Btrfs: handle errors returned from get_tree_block_key.\n\n - Btrfs: handle errors when doing slow caching.\n\n - Btrfs: hold the tree mod lock in __tree_mod_log_rewind.\n\n - Btrfs: ignore device open failures in\n __btrfs_open_devices.\n\n - Btrfs: improve the loop of scrub_stripe.\n\n - Btrfs: improve the performance of the csums lookup.\n\n - Btrfs: init relocate extent_io_tree with a mapping.\n\n - Btrfs: introduce a mutex lock for btrfs quota\n operations.\n\n - Btrfs: kill some BUG_ONs() in the find_parent_nodes().\n\n - Btrfs: log ram bytes properly.\n\n - Btrfs: make __merge_refs() return type be void.\n\n - Btrfs: make orphan cleanup less verbose.\n\n - Btrfs: make static code static & remove dead code.\n\n - Btrfs: make subvol creation/deletion killable in the\n early stages.\n\n - Btrfs: make sure roots are assigned before freeing their\n nodes.\n\n - Btrfs: make sure the backref walker catches all refs to\n our extent.\n\n - Btrfs: make the cleaner complete early when the fs is\n going to be umounted.\n\n - Btrfs: make the snap/subv deletion end more early when\n the fs is R/O.\n\n - Btrfs: merge save_error_info helpers into one.\n\n - Btrfs: move the R/O check out of\n btrfs_clean_one_deleted_snapshot().\n\n - Btrfs: only do the tree_mod_log_free_eb if this is our\n last ref.\n\n - Btrfs: only exclude supers in the range of our block\n group.\n\n - Btrfs: optimize key searches in btrfs_search_slot.\n\n - Btrfs: optimize the error handle of use_block_rsv().\n\n - Btrfs: pause the space balance when remounting to R/O.\n\n - Btrfs: put our inode if orphan cleanup fails.\n\n - Btrfs: re-add root to dead root list if we stop dropping\n it.\n\n - Btrfs: read entire device info under lock.\n\n - Btrfs: release both paths before logging dir/changed\n extents.\n\n - Btrfs: Release uuid_mutex for shrink during device\n delete.\n\n - Btrfs: remove almost all of the BUG()s from tree-log.c.\n\n - Btrfs: remove BUG_ON() in btrfs_read_fs_tree_no_radix().\n\n - Btrfs: remove ourselves from the cluster list under\n lock.\n\n - Btrfs: remove some BUG_ONs() when walking backref tree.\n\n - Btrfs: remove some unnecessary spin_lock usages.\n\n - Btrfs: remove unnecessary ->s_umount in\n cleaner_kthread().\n\n - Btrfs: remove unused argument of fixup_low_keys().\n\n - Btrfs: remove unused gfp mask parameter from\n release_extent_buffer callchain.\n\n - Btrfs: remove useless copy in quota_ctl.\n\n - Btrfs: remove warn on in free space cache writeout.\n\n - Btrfs: rescan for qgroups (FATE#312751).\n\n - Btrfs: reset ret in record_one_backref.\n\n - Btrfs: return ENOSPC when target space is full.\n\n - Btrfs: return errno if possible when we fail to allocate\n memory.\n\n - Btrfs: return error code in\n btrfs_check_trunc_cache_free_space().\n\n - Btrfs: return error when we specify wrong start to\n defrag.\n\n - Btrfs: return free space in cow error path.\n\n - Btrfs: separate sequence numbers for delayed ref\n tracking and tree mod log.\n\n - Btrfs: set UUID in root_item for created trees.\n\n - Btrfs: share stop worker code.\n\n - Btrfs: simplify unlink reservations.\n\n - Btrfs: split btrfs_qgroup_account_ref into four\n functions.\n\n - Btrfs: stop all workers before cleaning up roots.\n\n - Btrfs: stop using try_to_writeback_inodes_sb_nr to flush\n delalloc.\n\n - Btrfs: stop waiting on current trans if we aborted.\n\n - Btrfs: unlock extent range on enospc in compressed\n submit.\n\n - Btrfs: update drop progress before stopping snapshot\n dropping.\n\n - Btrfs: update fixups from 3.11\n\n - Btrfs: update the global reserve if it is empty.\n\n - Btrfs: use helper to cleanup tree roots.\n\n - Btrfs: use REQ_META for all metadata IO.\n\n - Btrfs: use tree_root to avoid edquot when disabling\n quota.\n\n - Btrfs: use u64 for subvolid when parsing mount options.\n\n - Btrfs: use unsigned long type for extent state bits.\n\n - Btrfs: various abort cleanups.\n\n - Btrfs: wait ordered range before doing direct io.\n\n - Btrfs: wake up delayed ref flushing waiters on abort.\n\n - net/mlx4_en: Fix BlueFlame race. (bnc#835684)\n\n - ipv6: do not call fib6_run_gc() until routing is ready.\n (bnc#836218)\n\n - ipv6: prevent fib6_run_gc() contention. (bnc#797526)\n\n - ipv6: update ip6_rt_last_gc every time GC is run.\n (bnc#797526)\n\n - netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853).\n\n - netfilter: prevent race condition breaking net reference\n counting. (bnc#835094)\n\n - net: remove skb_orphan_try(). (bnc#834600)\n\n - bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().\n (bnc#834905)\n\n - sctp: deal with multiple COOKIE_ECHO chunks.\n (bnc#826102)\n\n - mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in\n mlx4_ib_create_qp(). (bnc#822433)\n\n - drm/i915: disable sound first on intel_disable_ddi.\n (bnc#833151)\n\n - drm/i915: HDMI/DP - ELD info refresh support for\n Haswell. (bnc#833151)\n\n - drm/cirrus: This is a cirrus version of Egbert Eichs\n patch for mgag200. (bnc#808079)\n\n - drm/i915: Disable GGTT PTEs on GEN6+ suspend.\n (bnc#800875)\n\n - drm/i915/hsw: Disable L3 caching of atomic memory\n operations. (bnc#800875)\n\n - ALSA: hda - Re-setup HDMI pin and audio infoframe on\n stream switches. (bnc#833151)\n\n - vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev. (bnc#833321)\n\n - mvsas: add support for 9480 device id. (bnc#843950)\n\n - r8169: fix argument in rtl_hw_init_8168g.\n (bnc#845352,bnc#842820)\n\n - r8169: support RTL8168G. (bnc#845352,bnc#842820)\n\n - r8169: abstract out loop conditions.\n (bnc#845352,bnc#842820)\n\n - r8169: mdio_ops signature change.\n (bnc#845352,bnc#842820)\n\n - thp: reduce khugepaged freezing latency (khugepaged\n blocking suspend-to-ram (bnc#825291)).\n\n - bnx2x: Change to D3hot only on removal. (bnc#838448)\n\n - megaraid_sas: Disable controller reset for ppc.\n (bnc#841050)\n\n - scsi_dh_alua: simplify alua_check_sense(). (bnc#843642)\n\n - scsi_dh_alua: Fix missing close brace in\n alua_check_sense. (bnc#843642)\n\n - scsi_dh_alua: retry command on 'mode parameter changed'\n sense code. (bnc#843645)\n\n - scsi_dh_alua: invalid state information for 'optimized'\n paths. (bnc#843445)\n\n - scsi_dh_alua: reattaching device handler fails with\n 'Error 15'. (bnc#843429)\n\n - Drivers: hv: util: Fix a bug in version negotiation code\n for util services. (bnc#828714)\n\n - Drivers: hv: util: Correctly support ws2008R2 and\n earlier. (bnc#838346)\n\n - Drivers: hv: vmbus: Do not attempt to negoatiate a new\n version prematurely.\n\n - Drivers: hv: util: Correctly support ws2008R2 and\n earlier. (bnc#838346)\n\n - Drivers: hv: vmbus: Terminate vmbus version negotiation\n on timeout.\n\n - Drivers: hv: vmbus: Fix a bug in the handling of channel\n offers.\n\n - Drivers: hv: util: Fix a bug in version negotiation code\n for util services. (bnc#828714)\n\n - Drivers: hv: balloon: Initialize the transaction ID just\n before sending the packet.\n\n - Drivers: hv: util: Fix a bug in util version negotiation\n code. (bnc#838346)\n\n - be2net: Check for POST state in suspend-resume sequence.\n (bnc#835189)\n\n - be2net: bug fix on returning an invalid nic descriptor.\n (bnc#835189)\n\n - be2net: provision VF resources before enabling SR-IOV.\n (bnc#835189)\n\n - be2net: Fix firmware download for Lancer. (bnc#835189)\n\n - be2net: Fix to use version 2 of cq_create for SkyHawk-R\n devices. (bnc#835189)\n\n - be2net: Use GET_FUNCTION_CONFIG V1 cmd. (bnc#835189)\n\n - be2net: Avoid flashing BE3 UFI on BE3-R chip.\n (bnc#835189)\n\n - be2net: Use TXQ_CREATE_V2 cmd. (bnc#835189)\n\n - writeback: Do not sync data dirtied after sync start.\n (bnc#833820)\n\n - elousb: some systems cannot stomach work around.\n (bnc#840830,bnc#830985)\n\n - bounce: allow use of bounce pool via config option\n (Bounce memory pool initialisation (bnc#836347)).\n\n - block: initialize the bounce pool if high memory may be\n added later (Bounce memory pool initialisation\n (bnc#836347)).\n\n - bio-integrity: track owner of integrity payload.\n (bnc#831380)\n\n - xhci: Fix spurious wakeups after S5 on Haswell.\n (bnc#833097)\n\n - s390/cio: handle unknown pgroup state\n (bnc#837741,LTC#97048).\n\n - s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).\n\n - s390/cio: skip broken paths (bnc#837741,LTC#97048).\n\n - s390/cio: dont abort verification after missing irq\n (bnc#837741,LTC#97048).\n\n - cio: add message for timeouts on internal I/O\n (bnc#837741,LTC#97048).\n\n - series.conf: disable XHCI ring expansion patches because\n on machines with large memory they cause a starvation\n problem. (bnc#833635)\n\n - Update EC2 config files (STRICT_DEVMEM off, bnc#843732).\n\n - Fixed Xen guest freezes. (bnc#829682, bnc#842063)\n\n - tools: hv: Improve error logging in VSS daemon.\n\n - tools: hv: Check return value of poll call.\n\n - tools: hv: Check return value of setsockopt call.\n\n - Tools: hv: fix send/recv buffer allocation.\n\n - Tools: hv: check return value of daemon to fix compiler\n warning.\n\n - Tools: hv: in kvp_set_ip_info free mac_addr right after\n usage.\n\n - Tools: hv: check return value of system in\n hv_kvp_daemon.\n\n - Tools: hv: correct payload size in netlink_send.\n\n - Tools: hv: use full nlmsghdr in netlink_send.\n\n - rpm/old-flavors, rpm/mkspec: Add version information to\n obsolete flavors. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Move the xenpae obsolete to\n the old-flavors file.\n\n - rpm/old-flavors: Convert the old-packages.conf file to a\n flat list.\n\n - rpm/mkspec: Adjust.\n\n - rpm/old-packages.conf: Delete.\n\n - rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.\n (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. . (bnc#821465)", "edition": 18, "published": "2013-11-22T00:00:00", "title": "SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8524 / 8525 / 8528)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206"], "modified": "2013-11-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default"], "id": "SUSE_11_KERNEL-131107.NASL", "href": "https://www.tenable.com/plugins/nessus/71034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71034);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2206\");\n\n script_name(english:\"SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8524 / 8525 / 8528)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to\nversion 3.0.101 and also includes various other bug and security\nfixes.\n\nThe following features have been added :\n\n - Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n\n - Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n\n - Drivers: hv: Move vmbus version definitions to hyperv.h\n (FATE#314665). The following security issue has been\n fixed :\n\n - The sctp_sf_do_5_2_4_dupcook function in\n net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of\n service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact via crafted SCTP\n traffic. (bnc#826102). (CVE-2013-2206)\n\nThe following non-security bugs have been fixed :\n\n - mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n\n - mm, memcg: move all oom handling to memcontrol.c.\n\n - mm, oom: avoid looping when chosen thread detaches its\n mm.\n\n - mm, oom: fold oom_kill_task() into oom_kill_process().\n\n - mm, oom: introduce helper function to process threads\n during scan.\n\n - mm, oom: reduce dependency on tasklist_lock (Reduce\n tasklist_lock hold times). (bnc#821259)\n\n - mm: do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times). (bnc#821259)\n\n - iommu/vt-d: add quirk for broken interrupt remapping on\n 55XX chipsets. (bnc#844513)\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset. (bnc#844513)\n\n - iommu/vt-d: Only warn about broken interrupt remapping.\n (bnc#844513)\n\n - iommu: Remove stack trace from broken irq remapping\n warning. (bnc#844513)\n\n - intel-iommu: Fix leaks in pagetable freeing.\n (bnc#841402)\n\n - Revert aer_recover_queue() __GENKSYMS__ hack, add a fake\n symset with the previous value instead. (bnc#847721)\n\n - i2c: ismt: initialize DMA buffer. (bnc#843753)\n\n - powerpc/irq: Run softirqs off the top of the irq stack.\n (bnc#847319)\n\n - quirks: add touchscreen that is dazzeled by remote\n wakeup. (bnc#835930)\n\n - kernel: sclp console hangs (bnc#841498, LTC#95711).\n\n - tty/hvc_iucv: Disconnect IUCV connection when lowering\n DTR (bnc#839973,LTC#97595).\n\n - tty/hvc_console: Add DTR/RTS callback to handle HUPCL\n control (bnc#839973,LTC#97595).\n\n - softirq: reduce latencies. (bnc#797526)\n\n - X.509: Remove certificate date checks. (bnc#841656)\n\n - config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.\n (bnc#837372)\n\n - splice: fix racy pipe->buffers uses. (bnc#827246)\n\n - blktrace: fix race with open trace files and directory\n removal. (bnc#832292)\n\n - rcu: Do not trigger false positive RCU stall detection.\n (bnc#834204)\n\n - kernel: allow program interruption filtering in user\n space (bnc#837596, LTC#97332).\n\n - Audit: do not print error when LSMs disabled.\n (bnc#842057)\n\n - SUNRPC: close a rare race in xs_tcp_setup_socket.\n (bnc#794824)\n\n - Btrfs: fix negative qgroup tracking from owner\n accounting. (bnc#821948)\n\n - cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields.\n (bnc#804950)\n\n - NFS: make nfs_flush_incompatible more generous.\n (bnc#816099)\n\n - xfs: growfs: use uncached buffers for new headers.\n (bnc#842604)\n\n - NFS: do not try to use lock state when we hold a\n delegation. (bnc#831029)\n\n - NFS: nfs_lookup_revalidate(): fix a leak. (bnc#828894)\n\n - fs: do_add_mount()/umount -l races. (bnc#836801)\n\n - xfs: avoid double-free in xfs_attr_node_addname.\n\n - xfs: Check the return value of xfs_buf_get().\n (bnc#842604)\n\n - iscsi: do not hang in endless loop if no targets\n present. (bnc#841094)\n\n - scsi_dh_alua: Allow get_alua_data() to return NULL.\n (bnc#839407)\n\n - cifs: revalidate directories instiantiated via FIND_ in\n order to handle DFS referrals. (bnc#831143)\n\n - cifs: do not instantiate new dentries in readdir for\n inodes that need to be revalidated immediately.\n (bnc#831143)\n\n - cifs: rename cifs_readdir_lookup to cifs_prime_dcache\n and make it void return. (bnc#831143)\n\n - cifs: get rid of blind d_drop() in readdir. (bnc#831143)\n\n - cifs: cleanup cifs_filldir. (bnc#831143)\n\n - cifs: on send failure, readjust server sequence number\n downward. (bnc#827966)\n\n - cifs: adjust sequence number downward after signing\n NT_CANCEL request. (bnc#827966)\n\n - cifs: on send failure, readjust server sequence number\n downward. (bnc#827966)\n\n - cifs: adjust sequence number downward after signing\n NT_CANCEL request. (bnc#827966)\n\n - reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list. (bnc#837803)\n\n - reiserfs: remove useless flush_old_journal_lists.\n\n - lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt. (bnc#763463)\n\n - md: Throttle number of pending write requests in\n md/raid10. (bnc#833858)\n\n - dm: ignore merge_bvec for snapshots when safe.\n (bnc#820848)\n\n - ata: Set proper SK when CK_COND is set. (bnc#833588)\n\n - Btrfs: abort unlink trans in missed error case.\n\n - Btrfs: add all ioctl checks before user change for quota\n operations.\n\n - Btrfs: add a rb_tree to improve performance of ulist\n search.\n\n - Btrfs: add btrfs_fs_incompat helper.\n\n - Btrfs: add ioctl to wait for qgroup rescan completion.\n\n - Btrfs: add log message stubs.\n\n - Btrfs: add missing error checks to add_data_references.\n\n - Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP\n handler.\n\n - Btrfs: add missing error handling to read_tree_block.\n\n - Btrfs: add missing mounting options in\n btrfs_show_options().\n\n - Btrfs: add sanity checks regarding to parsing mount\n options.\n\n - Btrfs: add some missing iput()s in btrfs_orphan_cleanup.\n\n - Btrfs: add tree block level sanity check.\n\n - Btrfs: allocate new chunks if the space is not enough\n for global rsv.\n\n - Btrfs: allow file data clone within a file.\n\n - Btrfs: allow superblock mismatch from older mkfs.\n\n - Btrfs: annotate quota tree for lockdep.\n\n - Btrfs: automatic rescan after 'quota enable' command\n (FATE#312751).\n\n - Btrfs: change how we queue blocks for backref checking.\n\n - Btrfs: check if leafs parent exists before pushing items\n around.\n\n - Btrfs: check if we can nocow if we do not have data\n space.\n\n - Btrfs: check return value of commit when recovering log.\n\n - Btrfs: clean snapshots one by one.\n\n - Btrfs: cleanup destroy_marked_extents.\n\n - Btrfs: cleanup fs roots if we fail to mount.\n\n - Btrfs: cleanup orphaned root orphan item.\n\n - Btrfs: cleanup reloc roots properly on error.\n\n - Btrfs: Cleanup some redundant codes in\n btrfs_lookup_csums_range().\n\n - Btrfs: clean up transaction abort messages.\n\n - Btrfs: cleanup unused arguments of btrfs_csum_data.\n\n - Btrfs: clear received_uuid field for new writable\n snapshots.\n\n - Btrfs: compare relevant parts of delayed tree refs.\n\n - Btrfs: cover more error codes in btrfs_decode_error.\n\n - Btrfs: creating the subvolume qgroup automatically when\n enabling quota.\n\n - Btrfs: deal with bad mappings in btrfs_map_block.\n\n - Btrfs: deal with errors in write_dev_supers.\n\n - Btrfs: deal with free space cache errors while replaying\n log.\n\n - Btrfs: deprecate subvolrootid mount option.\n\n - Btrfs: do away with non-whole_page extent I/O.\n\n - Btrfs: do delay iput in sync_fs.\n\n - Btrfs: do not clear our orphan item runtime flag on\n eexist.\n\n - Btrfs: do not continue if out of memory happens.\n\n - Btrfs: do not offset physical if we are compressed.\n\n - Btrfs: do not pin while under spin lock.\n\n - Btrfs: do not abort the current transaction if there is\n no enough space for inode cache.\n\n - Btrfs: do not allow a subvol to be deleted if it is the\n default subovl.\n\n - Btrfs: do not BUG_ON() in btrfs_num_copies.\n\n - Btrfs: do not bug_on when we fail when cleaning up\n transactions.\n\n - Btrfs: do not call readahead hook until we have read the\n entire eb.\n\n - Btrfs: do not delete fs_roots until after we cleanup the\n transaction.\n\n - Btrfs: dont do log_removal in insert_new_root.\n\n - Btrfs: do not force pages under writeback to finish when\n aborting.\n\n - Btrfs: do not ignore errors from\n btrfs_run_delayed_items.\n\n - Btrfs: do not invoke btrfs_invalidate_inodes() in the\n spin lock context.\n\n - Btrfs: do not miss inode ref items in\n BTRFS_IOC_INO_LOOKUP.\n\n - Btrfs: do not NULL pointer deref on abort.\n\n - Btrfs: do not panic if we are trying to drop too many\n refs.\n\n - Btrfs: do not steal the reserved space from the global\n reserve if their space type is different.\n\n - Btrfs: do not stop searching after encountering the\n wrong item.\n\n - Btrfs: do not try and free ebs twice in log replay.\n\n - Btrfs: do not use global block reservation for inode\n cache truncation.\n\n - Btrfs: do not wait on ordered extents if we have a trans\n open.\n\n - Btrfs: Drop inode if inode root is NULL.\n\n - Btrfs: enhance superblock checks.\n\n - Btrfs: exclude logged extents before replying when we\n are mixed.\n\n - Btrfs: explicitly use global_block_rsv for quota_tree.\n\n - Btrfs: fall back to global reservation when removing\n subvolumes.\n\n - Btrfs: fix a bug of snapshot-aware defrag to make it\n work on partial extents.\n\n - Btrfs: fix accessing a freed tree root.\n\n - Btrfs: fix accessing the root pointer in tree mod log\n functions.\n\n - Btrfs: fix all callers of read_tree_block.\n\n - Btrfs: fix a warning when disabling quota.\n\n - Btrfs: fix a warning when updating qgroup limit.\n\n - Btrfs: fix backref walking when we hit a compressed\n extent.\n\n - Btrfs: fix bad extent logging.\n\n - Btrfs: fix broken nocow after balance.\n\n - Btrfs: fix confusing edquot happening case.\n\n - Btrfs: fix double free in the iterate_extent_inodes().\n\n - Btrfs: fix error handling in btrfs_ioctl_send().\n\n - Btrfs: fix error handling in make/read block group.\n\n - Btrfs: fix estale with btrfs send.\n\n - Btrfs: fix extent buffer leak after backref walking.\n\n - Btrfs: fix extent logging with O_DIRECT into prealloc.\n\n - Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is\n specified.\n\n - Btrfs: fix get set label blocking against balance.\n\n - Btrfs: fix infinite loop when we abort on mount.\n\n - Btrfs: fix inode leak on kmalloc failure in tree-log.c.\n\n - Btrfs: fix lockdep warning.\n\n - Btrfs: fix lock leak when resuming snapshot deletion.\n\n - Btrfs: fix memory leak of orphan block rsv.\n\n - Btrfs: fix missing check about ulist_add() in qgroup.c.\n\n - Btrfs: fix missing check before creating a qgroup\n relation.\n\n - Btrfs: fix missing check in the btrfs_qgroup_inherit().\n\n - Btrfs: fix off-by-one in fiemap.\n\n - Btrfs: fix oops when writing dirty qgroups to disk.\n\n - Btrfs: fix possible infinite loop in slow caching.\n\n - Btrfs: fix possible memory leak in replace_path().\n\n - Btrfs: fix possible memory leak in the\n find_parent_nodes().\n\n - Btrfs: fix printing of non NULL terminated string.\n\n - Btrfs: fix qgroup rescan resume on mount.\n\n - Btrfs: fix reada debug code compilation.\n\n - Btrfs: fix the error handling wrt orphan items.\n\n - Btrfs: fix transaction throttling for delayed refs.\n\n - Btrfs: fix tree mod log regression on root split\n operations.\n\n - Btrfs: fix unblocked autodefraggers when remount.\n\n - Btrfs: fix unlock after free on rewinded tree blocks.\n\n - Btrfs: fix unprotected root node of the subvolumes inode\n rb-tree.\n\n - Btrfs: fix use-after-free bug during umount.\n\n - Btrfs: free csums when we are done scrubbing an extent.\n\n - Btrfs: handle errors returned from get_tree_block_key.\n\n - Btrfs: handle errors when doing slow caching.\n\n - Btrfs: hold the tree mod lock in __tree_mod_log_rewind.\n\n - Btrfs: ignore device open failures in\n __btrfs_open_devices.\n\n - Btrfs: improve the loop of scrub_stripe.\n\n - Btrfs: improve the performance of the csums lookup.\n\n - Btrfs: init relocate extent_io_tree with a mapping.\n\n - Btrfs: introduce a mutex lock for btrfs quota\n operations.\n\n - Btrfs: kill some BUG_ONs() in the find_parent_nodes().\n\n - Btrfs: log ram bytes properly.\n\n - Btrfs: make __merge_refs() return type be void.\n\n - Btrfs: make orphan cleanup less verbose.\n\n - Btrfs: make static code static & remove dead code.\n\n - Btrfs: make subvol creation/deletion killable in the\n early stages.\n\n - Btrfs: make sure roots are assigned before freeing their\n nodes.\n\n - Btrfs: make sure the backref walker catches all refs to\n our extent.\n\n - Btrfs: make the cleaner complete early when the fs is\n going to be umounted.\n\n - Btrfs: make the snap/subv deletion end more early when\n the fs is R/O.\n\n - Btrfs: merge save_error_info helpers into one.\n\n - Btrfs: move the R/O check out of\n btrfs_clean_one_deleted_snapshot().\n\n - Btrfs: only do the tree_mod_log_free_eb if this is our\n last ref.\n\n - Btrfs: only exclude supers in the range of our block\n group.\n\n - Btrfs: optimize key searches in btrfs_search_slot.\n\n - Btrfs: optimize the error handle of use_block_rsv().\n\n - Btrfs: pause the space balance when remounting to R/O.\n\n - Btrfs: put our inode if orphan cleanup fails.\n\n - Btrfs: re-add root to dead root list if we stop dropping\n it.\n\n - Btrfs: read entire device info under lock.\n\n - Btrfs: release both paths before logging dir/changed\n extents.\n\n - Btrfs: Release uuid_mutex for shrink during device\n delete.\n\n - Btrfs: remove almost all of the BUG()s from tree-log.c.\n\n - Btrfs: remove BUG_ON() in btrfs_read_fs_tree_no_radix().\n\n - Btrfs: remove ourselves from the cluster list under\n lock.\n\n - Btrfs: remove some BUG_ONs() when walking backref tree.\n\n - Btrfs: remove some unnecessary spin_lock usages.\n\n - Btrfs: remove unnecessary ->s_umount in\n cleaner_kthread().\n\n - Btrfs: remove unused argument of fixup_low_keys().\n\n - Btrfs: remove unused gfp mask parameter from\n release_extent_buffer callchain.\n\n - Btrfs: remove useless copy in quota_ctl.\n\n - Btrfs: remove warn on in free space cache writeout.\n\n - Btrfs: rescan for qgroups (FATE#312751).\n\n - Btrfs: reset ret in record_one_backref.\n\n - Btrfs: return ENOSPC when target space is full.\n\n - Btrfs: return errno if possible when we fail to allocate\n memory.\n\n - Btrfs: return error code in\n btrfs_check_trunc_cache_free_space().\n\n - Btrfs: return error when we specify wrong start to\n defrag.\n\n - Btrfs: return free space in cow error path.\n\n - Btrfs: separate sequence numbers for delayed ref\n tracking and tree mod log.\n\n - Btrfs: set UUID in root_item for created trees.\n\n - Btrfs: share stop worker code.\n\n - Btrfs: simplify unlink reservations.\n\n - Btrfs: split btrfs_qgroup_account_ref into four\n functions.\n\n - Btrfs: stop all workers before cleaning up roots.\n\n - Btrfs: stop using try_to_writeback_inodes_sb_nr to flush\n delalloc.\n\n - Btrfs: stop waiting on current trans if we aborted.\n\n - Btrfs: unlock extent range on enospc in compressed\n submit.\n\n - Btrfs: update drop progress before stopping snapshot\n dropping.\n\n - Btrfs: update fixups from 3.11\n\n - Btrfs: update the global reserve if it is empty.\n\n - Btrfs: use helper to cleanup tree roots.\n\n - Btrfs: use REQ_META for all metadata IO.\n\n - Btrfs: use tree_root to avoid edquot when disabling\n quota.\n\n - Btrfs: use u64 for subvolid when parsing mount options.\n\n - Btrfs: use unsigned long type for extent state bits.\n\n - Btrfs: various abort cleanups.\n\n - Btrfs: wait ordered range before doing direct io.\n\n - Btrfs: wake up delayed ref flushing waiters on abort.\n\n - net/mlx4_en: Fix BlueFlame race. (bnc#835684)\n\n - ipv6: do not call fib6_run_gc() until routing is ready.\n (bnc#836218)\n\n - ipv6: prevent fib6_run_gc() contention. (bnc#797526)\n\n - ipv6: update ip6_rt_last_gc every time GC is run.\n (bnc#797526)\n\n - netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853).\n\n - netfilter: prevent race condition breaking net reference\n counting. (bnc#835094)\n\n - net: remove skb_orphan_try(). (bnc#834600)\n\n - bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().\n (bnc#834905)\n\n - sctp: deal with multiple COOKIE_ECHO chunks.\n (bnc#826102)\n\n - mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in\n mlx4_ib_create_qp(). (bnc#822433)\n\n - drm/i915: disable sound first on intel_disable_ddi.\n (bnc#833151)\n\n - drm/i915: HDMI/DP - ELD info refresh support for\n Haswell. (bnc#833151)\n\n - drm/cirrus: This is a cirrus version of Egbert Eichs\n patch for mgag200. (bnc#808079)\n\n - drm/i915: Disable GGTT PTEs on GEN6+ suspend.\n (bnc#800875)\n\n - drm/i915/hsw: Disable L3 caching of atomic memory\n operations. (bnc#800875)\n\n - ALSA: hda - Re-setup HDMI pin and audio infoframe on\n stream switches. (bnc#833151)\n\n - vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev. (bnc#833321)\n\n - mvsas: add support for 9480 device id. (bnc#843950)\n\n - r8169: fix argument in rtl_hw_init_8168g.\n (bnc#845352,bnc#842820)\n\n - r8169: support RTL8168G. (bnc#845352,bnc#842820)\n\n - r8169: abstract out loop conditions.\n (bnc#845352,bnc#842820)\n\n - r8169: mdio_ops signature change.\n (bnc#845352,bnc#842820)\n\n - thp: reduce khugepaged freezing latency (khugepaged\n blocking suspend-to-ram (bnc#825291)).\n\n - bnx2x: Change to D3hot only on removal. (bnc#838448)\n\n - megaraid_sas: Disable controller reset for ppc.\n (bnc#841050)\n\n - scsi_dh_alua: simplify alua_check_sense(). (bnc#843642)\n\n - scsi_dh_alua: Fix missing close brace in\n alua_check_sense. (bnc#843642)\n\n - scsi_dh_alua: retry command on 'mode parameter changed'\n sense code. (bnc#843645)\n\n - scsi_dh_alua: invalid state information for 'optimized'\n paths. (bnc#843445)\n\n - scsi_dh_alua: reattaching device handler fails with\n 'Error 15'. (bnc#843429)\n\n - Drivers: hv: util: Fix a bug in version negotiation code\n for util services. (bnc#828714)\n\n - Drivers: hv: util: Correctly support ws2008R2 and\n earlier. (bnc#838346)\n\n - Drivers: hv: vmbus: Do not attempt to negoatiate a new\n version prematurely.\n\n - Drivers: hv: util: Correctly support ws2008R2 and\n earlier. (bnc#838346)\n\n - Drivers: hv: vmbus: Terminate vmbus version negotiation\n on timeout.\n\n - Drivers: hv: vmbus: Fix a bug in the handling of channel\n offers.\n\n - Drivers: hv: util: Fix a bug in version negotiation code\n for util services. (bnc#828714)\n\n - Drivers: hv: balloon: Initialize the transaction ID just\n before sending the packet.\n\n - Drivers: hv: util: Fix a bug in util version negotiation\n code. (bnc#838346)\n\n - be2net: Check for POST state in suspend-resume sequence.\n (bnc#835189)\n\n - be2net: bug fix on returning an invalid nic descriptor.\n (bnc#835189)\n\n - be2net: provision VF resources before enabling SR-IOV.\n (bnc#835189)\n\n - be2net: Fix firmware download for Lancer. (bnc#835189)\n\n - be2net: Fix to use version 2 of cq_create for SkyHawk-R\n devices. (bnc#835189)\n\n - be2net: Use GET_FUNCTION_CONFIG V1 cmd. (bnc#835189)\n\n - be2net: Avoid flashing BE3 UFI on BE3-R chip.\n (bnc#835189)\n\n - be2net: Use TXQ_CREATE_V2 cmd. (bnc#835189)\n\n - writeback: Do not sync data dirtied after sync start.\n (bnc#833820)\n\n - elousb: some systems cannot stomach work around.\n (bnc#840830,bnc#830985)\n\n - bounce: allow use of bounce pool via config option\n (Bounce memory pool initialisation (bnc#836347)).\n\n - block: initialize the bounce pool if high memory may be\n added later (Bounce memory pool initialisation\n (bnc#836347)).\n\n - bio-integrity: track owner of integrity payload.\n (bnc#831380)\n\n - xhci: Fix spurious wakeups after S5 on Haswell.\n (bnc#833097)\n\n - s390/cio: handle unknown pgroup state\n (bnc#837741,LTC#97048).\n\n - s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).\n\n - s390/cio: skip broken paths (bnc#837741,LTC#97048).\n\n - s390/cio: dont abort verification after missing irq\n (bnc#837741,LTC#97048).\n\n - cio: add message for timeouts on internal I/O\n (bnc#837741,LTC#97048).\n\n - series.conf: disable XHCI ring expansion patches because\n on machines with large memory they cause a starvation\n problem. (bnc#833635)\n\n - Update EC2 config files (STRICT_DEVMEM off, bnc#843732).\n\n - Fixed Xen guest freezes. (bnc#829682, bnc#842063)\n\n - tools: hv: Improve error logging in VSS daemon.\n\n - tools: hv: Check return value of poll call.\n\n - tools: hv: Check return value of setsockopt call.\n\n - Tools: hv: fix send/recv buffer allocation.\n\n - Tools: hv: check return value of daemon to fix compiler\n warning.\n\n - Tools: hv: in kvp_set_ip_info free mac_addr right after\n usage.\n\n - Tools: hv: check return value of system in\n hv_kvp_daemon.\n\n - Tools: hv: correct payload size in netlink_send.\n\n - Tools: hv: use full nlmsghdr in netlink_send.\n\n - rpm/old-flavors, rpm/mkspec: Add version information to\n obsolete flavors. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Move the xenpae obsolete to\n the old-flavors file.\n\n - rpm/old-flavors: Convert the old-packages.conf file to a\n flat list.\n\n - rpm/mkspec: Adjust.\n\n - rpm/old-packages.conf: Delete.\n\n - rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.\n (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. . (bnc#821465)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=794824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=800875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=826102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=827246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=827416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=827966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=828714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=828894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=830985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=832292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=834204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=834600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=834905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837596\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=838346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=838448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=839407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=839973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=840830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=843950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=845352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=847319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=847721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2206.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8524 / 8525 / 8528 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-source-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-syms-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.3_02_3.0.101_0.8-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-source-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-syms-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.3_02_3.0.101_0.8-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T14:40:38", "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to\nversion 3.0.101 and also includes various other bug and security\nfixes.\n\nThe following features have been added :\n\n - Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n\n - Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n\n - Drivers: hv: Move vmbus version definitions to hyperv.h\n (FATE#314665). The following security issue has been\n fixed :\n\n - The sctp_sf_do_5_2_4_dupcook function in\n net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of\n service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact via crafted SCTP\n traffic. (bnc#826102). (CVE-2013-2206)\n\nThe following non-security bugs have been fixed :\n\n - kernel: sclp console hangs (bnc#841498, LTC#95711).\n\n - intel-iommu: Fix leaks in pagetable freeing.\n (bnc#841402)\n\n - iommu/vt-d: add quirk for broken interrupt remapping on\n 55XX chipsets. (bnc#844513)\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset. (bnc#844513)\n\n - iommu/vt-d: Only warn about broken interrupt remapping.\n (bnc#844513)\n\n - iommu: Remove stack trace from broken irq remapping\n warning. (bnc#844513)\n\n - softirq: reduce latencies. (bnc#797526)\n\n - Fix lockup related to stop_machine being stuck in\n __do_softirq. (bnc#797526)\n\n - splice: fix racy pipe->buffers uses. (bnc#827246)\n\n - blktrace: fix race with open trace files and directory\n removal. (bnc#832292)\n\n - mm: Do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times (bnc#821259)).\n\n - mm: Bounce memory pool initialisation. (bnc#836347)\n\n - mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n\n - mm, memcg: move all oom handling to memcontrol.c.\n\n - mm, oom: avoid looping when chosen thread detaches its\n mm.\n\n - mm, oom: fold oom_kill_task() into oom_kill_process().\n\n - mm, oom: introduce helper function to process threads\n during scan.\n\n - mm, oom: reduce dependency on tasklist_lock.\n\n - ipv6: do not call fib6_run_gc() until routing is ready.\n (bnc#836218)\n\n - ipv6: prevent fib6_run_gc() contention. (bnc#797526)\n\n - ipv6: update ip6_rt_last_gc every time GC is run.\n (bnc#797526)\n\n - net/mlx4_en: Fix BlueFlame race. (bnc#835684)\n\n - netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853).\n\n - netfilter: prevent race condition breaking net reference\n counting. (bnc#835094)\n\n - net: remove skb_orphan_try(). (bnc#834600)\n\n - bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().\n (bnc#834905)\n\n - sctp: deal with multiple COOKIE_ECHO chunks.\n (bnc#826102)\n\n - SUNRPC: close a rare race in xs_tcp_setup_socket.\n (bnc#794824)\n\n - NFS: make nfs_flush_incompatible more generous.\n (bnc#816099)\n\n - NFS: do not try to use lock state when we hold a\n delegation. (bnc#831029)\n\n - nfs_lookup_revalidate(): fix a leak. (bnc#828894)\n\n - xfs: growfs: use uncached buffers for new headers.\n (bnc#842604)\n\n - xfs: Check the return value of xfs_buf_get().\n (bnc#842604)\n\n - xfs: avoid double-free in xfs_attr_node_addname.\n\n - do_add_mount()/umount -l races. (bnc#836801)\n\n - cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.\n (bnc#804950)\n\n - cifs: Fix EREMOTE errors encountered on DFS links.\n (bnc#831143)\n\n - reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list. (bnc#837803)\n\n - reiserfs: remove useless flush_old_journal_lists.\n\n - fs: writeback: Do not sync data dirtied after sync\n start. (bnc#833820)\n\n - rcu: Do not trigger false positive RCU stall detection.\n (bnc#834204)\n\n - lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt. (bnc#763463)\n\n - bnx2x: Change to D3hot only on removal. (bnc#838448)\n\n - vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev. (bnc#833321)\n\n - Drivers: hv: Support handling multiple VMBUS versions\n (fate#314665).\n\n - Drivers: hv: Save and export negotiated vmbus version\n (fate#314665).\n\n - Drivers: hv: Move vmbus version definitions to hyperv.h\n (fate#314665).\n\n - Drivers: hv: util: Fix a bug in version negotiation code\n for util services. (bnc#828714)\n\n - Drivers: hv: util: Correctly support ws2008R2 and\n earlier. (bnc#838346)\n\n - Drivers: hv: util: Fix a bug in util version negotiation\n code. (bnc#838346)\n\n - iscsi: do not hang in endless loop if no targets\n present. (bnc#841094)\n\n - ata: Set proper SK when CK_COND is set. (bnc#833588)\n\n - md: Throttle number of pending write requests in\n md/raid10. (bnc#833858)\n\n - dm: ignore merge_bvec for snapshots when safe.\n (bnc#820848)\n\n - elousb: some systems cannot stomach work around.\n (bnc#840830)\n\n - bio-integrity: track owner of integrity payload.\n (bnc#831380)\n\n - quirks: add touchscreen that is dazzeled by remote\n wakeup. (bnc#835930)\n\n - Fixed Xen guest freezes. (bnc#829682, bnc#842063)\n\n - config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.\n (bnc#837372)\n\n - series.conf: disable XHCI ring expansion patches because\n on machines with large memory they cause a starvation\n problem. (bnc#833635)\n\n - rpm/old-flavors, rpm/mkspec: Add version information to\n obsolete flavors. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Move the xenpae obsolete to\n the old-flavors file.\n\n - rpm/old-flavors: Convert the old-packages.conf file to a\n flat list.\n\n - rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.\n (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. . (bnc#821465)", "edition": 18, "published": "2013-11-22T00:00:00", "title": "SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2206"], "modified": "2013-11-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:xen-kmp-trace", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-extra", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default"], "id": "SUSE_11_KERNEL-131106.NASL", "href": "https://www.tenable.com/plugins/nessus/71033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71033);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2206\");\n\n script_name(english:\"SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to\nversion 3.0.101 and also includes various other bug and security\nfixes.\n\nThe following features have been added :\n\n - Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n\n - Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n\n - Drivers: hv: Move vmbus version definitions to hyperv.h\n (FATE#314665). The following security issue has been\n fixed :\n\n - The sctp_sf_do_5_2_4_dupcook function in\n net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of\n service (NULL pointer dereference and system crash) or\n possibly have unspecified other impact via crafted SCTP\n traffic. (bnc#826102). (CVE-2013-2206)\n\nThe following non-security bugs have been fixed :\n\n - kernel: sclp console hangs (bnc#841498, LTC#95711).\n\n - intel-iommu: Fix leaks in pagetable freeing.\n (bnc#841402)\n\n - iommu/vt-d: add quirk for broken interrupt remapping on\n 55XX chipsets. (bnc#844513)\n\n - x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset. (bnc#844513)\n\n - iommu/vt-d: Only warn about broken interrupt remapping.\n (bnc#844513)\n\n - iommu: Remove stack trace from broken irq remapping\n warning. (bnc#844513)\n\n - softirq: reduce latencies. (bnc#797526)\n\n - Fix lockup related to stop_machine being stuck in\n __do_softirq. (bnc#797526)\n\n - splice: fix racy pipe->buffers uses. (bnc#827246)\n\n - blktrace: fix race with open trace files and directory\n removal. (bnc#832292)\n\n - mm: Do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times (bnc#821259)).\n\n - mm: Bounce memory pool initialisation. (bnc#836347)\n\n - mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n\n - mm, memcg: move all oom handling to memcontrol.c.\n\n - mm, oom: avoid looping when chosen thread detaches its\n mm.\n\n - mm, oom: fold oom_kill_task() into oom_kill_process().\n\n - mm, oom: introduce helper function to process threads\n during scan.\n\n - mm, oom: reduce dependency on tasklist_lock.\n\n - ipv6: do not call fib6_run_gc() until routing is ready.\n (bnc#836218)\n\n - ipv6: prevent fib6_run_gc() contention. (bnc#797526)\n\n - ipv6: update ip6_rt_last_gc every time GC is run.\n (bnc#797526)\n\n - net/mlx4_en: Fix BlueFlame race. (bnc#835684)\n\n - netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853).\n\n - netfilter: prevent race condition breaking net reference\n counting. (bnc#835094)\n\n - net: remove skb_orphan_try(). (bnc#834600)\n\n - bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().\n (bnc#834905)\n\n - sctp: deal with multiple COOKIE_ECHO chunks.\n (bnc#826102)\n\n - SUNRPC: close a rare race in xs_tcp_setup_socket.\n (bnc#794824)\n\n - NFS: make nfs_flush_incompatible more generous.\n (bnc#816099)\n\n - NFS: do not try to use lock state when we hold a\n delegation. (bnc#831029)\n\n - nfs_lookup_revalidate(): fix a leak. (bnc#828894)\n\n - xfs: growfs: use uncached buffers for new headers.\n (bnc#842604)\n\n - xfs: Check the return value of xfs_buf_get().\n (bnc#842604)\n\n - xfs: avoid double-free in xfs_attr_node_addname.\n\n - do_add_mount()/umount -l races. (bnc#836801)\n\n - cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.\n (bnc#804950)\n\n - cifs: Fix EREMOTE errors encountered on DFS links.\n (bnc#831143)\n\n - reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list. (bnc#837803)\n\n - reiserfs: remove useless flush_old_journal_lists.\n\n - fs: writeback: Do not sync data dirtied after sync\n start. (bnc#833820)\n\n - rcu: Do not trigger false positive RCU stall detection.\n (bnc#834204)\n\n - lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt. (bnc#763463)\n\n - bnx2x: Change to D3hot only on removal. (bnc#838448)\n\n - vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev. (bnc#833321)\n\n - Drivers: hv: Support handling multiple VMBUS versions\n (fate#314665).\n\n - Drivers: hv: Save and export negotiated vmbus version\n (fate#314665).\n\n - Drivers: hv: Move vmbus version definitions to hyperv.h\n (fate#314665).\n\n - Drivers: hv: util: Fix a bug in version negotiation code\n for util services. (bnc#828714)\n\n - Drivers: hv: util: Correctly support ws2008R2 and\n earlier. (bnc#838346)\n\n - Drivers: hv: util: Fix a bug in util version negotiation\n code. (bnc#838346)\n\n - iscsi: do not hang in endless loop if no targets\n present. (bnc#841094)\n\n - ata: Set proper SK when CK_COND is set. (bnc#833588)\n\n - md: Throttle number of pending write requests in\n md/raid10. (bnc#833858)\n\n - dm: ignore merge_bvec for snapshots when safe.\n (bnc#820848)\n\n - elousb: some systems cannot stomach work around.\n (bnc#840830)\n\n - bio-integrity: track owner of integrity payload.\n (bnc#831380)\n\n - quirks: add touchscreen that is dazzeled by remote\n wakeup. (bnc#835930)\n\n - Fixed Xen guest freezes. (bnc#829682, bnc#842063)\n\n - config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.\n (bnc#837372)\n\n - series.conf: disable XHCI ring expansion patches because\n on machines with large memory they cause a starvation\n problem. (bnc#833635)\n\n - rpm/old-flavors, rpm/mkspec: Add version information to\n obsolete flavors. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Move the xenpae obsolete to\n the old-flavors file.\n\n - rpm/old-flavors: Convert the old-packages.conf file to a\n flat list.\n\n - rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.\n (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned. (bnc#821465)\n\n - rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. . (bnc#821465)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=794824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=826102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=827246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=827416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=828714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=828894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=829682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=832292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=834204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=834600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=834905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=835930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=838346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=838448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=840830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=841498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2206.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8509 / 8516 / 8518 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-source-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-syms-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-source-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-syms-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T07:26:29", "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows specified to be run as root. A local could exploit this flaw to\nrun commands as root when using the perf tool. user could exploit this\n(CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-06T00:00:00", "title": "Ubuntu 13.04 : linux vulnerabilities (USN-1938-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic", "cpe:/o:canonical:ubuntu_linux:13.04"], "id": "UBUNTU_USN-1938-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69798", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1938-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69798);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_bugtraq_id(60414, 60874, 60893, 61411, 61412);\n script_xref(name:\"USN\", value:\"1938-1\");\n\n script_name(english:\"Ubuntu 13.04 : linux vulnerabilities (USN-1938-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows specified to be run as root. A local could exploit this flaw to\nrun commands as root when using the perf tool. user could exploit this\n(CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1938-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.8-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1938-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.04\", pkgname:\"linux-image-3.8.0-30-generic\", pkgver:\"3.8.0-30.44\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.8-generic\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T07:26:31", "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-07T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1943-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1943-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69810", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1943-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69810);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_xref(name:\"USN\", value:\"1943-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1943-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1943-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.8-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1943-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.8.0-30-generic\", pkgver:\"3.8.0-30.44~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.8-generic\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T07:26:30", "description": "Chanam Park reported a NULL pointer flaw in the Linux kernel's Ceph\nclient. A remote attacker could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2013-1059)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nJonathan Salwan discovered an information leak in the Linux kernel's\ncdrom driver. A local user can exploit this leak to obtain sensitive\ninformation from kernel memory if the CD-ROM drive is malfunctioning.\n(CVE-2013-2164)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nKees Cook discovered a format string vulnerability in the Linux\nkernel's disk block layer. A local user with administrator privileges\ncould exploit this flaw to gain kernel privileges. (CVE-2013-2851)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-07T00:00:00", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-1941-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1059", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-4163", "CVE-2013-2164"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1941-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69809", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1941-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69809);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1059\", \"CVE-2013-1060\", \"CVE-2013-2164\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-2851\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_bugtraq_id(60375, 60409, 60922);\n script_xref(name:\"USN\", value:\"1941-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-1941-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Chanam Park reported a NULL pointer flaw in the Linux kernel's Ceph\nclient. A remote attacker could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2013-1059)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nJonathan Salwan discovered an information leak in the Linux kernel's\ncdrom driver. A local user can exploit this leak to obtain sensitive\ninformation from kernel memory if the CD-ROM drive is malfunctioning.\n(CVE-2013-2164)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nKees Cook discovered a format string vulnerability in the Linux\nkernel's disk block layer. A local user with administrator privileges\ncould exploit this flaw to gain kernel privileges. (CVE-2013-2851)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1941-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/06/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1059\", \"CVE-2013-1060\", \"CVE-2013-2164\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-2851\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1941-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-53-generic\", pkgver:\"3.2.0-53.81\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-53-generic-pae\", pkgver:\"3.2.0-53.81\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-53-highbank\", pkgver:\"3.2.0-53.81\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-53-virtual\", pkgver:\"3.2.0-53.81\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T07:26:32", "description": "A denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service by\ncreating a large number of files with names that have the same CRC32\nhash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service\n(prevent file creation) for a victim, by creating a file with a\nspecific CRC32C hash value in a directory important to the victim.\n(CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows specified to be run as root. A local could exploit this flaw to\nrun commands as root when using the perf tool. user could exploit this\n(CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-07T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1947-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1947-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69812", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1947-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69812);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2012-5374\", \"CVE-2012-5375\", \"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_bugtraq_id(56939, 56940, 60414, 60874, 60893, 61411, 61412, 62248);\n script_xref(name:\"USN\", value:\"1947-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1947-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service by\ncreating a large number of files with names that have the same CRC32\nhash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service\n(prevent file creation) for a victim, by creating a file with a\nspecific CRC32C hash value in a directory important to the victim.\n(CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows specified to be run as root. A local could exploit this flaw to\nrun commands as root when using the perf tool. user could exploit this\n(CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1947-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-5374\", \"CVE-2012-5375\", \"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1947-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-40-generic\", pkgver:\"3.5.0-40.62~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T07:26:32", "description": "A denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service by\ncreating a large number of files with names that have the same CRC32\nhash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service\n(prevent file creation) for a victim, by creating a file with a\nspecific CRC32C hash value in a directory important to the victim.\n(CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2013-09-07T00:00:00", "title": "Ubuntu 12.10 : linux vulnerabilities (USN-1944-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic"], "id": "UBUNTU_USN-1944-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69811", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1944-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69811);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2012-5374\", \"CVE-2012-5375\", \"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n script_bugtraq_id(56939);\n script_xref(name:\"USN\", value:\"1944-1\");\n\n script_name(english:\"Ubuntu 12.10 : linux vulnerabilities (USN-1944-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service by\ncreating a large number of files with names that have the same CRC32\nhash value. (CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in\nthe Linux kernel. A local user could cause a denial of service\n(prevent file creation) for a victim, by creating a file with a\nspecific CRC32C hash value in a directory important to the victim.\n(CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\nallows for privilege escalation. A local user could exploit this flaw\nto run commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP\nto a guest OS. A privileged user in the guest OS could exploit this\nflaw to destroy data on the disk, even though the guest OS should not\nbe able to write to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used\nto connect to an IPv4 destination. An unprivileged local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket\nimplementation in the Linux kernel. An local user could exploit this\nflaw to examine potentially sensitive information in kernel memory.\n(CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option\nin the Linux kernel's IPv6 stack. A local user could exploit this flaw\nto cause a denial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the\nLinux kernel when the IPV6_MTU setsockopt option has been specified in\ncombination with the UDP_CORK option. A local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2013-4163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1944-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.5-generic and / or\nlinux-image-3.5-highbank packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-5374\", \"CVE-2012-5375\", \"CVE-2013-1060\", \"CVE-2013-2140\", \"CVE-2013-2232\", \"CVE-2013-2234\", \"CVE-2013-4162\", \"CVE-2013-4163\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1944-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-40-generic\", pkgver:\"3.5.0-40.62\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-40-highbank\", pkgver:\"3.5.0-40.62\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic / linux-image-3.5-highbank\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:48:35", "description": "Description of changes:\n\nkernel-uek\n[2.6.32-400.33.2.el6uek]\n- dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618900] \n{CVE-2013-4299}\n- ipv6: call udp_push_pending_frames when uncorking a socket with \nAF_INET pending data (Hannes Frederic Sowa) [Orabug: 17618897] \n{CVE-2013-4162}", "edition": 21, "published": "2013-10-20T00:00:00", "title": "Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2575)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "modified": "2013-10-20T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el6uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el6uekdebug", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el6uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el5uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el5uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el6uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el5uekdebug", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el5uek", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "id": "ORACLELINUX_ELSA-2013-2575.NASL", "href": "https://www.tenable.com/plugins/nessus/70525", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2013-2575.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70525);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-4162\", \"CVE-2013-4299\");\n script_bugtraq_id(61411, 63183);\n\n script_name(english:\"Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2575)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[2.6.32-400.33.2.el6uek]\n- dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618900] \n{CVE-2013-4299}\n- ipv6: call udp_push_pending_frames when uncorking a socket with \nAF_INET pending data (Hannes Frederic Sowa) [Orabug: 17618897] \n{CVE-2013-4162}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-October/003735.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-October/003736.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.33.2.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.33.2.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4162\", \"CVE-2013-4299\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2013-2575\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-headers-2.6.32-400.33.2.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.33.2.el5uek-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.33.2.el5uekdebug-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.33.2.el5uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.33.2.el5uekdebug-1.5.1-4.0.58\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-400.33.2.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.33.2.el6uek-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.33.2.el6uekdebug-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.33.2.el6uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.33.2.el6uekdebug-1.5.1-4.0.58\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:22:22", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM \nsubsystem allocates memory slots for the guest's address space. A local \nuser could exploit this flaw to gain system privileges or obtain sensitive \ninformation from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol) \nnetwork protocol's handling of duplicate cookies in the Linux kernel. A \nremote attacker could exploit this flaw to cause a denial of service \n(system crash) on another remote user querying the SCTP connection. \n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1940-1", "href": "https://ubuntu.com/security/notices/USN-1940-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:45:57", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. \n(CVE-2013-1060)\n\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM \nsubsystem allocates memory slots for the guest's address space. A local \nuser could exploit this flaw to gain system privileges or obtain sensitive \ninformation from kernel memory. (CVE-2013-1943)\n\nA flaw was discovered in the SCTP (stream control transfer protocol) \nnetwork protocol's handling of duplicate cookies in the Linux kernel. A \nremote attacker could exploit this flaw to cause a denial of service \n(system crash) on another remote user querying the SCTP connection. \n(CVE-2013-2206)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1939-1", "href": "https://ubuntu.com/security/notices/USN-1939-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:39:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows specified to be run as root. A local could exploit this flaw to run \ncommands as root when using the perf tool. user could exploit this \n(CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it \nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a \nguest OS. A privileged user in the guest OS could exploit this flaw to \ndestroy data on the disk, even though the guest OS should not be able to \nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-05T00:00:00", "published": "2013-09-05T00:00:00", "id": "USN-1938-1", "href": "https://ubuntu.com/security/notices/USN-1938-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:37:15", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140"], "description": "Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it \nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a \nguest OS. A privileged user in the guest OS could exploit this flaw to \ndestroy data on the disk, even though the guest OS should not be able to \nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1943-1", "href": "https://ubuntu.com/security/notices/USN-1943-1", "title": "Linux kernel (Raring HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:43:08", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "description": "A denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service by creating a \nlarge number of files with names that have the same CRC32 hash value. \n(CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service (prevent file \ncreation) for a victim, by creating a file with a specific CRC32C hash \nvalue in a directory important to the victim. (CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it \nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a \nguest OS. A privileged user in the guest OS could exploit this flaw to \ndestroy data on the disk, even though the guest OS should not be able to \nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1945-1", "href": "https://ubuntu.com/security/notices/USN-1945-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:34:25", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "description": "A denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service by creating a \nlarge number of files with names that have the same CRC32 hash value. \n(CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service (prevent file \ncreation) for a victim, by creating a file with a specific CRC32C hash \nvalue in a directory important to the victim. (CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it \nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a \nguest OS. A privileged user in the guest OS could exploit this flaw to \ndestroy data on the disk, even though the guest OS should not be able to \nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1944-1", "href": "https://ubuntu.com/security/notices/USN-1944-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-18T01:40:19", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "description": "A denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service by creating a \nlarge number of files with names that have the same CRC32 hash value. \n(CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service (prevent file \ncreation) for a victim, by creating a file with a specific CRC32C hash \nvalue in a directory important to the victim. (CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it \nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a \nguest OS. A privileged user in the guest OS could exploit this flaw to \ndestroy data on the disk, even though the guest OS should not be able to \nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 6, "modified": "2013-09-07T00:00:00", "published": "2013-09-07T00:00:00", "id": "USN-1947-1", "href": "https://ubuntu.com/security/notices/USN-1947-1", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:38:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1059", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-4163", "CVE-2013-2164"], "description": "Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. \nA remote attacker could exploit this flaw to cause a denial of service \n(system crash). (CVE-2013-1059)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nJonathan Salwan discovered an information leak in the Linux kernel's cdrom \ndriver. A local user can exploit this leak to obtain sensitive information \nfrom kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nKees Cook discovered a format string vulnerability in the Linux kernel's \ndisk block layer. A local user with administrator privileges could exploit \nthis flaw to gain kernel privileges. (CVE-2013-2851)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1941-1", "href": "https://ubuntu.com/security/notices/USN-1941-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-02T11:41:09", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1059", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-4163", "CVE-2013-2164"], "description": "Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. \nA remote attacker could exploit this flaw to cause a denial of service \n(system crash). (CVE-2013-1059)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nJonathan Salwan discovered an information leak in the Linux kernel's cdrom \ndriver. A local user can exploit this leak to obtain sensitive information \nfrom kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nKees Cook discovered a format string vulnerability in the Linux kernel's \ndisk block layer. A local user with administrator privileges could exploit \nthis flaw to gain kernel privileges. (CVE-2013-2851)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1942-1", "href": "https://ubuntu.com/security/notices/USN-1942-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-08T23:40:58", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "description": "A denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service by creating a \nlarge number of files with names that have the same CRC32 hash value. \n(CVE-2012-5374)\n\nA denial of service flaw was discovered in the Btrfs file system in the \nLinux kernel. A local user could cause a denial of service (prevent file \ncreation) for a victim, by creating a file with a specific CRC32C hash \nvalue in a directory important to the victim. (CVE-2012-5375)\n\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that \nallows for privilege escalation. A local user could exploit this flaw to \nrun commands as root when using the perf tool. (CVE-2013-1060)\n\nA flaw was discovered in the Xen subsystem of the Linux kernel when it \nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a \nguest OS. A privileged user in the guest OS could exploit this flaw to \ndestroy data on the disk, even though the guest OS should not be able to \nwrite to the disk. (CVE-2013-2140)\n\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to \nconnect to an IPv4 destination. An unprivileged local user could exploit \nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\n\nAn information leak was discovered in the IPSec key_socket implementation \nin the Linux kernel. An local user could exploit this flaw to examine \npotentially sensitive information in kernel memory. (CVE-2013-2234)\n\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the \nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a \ndenial of service (system crash). (CVE-2013-4162)\n\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux \nkernel when the IPV6_MTU setsockopt option has been specified in \ncombination with the UDP_CORK option. A local user could exploit this flaw \nto cause a denial of service (system crash). (CVE-2013-4163)", "edition": 5, "modified": "2013-09-06T00:00:00", "published": "2013-09-06T00:00:00", "id": "USN-1946-1", "href": "https://ubuntu.com/security/notices/USN-1946-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "cvelist": ["CVE-2013-2206", "CVE-2013-1943", "CVE-2013-4162", "CVE-2013-1060"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1939-1\r\nSeptember 06, 2013\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\r\nallows for privilege escalation. A local user could exploit this flaw to\r\nrun commands as root when using the perf tool.\r\n(CVE-2013-1060)\r\n\r\nMichael S. Tsirkin discovered a flaw in how the Linux kernel's KVM\r\nsubsystem allocates memory slots for the guest's address space. A local\r\nuser could exploit this flaw to gain system privileges or obtain sensitive\r\ninformation from kernel memory. (CVE-2013-1943)\r\n\r\nA flaw was discovered in the SCTP (stream control transfer protocol)\r\nnetwork protocol's handling of duplicate cookies in the Linux kernel. A\r\nremote attacker could exploit this flaw to cause a denial of service\r\n(system crash) on another remote user querying the SCTP connection.\r\n(CVE-2013-2206)\r\n\r\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\r\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\r\ndenial of service (system crash). (CVE-2013-4162)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n linux-image-2.6.32-51-386 2.6.32-51.113\r\n linux-image-2.6.32-51-generic 2.6.32-51.113\r\n linux-image-2.6.32-51-generic-pae 2.6.32-51.113\r\n linux-image-2.6.32-51-ia64 2.6.32-51.113\r\n linux-image-2.6.32-51-lpia 2.6.32-51.113\r\n linux-image-2.6.32-51-powerpc 2.6.32-51.113\r\n linux-image-2.6.32-51-powerpc-smp 2.6.32-51.113\r\n linux-image-2.6.32-51-powerpc64-smp 2.6.32-51.113\r\n linux-image-2.6.32-51-preempt 2.6.32-51.113\r\n linux-image-2.6.32-51-server 2.6.32-51.113\r\n linux-image-2.6.32-51-sparc64 2.6.32-51.113\r\n linux-image-2.6.32-51-sparc64-smp 2.6.32-51.113\r\n linux-image-2.6.32-51-versatile 2.6.32-51.113\r\n linux-image-2.6.32-51-virtual 2.6.32-51.113\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\r\nlinux-server, linux-powerpc), a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1939-1\r\n CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.32-51.113\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2013-09-09T00:00:00", "published": "2013-09-09T00:00:00", "id": "SECURITYVULNS:DOC:29791", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29791", "title": "[USN-1939-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "cvelist": ["CVE-2013-2234", "CVE-2013-4162", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-4163", "CVE-2013-2140", "CVE-2012-5375", "CVE-2012-5374"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1944-1\r\nSeptember 06, 2013\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nA denial of service flaw was discovered in the Btrfs file system in the\r\nLinux kernel. A local user could cause a denial of service by creating a\r\nlarge number of files with names that have the same CRC32 hash value.\r\n(CVE-2012-5374)\r\n\r\nA denial of service flaw was discovered in the Btrfs file system in the\r\nLinux kernel. A local user could cause a denial of service (prevent file\r\ncreation) for a victim, by creating a file with a specific CRC32C hash\r\nvalue in a directory important to the victim. (CVE-2012-5375)\r\n\r\nVasily Kulikov discovered a flaw in the Linux Kernel's perf tool that\r\nallows for privilege escalation. A local user could exploit this flaw to\r\nrun commands as root when using the perf tool. (CVE-2013-1060)\r\n\r\nA flaw was discovered in the Xen subsystem of the Linux kernel when it\r\nprovides read-only access to a disk that supports TRIM or SCSI UNMAP to a\r\nguest OS. A privileged user in the guest OS could exploit this flaw to\r\ndestroy data on the disk, even though the guest OS should not be able to\r\nwrite to the disk. (CVE-2013-2140)\r\n\r\nA flaw was discovered in the Linux kernel when an IPv6 socket is used to\r\nconnect to an IPv4 destination. An unprivileged local user could exploit\r\nthis flaw to cause a denial of service (system crash). (CVE-2013-2232)\r\n\r\nAn information leak was discovered in the IPSec key_socket implementation\r\nin the Linux kernel. An local user could exploit this flaw to examine\r\npotentially sensitive information in kernel memory. (CVE-2013-2234)\r\n\r\nHannes Frederic Sowa discovered a flaw in setsockopt UDP_CORK option in the\r\nLinux kernel's IPv6 stack. A local user could exploit this flaw to cause a\r\ndenial of service (system crash). (CVE-2013-4162)\r\n\r\nHannes Frederic Sowa discovered a flaw in the IPv6 subsystem of the Linux\r\nkernel when the IPV6_MTU setsockopt option has been specified in\r\ncombination with the UDP_CORK option. A local user could exploit this flaw\r\nto cause a denial of service (system crash). (CVE-2013-4163)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.10:\r\n linux-image-3.5.0-40-generic 3.5.0-40.62\r\n linux-image-3.5.0-40-highbank 3.5.0-40.62\r\n linux-image-3.5.0-40-omap 3.5.0-40.62\r\n linux-image-3.5.0-40-powerpc-smp 3.5.0-40.62\r\n linux-image-3.5.0-40-powerpc64-smp 3.5.0-40.62\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\r\nlinux-server, linux-powerpc), a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1944-1\r\n CVE-2012-5374, CVE-2012-5375, CVE-2013-1060, CVE-2013-2140,\r\n CVE-2013-2232, CVE-2013-2234, CVE-2013-4162, CVE-2013-4163\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.5.0-40.62\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2013-09-09T00:00:00", "published": "2013-09-09T00:00:00", "id": "SECURITYVULNS:DOC:29790", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29790", "title": "[USN-1944-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:52", "bulletinFamily": "software", "cvelist": ["CVE-2013-2234", "CVE-2013-2896", "CVE-2013-2206", "CVE-2013-2898", "CVE-2013-1819", "CVE-2013-1943", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-4162", "CVE-2013-1059", "CVE-2013-4300", "CVE-2013-1060", "CVE-2013-2232", "CVE-2013-2851", "CVE-2013-4163", "CVE-2013-2899", "CVE-2013-2140", "CVE-2013-4205", "CVE-2012-5375", "CVE-2013-0343", "CVE-2013-2888", "CVE-2013-2164", "CVE-2012-5374"], "description": "Privilege escalations, information leakages, DoS conditions.", "edition": 1, "modified": "2013-10-28T00:00:00", "published": "2013-10-28T00:00:00", "id": "SECURITYVULNS:VULN:13265", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13265", "title": "Linux kernel mulriple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:31:29", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206"], "description": "The SUSE Linux Enterprise 11 Service Pack 3 RealTime\n Extension kernel was updated to version 3.0.101 to fix\n various bugs and security issues.\n\n The following features have been added:\n\n * Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n * Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n * Drivers: hv: Move vmbus version definitions to\n hyperv.h (FATE#314665).\n\n The following security issue has been fixed:\n\n * CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function\n in net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of service\n (NULL pointer dereference and system crash) or possibly\n have unspecified other impact via crafted SCTP traffic.\n (bnc#826102)\n\n The following non-security bugs have been fixed:\n\n * kernel: sclp console hangs (bnc#841498, LTC#95711).\n * kernel: allow program interruption filtering in user\n space (bnc#837596, LTC#97332).\n * Audit: do not print error when LSMs disabled\n (bnc#842057).\n * i2c: ismt: initialize DMA buffer (bnc#843753).\n * powerpc/irq: Run softirqs off the top of the irq\n stack (bnc#847319).\n * softirq: reduce latencies (bnc#797526).\n * softirq: Fix lockup related to stop_machine being\n stuck in __do_softirq (bnc#797526).\n * thp: reduce khugepaged freezing latency (khugepaged\n blocking suspend-to-ram (bnc#825291)).\n * X.509: Remove certificate date checks (bnc#841656).\n * splice: fix racy pipe->buffers uses (bnc#827246).\n * blktrace: fix race with open trace files and\n directory removal (bnc#832292).\n * writeback: Do not sync data dirtied after sync start\n (bnc#833820).\n * elousb: some systems cannot stomach work around\n (bnc#840830).\n * bounce: allow use of bounce pool via config option\n (Bounce memory pool initialisation (bnc#836347)).\n * block: initialize the bounce pool if high memory may\n be added later (Bounce memory pool initialization\n (bnc#836347)).\n * config/debug: Enable FSCACHE_DEBUG and\n CACHEFILES_DEBUG (bnc#837372).\n * xhci: Fix spurious wakeups after S5 on Haswell\n (bnc#833097).\n * cio: add message for timeouts on internal I/O\n (bnc#837741,LTC#97048).\n * elousb: some systems cannot stomach work around\n (bnc#830985).\n * s390/cio: handle unknown pgroup state\n (bnc#837741,LTC#97048).\n * s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).\n * s390/cio: skip broken paths (bnc#837741,LTC#97048).\n * s390/cio: dont abort verification after missing irq\n (bnc#837741,LTC#97048).\n * bio-integrity: track owner of integrity payload\n (bnc#831380).\n * iommu/vt-d: add quirk for broken interrupt remapping\n on 55XX chipsets (bnc#844513).\n * x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset (bnc#844513).\n * iommu/vt-d: Only warn about broken interrupt\n remapping (bnc#844513).\n * iommu: Remove stack trace from broken irq remapping\n warning (bnc#844513).\n * intel-iommu: Fix leaks in pagetable freeing\n (bnc#841402).\n * mm: Do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times (bnc#821259)).\n * mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n * mm, memcg: move all oom handling to memcontrol.c.\n * mm, oom: avoid looping when chosen thread detaches\n its mm.\n * mm, oom: fold oom_kill_task() into oom_kill_process().\n * mm, oom: introduce helper function to process threads\n during scan.\n * mm, oom: reduce dependency on tasklist_lock. (Reduce\n tasklist_lock hold times (bnc#821259).\n * mm: vmscan: Do not continue scanning if reclaim was\n aborted for compaction (Limit reclaim in the preserve of IO\n (bnc#754690)).\n * mm: vmscan: take page buffers dirty and locked state\n into account (Limit reclaim in the preserve of IO\n (bnc#754690)).\n * mm: vmscan: treat pages marked for immediate reclaim\n as zone congestion (Limit reclaim in the preserve of IO\n (bnc#754690)).\n * mm: vmscan: move direct reclaim wait_iff_congested\n into shrink_list (Limit reclaim in the preserve of IO\n (bnc#754690)).\n * mm: vmscan: set zone flags before blocking (Limit\n reclaim in the preserve of IO (bnc#754690)).\n * mm: vmscan: stall page reclaim after a list of pages\n have been processed (Limit reclaim in the preserve of IO\n (bnc#754690)).\n * mm: vmscan: stall page reclaim and writeback pages\n based on dirty/writepage pages encountered (Limit reclaim\n in the reserve of IO (bnc#754690)).\n * mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP\n areas (bnc#822942).\n * Update EC2 config files (STRICT_DEVMEM off,\n bnc#843732).\n * Fixed Xen guest freezes (bnc#829682, bnc#842063).\n * rcu: Do not trigger false positive RCU stall\n detection (bnc#834204).\n * libata: Set proper SK when CK_COND is set\n (bnc#833588).\n * libata: Set proper Sense Key for Check Condition\n (bnc#833588).\n * lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt (bnc#763463).\n * md: Throttle number of pending write requests in\n md/raid10 (bnc#833858).\n * dm: ignore merge_bvec for snapshots when safe\n (bnc#820848).\n * fs: do_add_mount()/umount -l races (bnc#836801).\n * SUNRPC: close a rare race in xs_tcp_setup_socket\n (bnc#794824).\n * NFS: make nfs_flush_incompatible more generous\n (bnc#816099).\n * NFS: don't try to use lock state when we hold a\n delegation (bnc#831029).\n * NFS: nfs_lookup_revalidate(): fix a leak (bnc#828894).\n * cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields\n (bnc#804950).\n * xfs: growfs: use uncached buffers for new headers\n (bnc#842604).\n * xfs: avoid double-free in xfs_attr_node_addname.\n * xfs: Check the return value of xfs_buf_get()\n (bnc#842604).\n * cifs: revalidate directories instiantiated via FIND_*\n in order to handle DFS referrals (bnc#831143).\n * cifs: don't instantiate new dentries in readdir for\n inodes that need to be revalidated immediately (bnc#831143).\n * cifs: rename cifs_readdir_lookup to cifs_prime_dcache\n and make it void return (bnc#831143).\n * cifs: get rid of blind d_drop() in readdir\n (bnc#831143).\n * cifs: cleanup cifs_filldir (bnc#831143).\n * cifs: on send failure, readjust server sequence\n number downward (bnc#827966).\n * cifs: adjust sequence number downward after signing\n NT_CANCEL request (bnc#827966).\n * cifs: on send failure, readjust server sequence\n number downward (bnc#827966).\n * cifs: adjust sequence number downward after signing\n NT_CANCEL request (bnc#827966).\n * reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list (bnc#837803).\n * reiserfs: remove useless flush_old_journal_lists.\n * mvsas: add support for 9480 device id (bnc#843950).\n * drm/i915: Disable GGTT PTEs on GEN6+ suspend\n (bnc#800875).\n * drm/i915/hsw: Disable L3 caching of atomic memory\n operations (bnc#800875).\n * r8169: fix argument in rtl_hw_init_8168g\n (bnc#845352,bnc#842820).\n * r8169: support RTL8168G (bnc#845352,bnc#842820).\n * r8169: abstract out loop conditions\n (bnc#845352,bnc#842820).\n * r8169: mdio_ops signature change\n (bnc#845352,bnc#842820).\n * megaraid_sas: Disable controller reset for ppc\n (bnc#841050).\n * scsi_dh_alua: simplify alua_check_sense()\n (bnc#843642).\n * scsi_dh_alua: Fix missing close brace in\n alua_check_sense (bnc#843642).\n * scsi_dh_alua: retry command on 'mode parameter\n changed' sense code (bnc#843645).\n * scsi_dh_alua: invalid state information for\n 'optimized' paths (bnc#843445).\n * scsi_dh_alua: reattaching device handler fails with\n 'Error 15' (bnc#843429).\n * iscsi: don't hang in endless loop if no targets\n present (bnc#841094).\n * scsi_dh_alua: Allow get_alua_data() to return NULL\n (bnc#839407).\n * quirks: add touchscreen that is dazzeled by remote\n wakeup (bnc#835930).\n * bnx2x: Change to D3hot only on removal (bnc#838448).\n * tty/hvc_iucv: Disconnect IUCV connection when\n lowering DTR (bnc#839973,LTC#97595).\n * tty/hvc_console: Add DTR/RTS callback to handle HUPCL\n control (bnc#839973,LTC#97595).\n * series.conf: disable XHCI ring expansion patches\n because on machines with large memory they cause a\n starvation problem (bnc#833635)\n * Drivers: hv: util: Fix a bug in version negotiation\n code for util services (bnc#828714).\n * Drivers: hv: util: Correctly support ws2008R2 and\n earlier (bnc#838346).\n * Drivers: hv: vmbus: Do not attempt to negoatiate a\n new version prematurely.\n * Drivers: hv: util: Correctly support ws2008R2 and\n earlier (bnc#838346).\n * Drivers: hv: vmbus: Terminate vmbus version\n negotiation on timeout.\n * Drivers: hv: util: Fix a bug in version negotiation\n code for util services (bnc#828714).\n * Drivers: hv: balloon: Initialize the transaction ID\n just before sending the packet.\n * Drivers: hv: remove HV_DRV_VERSION.\n * Drivers: hv: vmbus: Fix a bug in the handling of\n channel offers.\n * Drivers: hv: util: Fix a bug in util version\n negotiation code (bnc#838346).\n * mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in\n mlx4_ib_create_qp() (bnc#822433).\n * drm/i915: disable sound first on intel_disable_ddi\n (bnc#833151).\n * ALSA: hda - Re-setup HDMI pin and audio infoframe on\n stream switches (bnc#833151).\n * drm/i915: HDMI/DP - ELD info refresh support for\n Haswell (bnc#833151).\n * drm/cirrus: This is a cirrus version of Egbert Eich's\n patch for mgag200 (bnc#808079).\n * vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev (bnc#833321).\n * net/mlx4_en: Fix BlueFlame race (bnc#835684).\n * be2net: Check for POST state in suspend-resume\n sequence (bnc#835189).\n * be2net: bug fix on returning an invalid nic\n descriptor (bnc#835189).\n * be2net: provision VF resources before enabling SR-IOV\n (bnc#835189).\n * be2net: Fix firmware download for Lancer (bnc#835189).\n * be2net: Fix to use version 2 of cq_create for\n SkyHawk-R devices (bnc#835189).\n * be2net: Use GET_FUNCTION_CONFIG V1 cmd (bnc#835189).\n * be2net: Avoid flashing BE3 UFI on BE3-R chip\n (bnc#835189).\n * be2net: Use TXQ_CREATE_V2 cmd (bnc#835189).\n * ipv6: don't call fib6_run_gc() until routing is ready\n (bnc#836218).\n * ipv6: prevent fib6_run_gc() contention (bnc#797526).\n * ipv6: update ip6_rt_last_gc every time GC is run\n (bnc#797526).\n * netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853\n bugzilla.netfilter.org:714).\n * netfilter: prevent race condition breaking net\n reference counting (bnc#835094).\n * sctp: deal with multiple COOKIE_ECHO chunks\n (bnc#826102).\n * net: remove skb_orphan_try() (bnc#834600).\n * bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()\n (bnc#834905).\n * tools: hv: Improve error logging in VSS daemon.\n * tools: hv: Check return value of poll call.\n * tools: hv: Check return value of setsockopt call.\n * Tools: hv: fix send/recv buffer allocation.\n * Tools: hv: check return value of daemon to fix\n compiler warning.\n * Tools: hv: in kvp_set_ip_info free mac_addr right\n after usage.\n * Tools: hv: check return value of system in\n hv_kvp_daemon.\n * Tools: hv: correct payload size in netlink_send.\n * Tools: hv: use full nlmsghdr in netlink_send.\n * rpm/old-flavors, rpm/mkspec: Add version information\n to obsolete flavors (bnc#821465).\n * rpm/kernel-binary.spec.in: Move the xenpae obsolete\n to the old-flavors file.\n * rpm/old-flavors: Convert the old-packages.conf file\n to a flat list.\n * rpm/old-packages.conf: Drop bogus obsoletes for "smp"\n (bnc#821465).\n * rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned (bnc#821465).\n * rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. (bnc#821465).\n * sched/workqueue: Only wake up idle workers if not\n blocked on sleeping spin lock.\n * genirq: Set irq thread to RT priority on creation.\n * timers: prepare for full preemption improve.\n * kernel/cpu: fix cpu down problem if kthread's cpu is\n going down.\n * kernel/hotplug: restore original cpu mask oncpu/down.\n * drm/i915: drop trace_i915_gem_ring_dispatch on rt.\n * rt,ntp: Move call to schedule_delayed_work() to\n helper thread.\n * hwlat-detector: Update hwlat_detector to add outer\n loop detection.\n * hwlat-detect/trace: Export trace_clock_local for\n hwlat-detector.\n * hwlat-detector: Use trace_clock_local if available.\n * hwlat-detector: Use thread instead of stop machine.\n * genirq: do not invoke the affinity callback via a\n workqueue.\n * Btrfs: fix negative qgroup tracking from owner\n accounting (bnc#821948).\n * Btrfs: add missing error checks to\n add_data_references.\n * Btrfs: change how we queue blocks for backref\n checking.\n * Btrfs: add missing error handling to read_tree_block.\n * Btrfs: handle errors when doing slow caching.\n * Btrfs: fix inode leak on kmalloc failure in\n tree-log.c.\n * Btrfs: don't ignore errors from\n btrfs_run_delayed_items.\n * Btrfs: fix oops when writing dirty qgroups to disk.\n * Btrfs: do not clear our orphan item runtime flag on\n eexist.\n * Btrfs: remove ourselves from the cluster list under\n lock.\n * Btrfs: remove unnecessary ->s_umount in\n cleaner_kthread().\n * Btrfs: make the cleaner complete early when the fs is\n going to be umounted.\n * Btrfs: move the R/O check out of\n btrfs_clean_one_deleted_snapshot().\n * Btrfs: make the snap/subv deletion end more early\n when the fs is R/O.\n * Btrfs: optimize key searches in btrfs_search_slot.\n * Btrfs: fix printing of non NULL terminated string.\n * Btrfs: fix memory leak of orphan block rsv.\n * Btrfs: don't miss inode ref items in\n BTRFS_IOC_INO_LOOKUP.\n * Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP\n handler.\n * Btrfs: fix the error handling wrt orphan items.\n * Btrfs: don't allow a subvol to be deleted if it is\n the default subovl.\n * Btrfs: return ENOSPC when target space is full.\n * Btrfs: don't bug_on when we fail when cleaning up\n transactions.\n * Btrfs: add missing mounting options in\n btrfs_show_options().\n * Btrfs: use u64 for subvolid when parsing mount\n options.\n * Btrfs: add sanity checks regarding to parsing mount\n options.\n * Btrfs: cleanup reloc roots properly on error.\n * Btrfs: reset ret in record_one_backref.\n * Btrfs: fix get set label blocking against balance.\n * Btrfs: fall back to global reservation when removing\n subvolumes.\n * Btrfs: Release uuid_mutex for shrink during device\n delete.\n * Btrfs: update fixups from 3.11\n * Btrfs: add ioctl to wait for qgroup rescan completion.\n * Btrfs: remove useless copy in quota_ctl.\n * Btrfs: do delay iput in sync_fs.\n * Btrfs: fix estale with btrfs send.\n * Btrfs: return error code in\n btrfs_check_trunc_cache_free_space().\n * Btrfs: dont do log_removal in insert_new_root.\n * Btrfs: check if leaf's parent exists before pushing\n items around.\n * Btrfs: allow file data clone within a file.\n * Btrfs: simplify unlink reservations.\n * Btrfs: fix qgroup rescan resume on mount.\n * Btrfs: do not pin while under spin lock.\n * Btrfs: add some missing iput()'s in\n btrfs_orphan_cleanup.\n * Btrfs: put our inode if orphan cleanup fails.\n * Btrfs: exclude logged extents before replying when we\n are mixed.\n * Btrfs: fix broken nocow after balance.\n * Btrfs: wake up delayed ref flushing waiters on abort.\n * Btrfs: stop waiting on current trans if we aborted.\n * Btrfs: fix transaction throttling for delayed refs.\n * Btrfs: free csums when we're done scrubbing an extent.\n * Btrfs: unlock extent range on enospc in compressed\n submit.\n * Btrfs: stop using try_to_writeback_inodes_sb_nr to\n flush delalloc.\n * Btrfs: check if we can nocow if we don't have data\n space.\n * Btrfs: cleanup orphaned root orphan item.\n * Btrfs: hold the tree mod lock in\n __tree_mod_log_rewind.\n * Btrfs: only do the tree_mod_log_free_eb if this is\n our last ref.\n * Btrfs: wait ordered range before doing direct io.\n * Btrfs: update drop progress before stopping snapshot\n dropping.\n * Btrfs: fix lock leak when resuming snapshot deletion.\n * Btrfs: re-add root to dead root list if we stop\n dropping it.\n * Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is\n specified.\n * Btrfs: fix a bug of snapshot-aware defrag to make it\n work on partial extents.\n * Btrfs: fix extent buffer leak after backref walking.\n * Btrfs: do not offset physical if we're compressed.\n * Btrfs: fix backref walking when we hit a compressed\n extent.\n * Btrfs: make sure the backref walker catches all refs\n to our extent.\n * Btrfs: release both paths before logging dir/changed\n extents.\n * Btrfs: add btrfs_fs_incompat helper.\n * Btrfs: merge save_error_info helpers into one.\n * Btrfs: clean up transaction abort messages.\n * Btrfs: cleanup unused arguments of btrfs_csum_data.\n * Btrfs: use helper to cleanup tree roots.\n * Btrfs: share stop worker code.\n * Btrfs: Cleanup some redundant codes in\n btrfs_lookup_csums_range().\n * Btrfs: clean snapshots one by one.\n * Btrfs: deprecate subvolrootid mount option.\n * Btrfs: make orphan cleanup less verbose.\n * Btrfs: cover more error codes in btrfs_decode_error.\n * Btrfs: make subvol creation/deletion killable in the\n early stages.\n * Btrfs: fix a warning when disabling quota.\n * Btrfs: fix infinite loop when we abort on mount.\n * Btrfs: compare relevant parts of delayed tree refs.\n * Btrfs: kill some BUG_ONs() in the find_parent_nodes().\n * Btrfs: fix double free in the iterate_extent_inodes().\n * Btrfs: fix error handling in make/read block group.\n * Btrfs: don't wait on ordered extents if we have a\n trans open.\n * Btrfs: log ram bytes properly.\n * Btrfs: fix bad extent logging.\n * Btrfs: improve the performance of the csums lookup.\n * Btrfs: ignore device open failures in\n __btrfs_open_devices.\n * Btrfs: abort unlink trans in missed error case.\n * Btrfs: creating the subvolume qgroup automatically\n when enabling quota.\n * Btrfs: introduce a mutex lock for btrfs quota\n operations.\n * Btrfs: remove some unnecessary spin_lock usages.\n * Btrfs: fix missing check before creating a qgroup\n relation.\n * Btrfs: fix missing check in the\n btrfs_qgroup_inherit().\n * Btrfs: fix a warning when updating qgroup limit.\n * Btrfs: use tree_root to avoid edquot when disabling\n quota.\n * Btrfs: remove some BUG_ONs() when walking backref\n tree.\n * Btrfs: make __merge_refs() return type be void.\n * Btrfs: add a rb_tree to improve performance of ulist\n search.\n * Btrfs: fix unblocked autodefraggers when remount.\n * Btrfs: fix tree mod log regression on root split\n operations.\n * Btrfs: fix accessing the root pointer in tree mod log\n functions.\n * Btrfs: fix unlock after free on rewinded tree blocks.\n * Btrfs: do not continue if out of memory happens.\n * Btrfs: fix confusing edquot happening case.\n * Btrfs: remove unused argument of fixup_low_keys().\n * Btrfs: fix reada debug code compilation.\n * Btrfs: return error when we specify wrong start to\n defrag.\n * Btrfs: don't force pages under writeback to finish\n when aborting.\n * Btrfs: clear received_uuid field for new writable\n snapshots.\n * Btrfs: fix missing check about ulist_add() in\n qgroup.c.\n * Btrfs: add all ioctl checks before user change for\n quota operations.\n * Btrfs: fix lockdep warning.\n * Btrfs: fix possible infinite loop in slow caching.\n * Btrfs: use REQ_META for all metadata IO.\n * Btrfs: deal with bad mappings in btrfs_map_block.\n * Btrfs: don't call readahead hook until we have read\n the entire eb.\n * Btrfs: don't BUG_ON() in btrfs_num_copies.\n * Btrfs: don't try and free ebs twice in log replay.\n * Btrfs: add tree block level sanity check.\n * Btrfs: only exclude supers in the range of our block\n group.\n * Btrfs: fix all callers of read_tree_block.\n * Btrfs: fix extent logging with O_DIRECT into prealloc.\n * Btrfs: cleanup fs roots if we fail to mount.\n * Btrfs: don't panic if we're trying to drop too many\n refs.\n * Btrfs: check return value of commit when recovering\n log.\n * Btrfs: cleanup destroy_marked_extents.\n * Btrfs: various abort cleanups.\n * Btrfs: fix error handling in btrfs_ioctl_send().\n * Btrfs: set UUID in root_item for created trees.\n * Btrfs: return free space in cow error path.\n * Btrfs: separate sequence numbers for delayed ref\n tracking and tree mod log.\n * Btrfs: allocate new chunks if the space is not enough\n for global rsv.\n * Btrfs: split btrfs_qgroup_account_ref into four\n functions (FATE#312751).\n * Btrfs: rescan for qgroups (FATE#312751).\n * Btrfs: automatic rescan after "quota enable" command\n (FATE#312751).\n * Btrfs: deal with free space cache errors while\n replaying log.\n * Btrfs: remove almost all of the BUG()'s from\n tree-log.c.\n * Btrfs: deal with errors in write_dev_supers.\n * Btrfs: make static code static & remove dead code.\n * Btrfs: handle errors returned from get_tree_block_key.\n * Btrfs: remove unused gfp mask parameter from\n release_extent_buffer callchain.\n * Btrfs: read entire device info under lock.\n * Btrfs: improve the loop of scrub_stripe.\n * Btrfs: use unsigned long type for extent state bits.\n * Btrfs: enhance superblock checks.\n * Btrfs: allow superblock mismatch from older mkfs.\n * Btrfs: annotate quota tree for lockdep.\n * Btrfs: fix off-by-one in fiemap.\n * Btrfs: don't stop searching after encountering the\n wrong item.\n * Btrfs: don't null pointer deref on abort.\n * Btrfs: remove warn on in free space cache writeout.\n * Btrfs: fix possible memory leak in the\n find_parent_nodes().\n * Btrfs: fix possible memory leak in replace_path().\n * Btrfs: don't abort the current transaction if there\n is no enough space for inode cache.\n * Btrfs: don't use global block reservation for inode\n cache truncation.\n * Btrfs: optimize the error handle of use_block_rsv().\n * Btrfs: don't steal the reserved space from the global\n reserve if their space type is different.\n * Btrfs: update the global reserve if it is empty.\n * Btrfs: return errno if possible when we fail to\n allocate memory.\n * Btrfs: fix accessing a freed tree root.\n * Btrfs: fix unprotected root node of the subvolume's\n inode rb-tree.\n * Btrfs: pause the space balance when remounting to R/O.\n * Btrfs: remove BUG_ON() in\n btrfs_read_fs_tree_no_radix().\n * Btrfs: don't invoke btrfs_invalidate_inodes() in the\n spin lock context.\n * Btrfs: do away with non-whole_page extent I/O.\n * Btrfs: explicitly use global_block_rsv for quota_tree.\n * Btrfs: make sure roots are assigned before freeing\n their nodes.\n * Btrfs: don't delete fs_roots until after we cleanup\n the transaction.\n * Btrfs: Drop inode if inode root is NULL.\n * Btrfs: init relocate extent_io_tree with a mapping.\n * Btrfs: fix use-after-free bug during umount.\n * Btrfs: stop all workers before cleaning up roots.\n * Btrfs: add log message stubs.\n\n Security Issues:\n\n * CVE-2013-2206\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206</a>\n >\n", "edition": 1, "modified": "2013-11-22T08:04:29", "published": "2013-11-22T08:04:29", "id": "SUSE-SU-2013:1750-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00024.html", "title": "Security update for Real Time Linux Kernel (important)", "type": "suse", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:40:21", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206"], "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was\n updated to version 3.0.101 and also includes various other\n bug and security fixes.\n\n The following features have been added:\n\n * Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n * Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n * Drivers: hv: Move vmbus version definitions to\n hyperv.h (FATE#314665).\n\n The following security issue has been fixed:\n\n * CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function\n in net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of service\n (NULL pointer dereference and system crash) or possibly\n have unspecified other impact via crafted SCTP traffic.\n (bnc#826102)\n\n The following non-security bugs have been fixed:\n\n * mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n * mm, memcg: move all oom handling to memcontrol.c.\n * mm, oom: avoid looping when chosen thread detaches\n its mm.\n * mm, oom: fold oom_kill_task() into oom_kill_process().\n * mm, oom: introduce helper function to process threads\n during scan.\n * mm, oom: reduce dependency on tasklist_lock (Reduce\n tasklist_lock hold times) (bnc#821259).\n * mm: do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times) (bnc#821259).\n * iommu/vt-d: add quirk for broken interrupt remapping\n on 55XX chipsets (bnc#844513).\n * x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset (bnc#844513).\n * iommu/vt-d: Only warn about broken interrupt\n remapping (bnc#844513).\n * iommu: Remove stack trace from broken irq remapping\n warning (bnc#844513).\n * intel-iommu: Fix leaks in pagetable freeing\n (bnc#841402).\n * Revert aer_recover_queue() __GENKSYMS__ hack, add a\n fake symset with the previous value instead (bnc#847721).\n * i2c: ismt: initialize DMA buffer (bnc#843753).\n * powerpc/irq: Run softirqs off the top of the irq\n stack (bnc#847319).\n * quirks: add touchscreen that is dazzeled by remote\n wakeup (bnc#835930).\n * kernel: sclp console hangs (bnc#841498, LTC#95711).\n * tty/hvc_iucv: Disconnect IUCV connection when\n lowering DTR (bnc#839973,LTC#97595).\n * tty/hvc_console: Add DTR/RTS callback to handle HUPCL\n control (bnc#839973,LTC#97595).\n * softirq: reduce latencies (bnc#797526).\n * X.509: Remove certificate date checks (bnc#841656).\n * config/debug: Enable FSCACHE_DEBUG and\n CACHEFILES_DEBUG (bnc#837372).\n * splice: fix racy pipe->buffers uses (bnc#827246).\n * blktrace: fix race with open trace files and\n directory removal (bnc#832292).\n * rcu: Do not trigger false positive RCU stall\n detection (bnc#834204).\n * kernel: allow program interruption filtering in user\n space (bnc#837596, LTC#97332).\n * Audit: do not print error when LSMs disabled\n (bnc#842057).\n * SUNRPC: close a rare race in xs_tcp_setup_socket\n (bnc#794824).\n * Btrfs: fix negative qgroup tracking from owner\n accounting (bnc#821948).\n * cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields\n (bnc#804950).\n * NFS: make nfs_flush_incompatible more generous\n (bnc#816099).\n * xfs: growfs: use uncached buffers for new headers\n (bnc#842604).\n * NFS: do not try to use lock state when we hold a\n delegation (bnc#831029).\n * NFS: nfs_lookup_revalidate(): fix a leak (bnc#828894).\n * fs: do_add_mount()/umount -l races (bnc#836801).\n * xfs: avoid double-free in xfs_attr_node_addname.\n * xfs: Check the return value of xfs_buf_get()\n (bnc#842604).\n * iscsi: do not hang in endless loop if no targets\n present (bnc#841094).\n * scsi_dh_alua: Allow get_alua_data() to return NULL\n (bnc#839407).\n * cifs: revalidate directories instiantiated via FIND_\n in order to handle DFS referrals (bnc#831143).\n * cifs: do not instantiate new dentries in readdir for\n inodes that need to be revalidated immediately (bnc#831143).\n * cifs: rename cifs_readdir_lookup to cifs_prime_dcache\n and make it void return (bnc#831143).\n * cifs: get rid of blind d_drop() in readdir\n (bnc#831143).\n * cifs: cleanup cifs_filldir (bnc#831143).\n * cifs: on send failure, readjust server sequence\n number downward (bnc#827966).\n * cifs: adjust sequence number downward after signing\n NT_CANCEL request (bnc#827966).\n * cifs: on send failure, readjust server sequence\n number downward (bnc#827966).\n * cifs: adjust sequence number downward after signing\n NT_CANCEL request (bnc#827966).\n * reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list (bnc#837803).\n * reiserfs: remove useless flush_old_journal_lists.\n * lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt (bnc#763463).\n * md: Throttle number of pending write requests in\n md/raid10 (bnc#833858).\n * dm: ignore merge_bvec for snapshots when safe\n (bnc#820848).\n * ata: Set proper SK when CK_COND is set (bnc#833588).\n * Btrfs: abort unlink trans in missed error case.\n * Btrfs: add all ioctl checks before user change for\n quota operations.\n * Btrfs: add a rb_tree to improve performance of ulist\n search.\n * Btrfs: add btrfs_fs_incompat helper.\n * Btrfs: add ioctl to wait for qgroup rescan completion.\n * Btrfs: add log message stubs.\n * Btrfs: add missing error checks to\n add_data_references.\n * Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP\n handler.\n * Btrfs: add missing error handling to read_tree_block.\n * Btrfs: add missing mounting options in\n btrfs_show_options().\n * Btrfs: add sanity checks regarding to parsing mount\n options.\n * Btrfs: add some missing iput()s in\n btrfs_orphan_cleanup.\n * Btrfs: add tree block level sanity check.\n * Btrfs: allocate new chunks if the space is not enough\n for global rsv.\n * Btrfs: allow file data clone within a file.\n * Btrfs: allow superblock mismatch from older mkfs.\n * Btrfs: annotate quota tree for lockdep.\n * Btrfs: automatic rescan after "quota enable" command\n (FATE#312751).\n * Btrfs: change how we queue blocks for backref\n checking.\n * Btrfs: check if leafs parent exists before pushing\n items around.\n * Btrfs: check if we can nocow if we do not have data\n space.\n * Btrfs: check return value of commit when recovering\n log.\n * Btrfs: clean snapshots one by one.\n * Btrfs: cleanup destroy_marked_extents.\n * Btrfs: cleanup fs roots if we fail to mount.\n * Btrfs: cleanup orphaned root orphan item.\n * Btrfs: cleanup reloc roots properly on error.\n * Btrfs: Cleanup some redundant codes in\n btrfs_lookup_csums_range().\n * Btrfs: clean up transaction abort messages.\n * Btrfs: cleanup unused arguments of btrfs_csum_data.\n * Btrfs: clear received_uuid field for new writable\n snapshots.\n * Btrfs: compare relevant parts of delayed tree refs.\n * Btrfs: cover more error codes in btrfs_decode_error.\n * Btrfs: creating the subvolume qgroup automatically\n when enabling quota.\n * Btrfs: deal with bad mappings in btrfs_map_block.\n * Btrfs: deal with errors in write_dev_supers.\n * Btrfs: deal with free space cache errors while\n replaying log.\n * Btrfs: deprecate subvolrootid mount option.\n * Btrfs: do away with non-whole_page extent I/O.\n * Btrfs: do delay iput in sync_fs.\n * Btrfs: do not clear our orphan item runtime flag on\n eexist.\n * Btrfs: do not continue if out of memory happens.\n * Btrfs: do not offset physical if we are compressed.\n * Btrfs: do not pin while under spin lock.\n * Btrfs: do not abort the current transaction if there\n is no enough space for inode cache.\n * Btrfs: do not allow a subvol to be deleted if it is\n the default subovl.\n * Btrfs: do not BUG_ON() in btrfs_num_copies.\n * Btrfs: do not bug_on when we fail when cleaning up\n transactions.\n * Btrfs: do not call readahead hook until we have read\n the entire eb.\n * Btrfs: do not delete fs_roots until after we cleanup\n the transaction.\n * Btrfs: dont do log_removal in insert_new_root.\n * Btrfs: do not force pages under writeback to finish\n when aborting.\n * Btrfs: do not ignore errors from\n btrfs_run_delayed_items.\n * Btrfs: do not invoke btrfs_invalidate_inodes() in the\n spin lock context.\n * Btrfs: do not miss inode ref items in\n BTRFS_IOC_INO_LOOKUP.\n * Btrfs: do not null pointer deref on abort.\n * Btrfs: do not panic if we are trying to drop too many\n refs.\n * Btrfs: do not steal the reserved space from the\n global reserve if their space type is different.\n * Btrfs: do not stop searching after encountering the\n wrong item.\n * Btrfs: do not try and free ebs twice in log replay.\n * Btrfs: do not use global block reservation for inode\n cache truncation.\n * Btrfs: do not wait on ordered extents if we have a\n trans open.\n * Btrfs: Drop inode if inode root is NULL.\n * Btrfs: enhance superblock checks.\n * Btrfs: exclude logged extents before replying when we\n are mixed.\n * Btrfs: explicitly use global_block_rsv for quota_tree.\n * Btrfs: fall back to global reservation when removing\n subvolumes.\n * Btrfs: fix a bug of snapshot-aware defrag to make it\n work on partial extents.\n * Btrfs: fix accessing a freed tree root.\n * Btrfs: fix accessing the root pointer in tree mod log\n functions.\n * Btrfs: fix all callers of read_tree_block.\n * Btrfs: fix a warning when disabling quota.\n * Btrfs: fix a warning when updating qgroup limit.\n * Btrfs: fix backref walking when we hit a compressed\n extent.\n * Btrfs: fix bad extent logging.\n * Btrfs: fix broken nocow after balance.\n * Btrfs: fix confusing edquot happening case.\n * Btrfs: fix double free in the iterate_extent_inodes().\n * Btrfs: fix error handling in btrfs_ioctl_send().\n * Btrfs: fix error handling in make/read block group.\n * Btrfs: fix estale with btrfs send.\n * Btrfs: fix extent buffer leak after backref walking.\n * Btrfs: fix extent logging with O_DIRECT into prealloc.\n * Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is\n specified.\n * Btrfs: fix get set label blocking against balance.\n * Btrfs: fix infinite loop when we abort on mount.\n * Btrfs: fix inode leak on kmalloc failure in\n tree-log.c.\n * Btrfs: fix lockdep warning.\n * Btrfs: fix lock leak when resuming snapshot deletion.\n * Btrfs: fix memory leak of orphan block rsv.\n * Btrfs: fix missing check about ulist_add() in\n qgroup.c.\n * Btrfs: fix missing check before creating a qgroup\n relation.\n * Btrfs: fix missing check in the\n btrfs_qgroup_inherit().\n * Btrfs: fix off-by-one in fiemap.\n * Btrfs: fix oops when writing dirty qgroups to disk.\n * Btrfs: fix possible infinite loop in slow caching.\n * Btrfs: fix possible memory leak in replace_path().\n * Btrfs: fix possible memory leak in the\n find_parent_nodes().\n * Btrfs: fix printing of non NULL terminated string.\n * Btrfs: fix qgroup rescan resume on mount.\n * Btrfs: fix reada debug code compilation.\n * Btrfs: fix the error handling wrt orphan items.\n * Btrfs: fix transaction throttling for delayed refs.\n * Btrfs: fix tree mod log regression on root split\n operations.\n * Btrfs: fix unblocked autodefraggers when remount.\n * Btrfs: fix unlock after free on rewinded tree blocks.\n * Btrfs: fix unprotected root node of the subvolumes\n inode rb-tree.\n * Btrfs: fix use-after-free bug during umount.\n * Btrfs: free csums when we are done scrubbing an\n extent.\n * Btrfs: handle errors returned from get_tree_block_key.\n * Btrfs: handle errors when doing slow caching.\n * Btrfs: hold the tree mod lock in\n __tree_mod_log_rewind.\n * Btrfs: ignore device open failures in\n __btrfs_open_devices.\n * Btrfs: improve the loop of scrub_stripe.\n * Btrfs: improve the performance of the csums lookup.\n * Btrfs: init relocate extent_io_tree with a mapping.\n * Btrfs: introduce a mutex lock for btrfs quota\n operations.\n * Btrfs: kill some BUG_ONs() in the find_parent_nodes().\n * Btrfs: log ram bytes properly.\n * Btrfs: make __merge_refs() return type be void.\n * Btrfs: make orphan cleanup less verbose.\n * Btrfs: make static code static & remove dead code.\n * Btrfs: make subvol creation/deletion killable in the\n early stages.\n * Btrfs: make sure roots are assigned before freeing\n their nodes.\n * Btrfs: make sure the backref walker catches all refs\n to our extent.\n * Btrfs: make the cleaner complete early when the fs is\n going to be umounted.\n * Btrfs: make the snap/subv deletion end more early\n when the fs is R/O.\n * Btrfs: merge save_error_info helpers into one.\n * Btrfs: move the R/O check out of\n btrfs_clean_one_deleted_snapshot().\n * Btrfs: only do the tree_mod_log_free_eb if this is\n our last ref.\n * Btrfs: only exclude supers in the range of our block\n group.\n * Btrfs: optimize key searches in btrfs_search_slot.\n * Btrfs: optimize the error handle of use_block_rsv().\n * Btrfs: pause the space balance when remounting to R/O.\n * Btrfs: put our inode if orphan cleanup fails.\n * Btrfs: re-add root to dead root list if we stop\n dropping it.\n * Btrfs: read entire device info under lock.\n * Btrfs: release both paths before logging dir/changed\n extents.\n * Btrfs: Release uuid_mutex for shrink during device\n delete.\n * Btrfs: remove almost all of the BUG()s from\n tree-log.c.\n * Btrfs: remove BUG_ON() in\n btrfs_read_fs_tree_no_radix().\n * Btrfs: remove ourselves from the cluster list under\n lock.\n * Btrfs: remove some BUG_ONs() when walking backref\n tree.\n * Btrfs: remove some unnecessary spin_lock usages.\n * Btrfs: remove unnecessary ->s_umount in\n cleaner_kthread().\n * Btrfs: remove unused argument of fixup_low_keys().\n * Btrfs: remove unused gfp mask parameter from\n release_extent_buffer callchain.\n * Btrfs: remove useless copy in quota_ctl.\n * Btrfs: remove warn on in free space cache writeout.\n * Btrfs: rescan for qgroups (FATE#312751).\n * Btrfs: reset ret in record_one_backref.\n * Btrfs: return ENOSPC when target space is full.\n * Btrfs: return errno if possible when we fail to\n allocate memory.\n * Btrfs: return error code in\n btrfs_check_trunc_cache_free_space().\n * Btrfs: return error when we specify wrong start to\n defrag.\n * Btrfs: return free space in cow error path.\n * Btrfs: separate sequence numbers for delayed ref\n tracking and tree mod log.\n * Btrfs: set UUID in root_item for created trees.\n * Btrfs: share stop worker code.\n * Btrfs: simplify unlink reservations.\n * Btrfs: split btrfs_qgroup_account_ref into four\n functions.\n * Btrfs: stop all workers before cleaning up roots.\n * Btrfs: stop using try_to_writeback_inodes_sb_nr to\n flush delalloc.\n * Btrfs: stop waiting on current trans if we aborted.\n * Btrfs: unlock extent range on enospc in compressed\n submit.\n * Btrfs: update drop progress before stopping snapshot\n dropping.\n * Btrfs: update fixups from 3.11\n * Btrfs: update the global reserve if it is empty.\n * Btrfs: use helper to cleanup tree roots.\n * Btrfs: use REQ_META for all metadata IO.\n * Btrfs: use tree_root to avoid edquot when disabling\n quota.\n * Btrfs: use u64 for subvolid when parsing mount\n options.\n * Btrfs: use unsigned long type for extent state bits.\n * Btrfs: various abort cleanups.\n * Btrfs: wait ordered range before doing direct io.\n * Btrfs: wake up delayed ref flushing waiters on abort.\n * net/mlx4_en: Fix BlueFlame race (bnc#835684).\n * ipv6: do not call fib6_run_gc() until routing is\n ready (bnc#836218).\n * ipv6: prevent fib6_run_gc() contention (bnc#797526).\n * ipv6: update ip6_rt_last_gc every time GC is run\n (bnc#797526).\n * netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853).\n * netfilter: prevent race condition breaking net\n reference counting (bnc#835094).\n * net: remove skb_orphan_try() (bnc#834600).\n * bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()\n (bnc#834905).\n * sctp: deal with multiple COOKIE_ECHO chunks\n (bnc#826102).\n * mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in\n mlx4_ib_create_qp() (bnc#822433).\n * drm/i915: disable sound first on intel_disable_ddi\n (bnc#833151).\n * drm/i915: HDMI/DP - ELD info refresh support for\n Haswell (bnc#833151).\n * drm/cirrus: This is a cirrus version of Egbert Eichs\n patch for mgag200 (bnc#808079).\n * drm/i915: Disable GGTT PTEs on GEN6+ suspend\n (bnc#800875).\n * drm/i915/hsw: Disable L3 caching of atomic memory\n operations (bnc#800875).\n * ALSA: hda - Re-setup HDMI pin and audio infoframe on\n stream switches (bnc#833151).\n * vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev (bnc#833321).\n * mvsas: add support for 9480 device id (bnc#843950).\n * r8169: fix argument in rtl_hw_init_8168g\n (bnc#845352,bnc#842820).\n * r8169: support RTL8168G (bnc#845352,bnc#842820).\n * r8169: abstract out loop conditions\n (bnc#845352,bnc#842820).\n * r8169: mdio_ops signature change\n (bnc#845352,bnc#842820).\n * thp: reduce khugepaged freezing latency (khugepaged\n blocking suspend-to-ram (bnc#825291)).\n * bnx2x: Change to D3hot only on removal (bnc#838448).\n * megaraid_sas: Disable controller reset for ppc\n (bnc#841050).\n * scsi_dh_alua: simplify alua_check_sense()\n (bnc#843642).\n * scsi_dh_alua: Fix missing close brace in\n alua_check_sense (bnc#843642).\n * scsi_dh_alua: retry command on "mode parameter\n changed" sense code (bnc#843645).\n * scsi_dh_alua: invalid state information for\n "optimized" paths (bnc#843445).\n * scsi_dh_alua: reattaching device handler fails with\n "Error 15" (bnc#843429).\n * Drivers: hv: util: Fix a bug in version negotiation\n code for util services (bnc#828714).\n * Drivers: hv: util: Correctly support ws2008R2 and\n earlier (bnc#838346).\n * Drivers: hv: vmbus: Do not attempt to negoatiate a\n new version prematurely.\n * Drivers: hv: util: Correctly support ws2008R2 and\n earlier (bnc#838346).\n * Drivers: hv: vmbus: Terminate vmbus version\n negotiation on timeout.\n * Drivers: hv: vmbus: Fix a bug in the handling of\n channel offers.\n * Drivers: hv: util: Fix a bug in version negotiation\n code for util services (bnc#828714).\n * Drivers: hv: balloon: Initialize the transaction ID\n just before sending the packet.\n * Drivers: hv: util: Fix a bug in util version\n negotiation code (bnc#838346).\n * be2net: Check for POST state in suspend-resume\n sequence (bnc#835189).\n * be2net: bug fix on returning an invalid nic\n descriptor (bnc#835189).\n * be2net: provision VF resources before enabling SR-IOV\n (bnc#835189).\n * be2net: Fix firmware download for Lancer (bnc#835189).\n * be2net: Fix to use version 2 of cq_create for\n SkyHawk-R devices (bnc#835189).\n * be2net: Use GET_FUNCTION_CONFIG V1 cmd (bnc#835189).\n * be2net: Avoid flashing BE3 UFI on BE3-R chip\n (bnc#835189).\n * be2net: Use TXQ_CREATE_V2 cmd (bnc#835189).\n * writeback: Do not sync data dirtied after sync start\n (bnc#833820).\n * elousb: some systems cannot stomach work around\n (bnc#840830,bnc#830985).\n * bounce: allow use of bounce pool via config option\n (Bounce memory pool initialisation (bnc#836347)).\n * block: initialize the bounce pool if high memory may\n be added later (Bounce memory pool initialisation\n (bnc#836347)).\n * bio-integrity: track owner of integrity payload\n (bnc#831380).\n * xhci: Fix spurious wakeups after S5 on Haswell\n (bnc#833097).\n * s390/cio: handle unknown pgroup state\n (bnc#837741,LTC#97048).\n * s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).\n * s390/cio: skip broken paths (bnc#837741,LTC#97048).\n * s390/cio: dont abort verification after missing irq\n (bnc#837741,LTC#97048).\n * cio: add message for timeouts on internal I/O\n (bnc#837741,LTC#97048).\n * series.conf: disable XHCI ring expansion patches\n because on machines with large memory they cause a\n starvation problem (bnc#833635).\n * Update EC2 config files (STRICT_DEVMEM off,\n bnc#843732).\n * Fixed Xen guest freezes (bnc#829682, bnc#842063).\n * tools: hv: Improve error logging in VSS daemon.\n * tools: hv: Check return value of poll call.\n * tools: hv: Check return value of setsockopt call.\n * Tools: hv: fix send/recv buffer allocation.\n * Tools: hv: check return value of daemon to fix\n compiler warning.\n * Tools: hv: in kvp_set_ip_info free mac_addr right\n after usage.\n * Tools: hv: check return value of system in\n hv_kvp_daemon.\n * Tools: hv: correct payload size in netlink_send.\n * Tools: hv: use full nlmsghdr in netlink_send.\n * rpm/old-flavors, rpm/mkspec: Add version information\n to obsolete flavors (bnc#821465).\n * rpm/kernel-binary.spec.in: Move the xenpae obsolete\n to the old-flavors file.\n * rpm/old-flavors: Convert the old-packages.conf file\n to a flat list.\n * rpm/mkspec: Adjust.\n * rpm/old-packages.conf: Delete.\n * rpm/old-packages.conf: Drop bogus obsoletes for "smp"\n (bnc#821465).\n * rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned (bnc#821465).\n * rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. (bnc#821465).\n\n Security Issues:\n\n * CVE-2013-2206\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206</a>\n >\n", "edition": 1, "modified": "2013-11-22T08:04:25", "published": "2013-11-22T08:04:25", "id": "SUSE-SU-2013:1749-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00023.html", "title": "Security update for Linux kernel (important)", "type": "suse", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:44:54", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206"], "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel for\n RealTime was updated to version 3.0.101 and also includes\n various other bug and security fixes.\n\n The following features have been added:\n\n * Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n * Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n * Drivers: hv: Move vmbus version definitions to\n hyperv.h (FATE#314665).\n\n The following security issue has been fixed:\n\n * CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function\n in net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of service\n (NULL pointer dereference and system crash) or possibly\n have unspecified other impact via crafted SCTP traffic.\n (bnc#826102)\n\n The following non-security bugs have been fixed:\n\n * mm: Do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times (bnc#821259)).\n * mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n * mm, memcg: move all oom handling to memcontrol.c.\n * mm, oom: avoid looping when chosen thread detaches\n its mm.\n * mm, oom: fold oom_kill_task() into oom_kill_process().\n * mm, oom: introduce helper function to process threads\n during scan.\n * mm, oom: reduce dependency on tasklist_lock.\n * kernel: sclp console hangs (bnc#841498, LTC#95711).\n * splice: fix racy pipe->buffers uses (bnc#827246).\n * blktrace: fix race with open trace files and\n directory removal (bnc#832292).\n * Set proper SK when CK_COND is set (bnc#833588).\n * iommu/vt-d: add quirk for broken interrupt remapping\n on 55XX chipsets (bnc#844513).\n * x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset (bnc#844513).\n * iommu/vt-d: Only warn about broken interrupt\n remapping (bnc#844513).\n * iommu: Remove stack trace from broken irq remapping\n warning (bnc#844513).\n * intel-iommu: Fix leaks in pagetable freeing\n (bnc#841402).\n * softirq: reduce latencies (bnc#797526).\n * softirq: Fix lockup related to stop_machine being\n stuck in __do_softirq (bnc#797526).\n * bounce: Bounce memory pool initialisation (bnc#836347)\n * writeback: Do not sync data dirtied after sync start\n (bnc#833820).\n * config//debug: Enable FSCACHE_DEBUG and\n CACHEFILES_DEBUG (bnc#837372).\n * Fixed Xen guest freezes (bnc#829682, bnc#842063).\n * SUNRPC: close a rare race in xs_tcp_setup_socket\n (bnc#794824).\n * NFS: make nfs_flush_incompatible more generous\n (bnc#816099).\n * NFS: don't try to use lock state when we hold a\n delegation (bnc#831029).\n * nfs_lookup_revalidate(): fix a leak (bnc#828894).\n * fs: do_add_mount()/umount -l races (bnc#836801).\n * cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields\n (bnc#804950).\n * cifs: Fix EREMOTE errors encountered on DFS links\n (bnc#831143).\n * xfs: growfs: use uncached buffers for new headers\n (bnc#842604).\n * xfs: avoid double-free in xfs_attr_node_addname.\n * xfs: Check the return value of xfs_buf_get()\n (bnc#842604).\n * iscsi: don't hang in endless loop if no targets\n present (bnc#841094).\n * reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list (bnc#837803).\n * md: Throttle number of pending write requests in\n md/raid10 (bnc#833858).\n * dm: ignore merge_bvec for snapshots when safe\n (bnc#820848).\n * rcu: Do not trigger false positive RCU stall\n detection (bnc#834204).\n * net/mlx4_en: Fix BlueFlame race (bnc#835684).\n * net: remove skb_orphan_try() (bnc#834600).\n * bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()\n (bnc#834905).\n * ipv6: don't call fib6_run_gc() until routing is ready\n (bnc#836218).\n * ipv6: prevent fib6_run_gc() contention (bnc#797526).\n * ipv6: update ip6_rt_last_gc every time GC is run\n (bnc#797526).\n * netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853\n bugzilla.netfilter.org:714).\n * netfilter: prevent race condition breaking net\n reference counting (bnc#835094).\n * sctp: deal with multiple COOKIE_ECHO chunks\n (bnc#826102).\n * quirks: add touchscreen that is dazzeled by remote\n wakeup (bnc#835930).\n * bnx2x: Change to D3hot only on removal (bnc#838448).\n * vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev (bnc#833321).\n * Drivers: hv: util: Fix a bug in version negotiation\n code for util services (bnc#828714).\n * Drivers: hv: util: Correctly support ws2008R2 and\n earlier (bnc#838346).\n * Drivers: hv: util: Fix a bug in util version\n negotiation code (bnc#838346).\n * elousb: some systems cannot stomach work around\n (bnc#840830).\n * bio-integrity: track owner of integrity payload\n (bnc#831380).\n * lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt (bnc#763463).\n * series.conf: disable XHCI ring expansion patches\n because on machines with large memory they cause a\n starvation problem (bnc#833635)\n * rpm/old-flavors, rpm/mkspec: Add version information\n to obsolete flavors (bnc#821465).\n * rpm/kernel-binary.spec.in: Move the xenpae obsolete\n to the old-flavors file.\n * rpm/old-flavors: Convert the old-packages.conf file\n to a flat list.\n * rpm/old-packages.conf: Drop bogus obsoletes for "smp"\n (bnc#821465).\n * rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned (bnc#821465).\n * rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. (bnc#821465).\n * sched/workqueue: Only wake up idle workers if not\n blocked on sleeping spin lock.\n * genirq: Set irq thread to RT priority on creation.\n * timers: prepare for full preemption improve.\n * kernel/cpu: fix cpu down problem if kthread's cpu is\n going down.\n * kernel/hotplug: restore original cpu mask oncpu/down.\n * drm/i915: drop trace_i915_gem_ring_dispatch on rt.\n * rt,ntp: Move call to schedule_delayed_work() to\n helper thread.\n * hwlat-detector: Update hwlat_detector to add outer\n loop detection.\n * hwlat-detect/trace: Export trace_clock_local for\n hwlat-detector.\n * hwlat-detector: Use trace_clock_local if available.\n * hwlat-detector: Use thread instead of stop machine.\n * genirq: do not invoke the affinity callback via a\n workqueue.\n\n Security Issues:\n\n * CVE-2013-2206\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206</a>\n >\n", "edition": 1, "modified": "2013-11-22T05:04:54", "published": "2013-11-22T05:04:54", "id": "SUSE-SU-2013:1744-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00020.html", "type": "suse", "title": "Security update for Real Time Linux Kernel (important)", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:09:50", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206"], "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel was\n updated to version 3.0.101 and also includes various other\n bug and security fixes.\n\n The following features have been added:\n\n * Drivers: hv: Support handling multiple VMBUS versions\n (FATE#314665).\n * Drivers: hv: Save and export negotiated vmbus version\n (FATE#314665).\n * Drivers: hv: Move vmbus version definitions to\n hyperv.h (FATE#314665).\n\n The following security issue has been fixed:\n\n * CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function\n in net/sctp/sm_statefuns.c in the SCTP implementation in\n the Linux kernel did not properly handle associations\n during the processing of a duplicate COOKIE ECHO chunk,\n which allowed remote attackers to cause a denial of service\n (NULL pointer dereference and system crash) or possibly\n have unspecified other impact via crafted SCTP traffic.\n (bnc#826102)\n\n The following non-security bugs have been fixed:\n\n * kernel: sclp console hangs (bnc#841498, LTC#95711).\n * intel-iommu: Fix leaks in pagetable freeing\n (bnc#841402).\n * iommu/vt-d: add quirk for broken interrupt remapping\n on 55XX chipsets (bnc#844513).\n * x86/iommu/vt-d: Expand interrupt remapping quirk to\n cover x58 chipset (bnc#844513).\n * iommu/vt-d: Only warn about broken interrupt\n remapping (bnc#844513).\n * iommu: Remove stack trace from broken irq remapping\n warning (bnc#844513).\n * softirq: reduce latencies (bnc#797526).\n * Fix lockup related to stop_machine being stuck in\n __do_softirq (bnc#797526).\n * splice: fix racy pipe->buffers uses (bnc#827246).\n * blktrace: fix race with open trace files and\n directory removal (bnc#832292).\n * mm: Do not walk all of system memory during show_mem\n (Reduce tasklist_lock hold times (bnc#821259)).\n * mm: Bounce memory pool initialisation (bnc#836347).\n * mm, memcg: introduce own oom handler to iterate only\n over its own threads.\n * mm, memcg: move all oom handling to memcontrol.c.\n * mm, oom: avoid looping when chosen thread detaches\n its mm.\n * mm, oom: fold oom_kill_task() into oom_kill_process().\n * mm, oom: introduce helper function to process threads\n during scan.\n * mm, oom: reduce dependency on tasklist_lock.\n * ipv6: do not call fib6_run_gc() until routing is\n ready (bnc#836218).\n * ipv6: prevent fib6_run_gc() contention (bnc#797526).\n * ipv6: update ip6_rt_last_gc every time GC is run\n (bnc#797526).\n * net/mlx4_en: Fix BlueFlame race (bnc#835684).\n * netfilter: nf_conntrack: use RCU safe kfree for\n conntrack extensions (bnc#827416 bko#60853).\n * netfilter: prevent race condition breaking net\n reference counting (bnc#835094).\n * net: remove skb_orphan_try() (bnc#834600).\n * bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()\n (bnc#834905).\n * sctp: deal with multiple COOKIE_ECHO chunks\n (bnc#826102).\n * SUNRPC: close a rare race in xs_tcp_setup_socket\n (bnc#794824).\n * NFS: make nfs_flush_incompatible more generous\n (bnc#816099).\n * NFS: do not try to use lock state when we hold a\n delegation (bnc#831029).\n * nfs_lookup_revalidate(): fix a leak (bnc#828894).\n * xfs: growfs: use uncached buffers for new headers\n (bnc#842604).\n * xfs: Check the return value of xfs_buf_get()\n (bnc#842604).\n * xfs: avoid double-free in xfs_attr_node_addname.\n * do_add_mount()/umount -l races (bnc#836801).\n * cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields\n (bnc#804950).\n * cifs: Fix EREMOTE errors encountered on DFS links\n (bnc#831143).\n * reiserfs: fix race with flush_used_journal_lists and\n flush_journal_list (bnc#837803).\n * reiserfs: remove useless flush_old_journal_lists.\n * fs: writeback: Do not sync data dirtied after sync\n start (bnc#833820).\n * rcu: Do not trigger false positive RCU stall\n detection (bnc#834204).\n * lib/radix-tree.c: make radix_tree_node_alloc() work\n correctly within interrupt (bnc#763463).\n * bnx2x: Change to D3hot only on removal (bnc#838448).\n * vmxnet3: prevent div-by-zero panic when ring resizing\n uninitialized dev (bnc#833321).\n * Drivers: hv: Support handling multiple VMBUS versions\n (fate#314665).\n * Drivers: hv: Save and export negotiated vmbus version\n (fate#314665).\n * Drivers: hv: Move vmbus version definitions to\n hyperv.h (fate#314665).\n * Drivers: hv: util: Fix a bug in version negotiation\n code for util services (bnc#828714).\n * Drivers: hv: util: Correctly support ws2008R2 and\n earlier (bnc#838346).\n * Drivers: hv: util: Fix a bug in util version\n negotiation code (bnc#838346).\n * iscsi: do not hang in endless loop if no targets\n present (bnc#841094).\n * ata: Set proper SK when CK_COND is set (bnc#833588).\n * md: Throttle number of pending write requests in\n md/raid10 (bnc#833858).\n * dm: ignore merge_bvec for snapshots when safe\n (bnc#820848).\n * elousb: some systems cannot stomach work around\n (bnc#840830).\n * bio-integrity: track owner of integrity payload\n (bnc#831380).\n * quirks: add touchscreen that is dazzeled by remote\n wakeup (bnc#835930).\n * Fixed Xen guest freezes (bnc#829682, bnc#842063).\n * config/debug: Enable FSCACHE_DEBUG and\n CACHEFILES_DEBUG (bnc#837372).\n * series.conf: disable XHCI ring expansion patches\n because on machines with large memory they cause a\n starvation problem (bnc#833635).\n * rpm/old-flavors, rpm/mkspec: Add version information\n to obsolete flavors (bnc#821465).\n * rpm/kernel-binary.spec.in: Move the xenpae obsolete\n to the old-flavors file.\n * rpm/old-flavors: Convert the old-packages.conf file\n to a flat list.\n * rpm/old-packages.conf: Drop bogus obsoletes for "smp"\n (bnc#821465).\n * rpm/kernel-binary.spec.in: Make sure that all KMP\n obsoletes are versioned (bnc#821465).\n * rpm/kernel-binary.spec.in: Remove unversioned\n provides/obsoletes for packages that were only seen in\n openSUSE releases up to 11.0. (bnc#821465).\n", "edition": 1, "modified": "2013-11-22T08:04:16", "published": "2013-11-22T08:04:16", "id": "SUSE-SU-2013:1748-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00021.html", "title": "Security update for Linux Kernel (important)", "type": "suse", "cvss": {"score": 5.4, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:27:17", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1436\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of\nservice. (CVE-2013-4162, Moderate)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-October/032014.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1436.html", "edition": 3, "modified": "2013-10-17T16:14:23", "published": "2013-10-17T16:14:23", "href": "http://lists.centos.org/pipermail/centos-announce/2013-October/032014.html", "id": "CESA-2013:1436", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:27:06", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2141", "CVE-2012-3511", "CVE-2013-4162"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1292\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2012-3511, Moderate)\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-4162, Moderate)\n\n* An information leak flaw in the Linux kernel could allow a local,\nunprivileged user to leak kernel memory to user-space. (CVE-2013-2141, Low)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162.\n\nThis update also fixes the following bugs:\n\n* A bug in the be2net driver prevented communication between NICs using\nbe2net. This update applies a patch addressing this problem along with\nseveral other upstream patches that fix various other problems. Traffic\nbetween NICs using the be2net driver now proceeds as expected. (BZ#983864)\n\n* A recent patch fixing a problem that prevented communication between\nNICs using the be2net driver caused the firmware of NICs to become\nunresponsive, and thus triggered a kernel panic. The problem was caused by\nunnecessary usage of a hardware workaround that allows skipping VLAN tag\ninsertion. A patch has been applied and the workaround is now used only\nwhen the multi-channel configuration is enabled on the NIC. Note that the\nbug only affected the NICs with firmware version 4.2.xxxx. (BZ#999819)\n\n* A bug in the autofs4 mount expiration code could cause the autofs4\nmodule to falsely report a busy tree of NFS mounts as \"not in use\".\nConsequently, automount attempted to unmount the tree and failed with\na \"failed to umount offset\" error, leaving the mount tree to appear as\nempty directories. A patch has been applied to remove an incorrectly used\nautofs dentry mount check and the aforementioned problem no longer occurs.\n(BZ#1001488)\n\n* A race condition in the be_open function in the be2net driver could\ntrigger the BUG_ON() macro, which resulted in a kernel panic. A patch\naddressing this problem has been applied and the race condition is now\navoided by enabling polling before enabling interrupts globally. The\nkernel no longer panics in this situation. (BZ#1005239)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-September/031999.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1292.html", "edition": 3, "modified": "2013-09-27T13:27:33", "published": "2013-09-27T13:27:33", "href": "http://lists.centos.org/pipermail/centos-announce/2013-September/031999.html", "id": "CESA-2013:1292", "title": "kernel security update", "type": "centos", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:29:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2017", "CVE-2013-2188", "CVE-2013-1943", "CVE-2013-1935"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0911\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way KVM (Kernel-based Virtual Machine)\ninitialized a guest's registered pv_eoi (paravirtualized end-of-interrupt)\nindication flag when entering the guest. An unprivileged guest user could\npotentially use this flaw to crash the host. (CVE-2013-1935, Important)\n\n* A missing sanity check was found in the kvm_set_memory_region() function\nin KVM, allowing a user-space process to register memory regions pointing\nto the kernel address space. A local, unprivileged user could use this flaw\nto escalate their privileges. (CVE-2013-1943, Important)\n\n* A double free flaw was found in the Linux kernel's Virtual Ethernet\nTunnel driver (veth). A remote attacker could possibly use this flaw to\ncrash a target system. (CVE-2013-2017, Moderate)\n\nRed Hat would like to thank IBM for reporting the CVE-2013-1935 issue and\nAtzm WATANABE of Stratosphere Inc. for reporting the CVE-2013-2017 issue.\nThe CVE-2013-1943 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs and adds one enhancement. Documentation\nfor these changes will be available shortly from the Technical Notes\ndocument linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add this enhancement. The system must\nbe rebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-June/031822.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0911.html", "edition": 5, "modified": "2013-06-12T13:37:13", "published": "2013-06-12T13:37:13", "href": "http://lists.centos.org/pipermail/centos-announce/2013-June/031822.html", "id": "CESA-2013:0911", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of\nservice. (CVE-2013-4162, Moderate)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:23", "published": "2013-10-16T04:00:00", "id": "RHSA-2013:1436", "href": "https://access.redhat.com/errata/RHSA-2013:1436", "type": "redhat", "title": "(RHSA-2013:1436) Moderate: kernel security and bug fix update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:45", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "description": "Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4\nkernel. These custom kernel packages include support for network\nnamespaces; this support is required to facilitate advanced OpenStack\nNetworking deployments.\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-4162, Moderate)\n\n* An information leak flaw was found in the way the Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.\n\nThis update also fixes the following bug:\n\n* Prior to this update, while performing Generic Routing Encapsulation\n(GRE), the possibility of having a 802.1Q inner header was not considered\nduring the Generic Segmentation Offloading (GSO). With this update, a check\nhas been added to detect the use of 802.1Q and handle the packet\naccordingly. (BZ#1005804)\n\nIn addition, this update adds the following enhancements:\n\n* This update adds support for Distributed Overlay Virtual Ethernet (DOVE).\n(BZ#1009025)\n\n* This update adds support for Virtual Extensible LAN (VXLAN) as an Open\nvSwitch (OVS) tunneling type. (BZ#1009006)\n\nMore information on the Red Hat Enterprise Linux 6.4 kernel packages upon\nwhich these custom kernel packages are based is available in\nRHSA-2013:1436:\n\nhttps://rhn.redhat.com/errata/RHSA-2013-1436.html\n\nAll Red Hat OpenStack 3.0 users deploying the OpenStack Networking service\nare advised to install these updated packages.\n", "modified": "2018-06-13T01:27:36", "published": "2013-11-14T05:00:00", "id": "RHSA-2013:1520", "href": "https://access.redhat.com/errata/RHSA-2013:1520", "type": "redhat", "title": "(RHSA-2013:1520) Moderate: kernel security, bug fix, and enhancement update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:44:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3511", "CVE-2013-2141", "CVE-2013-4162"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2012-3511, Moderate)\n\n* A flaw was found in the way the Linux kernel's TCP/IP protocol suite\nimplementation handled IPv6 sockets that used the UDP_CORK option. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2013-4162, Moderate)\n\n* An information leak flaw in the Linux kernel could allow a local,\nunprivileged user to leak kernel memory to user-space. (CVE-2013-2141, Low)\n\nRed Hat would like to thank Hannes Frederic Sowa for reporting\nCVE-2013-4162.\n\nThis update also fixes the following bugs:\n\n* A bug in the be2net driver prevented communication between NICs using\nbe2net. This update applies a patch addressing this problem along with\nseveral other upstream patches that fix various other problems. Traffic\nbetween NICs using the be2net driver now proceeds as expected. (BZ#983864)\n\n* A recent patch fixing a problem that prevented communication between\nNICs using the be2net driver caused the firmware of NICs to become\nunresponsive, and thus triggered a kernel panic. The problem was caused by\nunnecessary usage of a hardware workaround that allows skipping VLAN tag\ninsertion. A patch has been applied and the workaround is now used only\nwhen the multi-channel configuration is enabled on the NIC. Note that the\nbug only affected the NICs with firmware version 4.2.xxxx. (BZ#999819)\n\n* A bug in the autofs4 mount expiration code could cause the autofs4\nmodule to falsely report a busy tree of NFS mounts as \"not in use\".\nConsequently, automount attempted to unmount the tree and failed with\na \"failed to umount offset\" error, leaving the mount tree to appear as\nempty directories. A patch has been applied to remove an incorrectly used\nautofs dentry mount check and the aforementioned problem no longer occurs.\n(BZ#1001488)\n\n* A race condition in the be_open function in the be2net driver could\ntrigger the BUG_ON() macro, which resulted in a kernel panic. A patch\naddressing this problem has been applied and the race condition is now\navoided by enabling polling before enabling interrupts globally. The\nkernel no longer panics in this situation. (BZ#1005239)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2017-09-08T11:55:29", "published": "2013-09-26T04:00:00", "id": "RHSA-2013:1292", "href": "https://access.redhat.com/errata/RHSA-2013:1292", "type": "redhat", "title": "(RHSA-2013:1292) Moderate: kernel security and bug fix update", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:33:10", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1935", "CVE-2013-1943", "CVE-2013-2017", "CVE-2013-2188"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way KVM (Kernel-based Virtual Machine)\ninitialized a guest's registered pv_eoi (paravirtualized end-of-interrupt)\nindication flag when entering the guest. An unprivileged guest user could\npotentially use this flaw to crash the host. (CVE-2013-1935, Important)\n\n* A missing sanity check was found in the kvm_set_memory_region() function\nin KVM, allowing a user-space process to register memory regions pointing\nto the kernel address space. A local, unprivileged user could use this flaw\nto escalate their privileges. (CVE-2013-1943, Important)\n\n* A double free flaw was found in the Linux kernel's Virtual Ethernet\nTunnel driver (veth). A remote attacker could possibly use this flaw to\ncrash a target system. (CVE-2013-2017, Moderate)\n\nRed Hat would like to thank IBM for reporting the CVE-2013-1935 issue and\nAtzm WATANABE of Stratosphere Inc. for reporting the CVE-2013-2017 issue.\nThe CVE-2013-1943 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs and adds one enhancement. Documentation\nfor these changes will be available shortly from the Technical Notes\ndocument linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add this enhancement. The system must\nbe rebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:08", "published": "2013-06-10T04:00:00", "id": "RHSA-2013:0911", "href": "https://access.redhat.com/errata/RHSA-2013:0911", "type": "redhat", "title": "(RHSA-2013:0911) Important: kernel security, bug fix, and enhancement update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:15", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "description": "kernel-uek\n[2.6.32-400.33.2]\n- dm snapshot: fix data corruption (Mikulas Patocka) [Orabug: 17618900] {CVE-2013-4299}\n- ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (Hannes Frederic Sowa) [Orabug: 17618897] {CVE-2013-4162}", "edition": 4, "modified": "2013-10-18T00:00:00", "published": "2013-10-18T00:00:00", "id": "ELSA-2013-2575", "href": "http://linux.oracle.com/errata/ELSA-2013-2575.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4162", "CVE-2013-4299"], "description": "[2.6.32-358.23.2]\n- [md] dm-snapshot: fix data corruption (Mikulas Patocka) [1004252 1004233] {CVE-2013-4299}\n[2.6.32-358.23.1]\n- [md] raid1, raid10: use freeze_array in place of raise_barrier in various places (Jes Sorensen) [1003765 997845]\n- [scsi] megaraid_sas: megaraid_sas driver init fails in kdump kernel (Nikola Pajkovsky) [1001963 833299]\n- [char] ipmi: eliminate long delay in ipmi_si on SGI UV2 (Nikola Pajkovsky) [988228 876778]\n- [net] bridge: Add multicast_querier toggle and disable queries by default (Nikola Pajkovsky) [995334 905561]\n- [net] bridge: Fix fatal typo in setup of multicast_querier_expired (Nikola Pajkovsky) [995334 905561]\n- [net] bridge: Restart queries when last querier expires (Nikola Pajkovsky) [995334 905561]\n- [net] bridge: Add br_multicast_start_querier (Flavio Leitner) [995334 905561]\n- [kernel] Prevent RT process stall due to missing upstream scheduler bug fix (Larry Woodman) [1006932 1002765]\n- [fs] nfs: Minor cleanups for nfs4_handle_exception and nfs4_async_handle_error (Dave Wysochanski) [1006956 998752]\n- [firmware] efivars: Use correct efi_pstore_info struct when calling pstore_register (Lenny Szubowicz) [993547 867689]\n- [net] bridge: do not call setup_timer() multiple times (Amerigo Wang) [997746 994430]\n- [fs] lockd: protect nlm_blocked list (David Jeffery) [993544 967095]\n- [net] ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (Jiri Benc) [987649 987651] {CVE-2013-4162}\n- [fs] fuse: readdirplus sanity checks (Niels de Vos) [988708 981741]\n- [fs] fuse: readdirplus cleanup (Niels de Vos) [988708 981741]\n- [fs] fuse: readdirplus change attributes once (Niels de Vos) [988708 981741]\n- [fs] fuse: readdirplus fix instantiate (Niels de Vos) [988708 981741]\n- [fs] fuse: fix readdirplus dentry leak (Niels de Vos) [988708 981741]\n- [fs] cifs: fix issue mounting of DFS ROOT when redirecting from one domain controller to the next (Sachin Prabhu) [994866 976535]\n- [fs] nfs: Make nfs_readdir revalidate less often (Scott Mayhew) [994867 976879]\n- [fs] nfs: Make nfs_attribute_cache_expired() non-static (Scott Mayhew) [994867 976879]\n- [fs] nfs: set verifier on existing dentries in nfs_prime_dcache (Scott Mayhew) [994867 976879]\n- [fs] nfs: Allow nfs_updatepage to extend a write under additional circumstances (Scott Mayhew) [987262 983288]\n- [fs] nfs: fix a leak at nfs_lookup_revalidate() (Dave Wysochanski) [987261 975211]\n- [acpi] efivars: If pstore_register fails, free unneeded pstore buffer (Lenny Szubowicz) [993547 867689]\n- [acpi] Eliminate console msg if pstore.backend excludes ERST (Lenny Szubowicz) [993547 867689]\n- [acpi] Return unique error if backend registration excluded by kernel param (Lenny Szubowicz) [993547 867689]\n- [net] bridge: fix some kernel warning in multicast timer (Amerigo Wang) [997745 952012]\n- [net] bridge: send query as soon as leave is received (Amerigo Wang) [997745 952012]\n- [net] bridge: only expire the mdb entry when query is received (Amerigo Wang) [997745 952012]\n- [net] bridge: Replace mp->mglist hlist with a bool (Amerigo Wang) [997745 952012]\n- [mm] fadvise: drain all pagevecs if POSIX_FADV_DONTNEED fails to discard all pages (Larry Woodman) [994140 957821]\n- [net] sunrpc: don't use a credential with extra groups (Mateusz Guzik) [1003931 955712]\n- [virt] xen-netfront: reduce gso_max_size to account for max TCP header (Andrew Jones) [1004657 957231]\n- [pps] Fix a use-after free bug when unregistering a source (Jiri Benc) [997916 920155]\n- [scsi] fnic: Fix SGEs limit (Chris Leech) [991346 829506]\n[2.6.32-358.22.1]\n- [x86] Round the calculated scale factor in set_cyc2ns_scale() (Prarit Bhargava) [1001954 975507]\n- [x86] sched: Fix overflow in cyc2ns_offset (Prarit Bhargava) [1001954 975507]\n[2.6.32-358.21.1]\n- [fs] autofs: remove autofs dentry mount check (Ian Kent) [1000314 947275]\n- [net] sctp: Fix list corruption resulting from freeing an association on a list (Jiri Pirko) [1002184 887868]\n[2.6.32-358.20.1]\n- [fs] nfs: Add functionality to allow waiting on all outstanding reads to complete (Dave Wysochanski) [996424 976915]\n- [fs] nfs: Ensure that NFS file unlock waits for readahead to complete (Dave Wysochanski) [996424 976915]\n- [fs] nfs: Convert nfs_get_lock_context to return an ERR_PTR on failure (Dave Wysochanski) [996424 976915]\n- [x86] thermal: Disable power limit notification interrupt (Shyam Iyer) [999328 908990]\n- [x86] thermal: Delete power-limit-notification console messages (Shyam Iyer) [999328 908990]\n[2.6.32-358.19.1]\n- [fs] gfs2: Reserve journal space for quota change in do_grow (Robert S Peterson) [988384 976823]\n- [netdrv] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [995458 988460]\n- [fs] nfs4: Fix infinite loop in nfs4_lookup_root (Scott Mayhew) [996014 987426]", "edition": 4, "modified": "2013-10-16T00:00:00", "published": "2013-10-16T00:00:00", "id": "ELSA-2013-1436", "href": "http://linux.oracle.com/errata/ELSA-2013-1436.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-30T19:26:16", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2141", "CVE-2012-3511", "CVE-2013-4162"], "description": "kernel\r\n[2.6.18-348.18.1.0.1]\r\n- i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649]\r\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\r\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\r\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\r\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\r\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\r\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\r\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\r\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\r\n [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\r\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\r\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\r\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\r\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\r\n [orabug 12342275]\r\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\r\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\r\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\r\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\r\n- fix filp_close() race (Joe Jin) [orabug 10335998]\r\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\r\n- [xen] check to see if hypervisor supports memory reservation change\r\n (Chuck Anderson) [orabug 7556514]\r\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\r\n [orabug 10315433]\r\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\r\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\r\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\r\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\r\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\r\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\r\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\r\n [orabug 9107465]\r\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\r\n [orabug 9764220]\r\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\r\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\r\n Guru Anbalagane) [orabug 6124033]\r\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\r\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\r\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\r\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\r\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]", "edition": 6, "modified": "2013-09-27T00:00:00", "published": "2013-09-27T00:00:00", "id": "ELSA-2013-1292-1", "href": "http://linux.oracle.com/errata/ELSA-2013-1292-1.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2141", "CVE-2012-3511", "CVE-2013-4162"], "description": "kernel\n[2.6.18-348.18.1]\n- [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [1005239 987539]\n- [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov) [970874 970875] {CVE-2013-2141}\n- [net] ipv6: do udp_push_pending_frames AF_INET sock pending data (Jiri Benc) [987647 987648] {CVE-2013-4162}\n- [mm] use-after-free in madvise_remove() (Jacob Tanenbaum) [849735 849736] {CVE-2012-3511}\n- [fs] autofs: remove autofs dentry mount check (Ian Kent) [1001488 928098]\n[2.6.18-348.17.1]\n- [net] be2net: Fix to avoid hardware workaround when not needed (Ivan Vecera) [999819 995961]\n- [net] be2net: Mark checksum fail for IP fragmented packets (Ivan Vecera) [983864 956322]\n- [net] be2net: Avoid double insertion of vlan tags (Ivan Vecera) [983864 956322]\n- [net] be2net: disable TX in be_close() (Ivan Vecera) [983864 956322]\n- [net] be2net: fix EQ from getting full while cleaning RX CQ (Ivan Vecera) [983864 956322]\n- [net] be2net: avoid napi_disable() when not enabled (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix receive Multicast Packets w/ Promiscuous mode (Ivan Vecera) [983864 956322]\n- [net] be2net: Fixed memory leak (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix PVID tag offload for packets w/ inline VLAN tag (Ivan Vecera) [983864 956322]\n- [net] be2net: fix a Tx stall bug caused by a specific ipv6 packet (Ivan Vecera) [983864 956322]\n- [net] be2net: Remove an incorrect pvid check in Tx (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix issues in error recovery with wrong queue state (Ivan Vecera) [983864 956322]\n- [net] netpoll: revert 6bdb7fe3104 and fix be_poll() instead (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix to parse RSS hash Receive completions correctly (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix cleanup path when EQ creation fails (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix Endian (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix to trim skb for padded vlan packets (Ivan Vecera) [983864 956322]\n- [net] be2net: Explicitly clear reserved field in Tx Descriptor (Ivan Vecera) [983864 956322]\n- [net] be2net: remove unnecessary usage of unlikely() (Ivan Vecera) [983864 956322]\n- [net] be2net: do not modify PCI MaxReadReq size (Ivan Vecera) [983864 956322]\n- [net] be2net: cleanup be_vid_config() (Ivan Vecera) [983864 956322]\n- [net] be2net: don't call vid_config() when there no vlan config (Ivan Vecera) [983864 956322]\n- [net] be2net: Ignore status of some ioctls during driver load (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix wrong status getting returned for MCC commands (Ivan Vecera) [983864 956322]\n- [net] be2net: Fix VLAN/multicast packet reception (Ivan Vecera) [983864 956322]\n- [net] be2net: fix wrong frag_idx reported by RX CQ (Ivan Vecera) [983864 956322]", "edition": 4, "modified": "2013-09-26T00:00:00", "published": "2013-09-26T00:00:00", "id": "ELSA-2013-1292", "href": "http://linux.oracle.com/errata/ELSA-2013-1292.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:02", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2017", "CVE-2013-1943", "CVE-2013-2094", "CVE-2013-1935"], "description": "[2.6.32-358.11.1]\n- [kernel] perf: fix perf_swevent_enabled array out-of-bound access (Petr Matousek) [962793 962794] {CVE-2013-2094}\n[2.6.32-358.10.1]\n- [scsi] be2iscsi : Fix the NOP-In handling code path (Nikola Pajkovsky) [955504 947550]\n- [scsi] be2iscsi: Fix memory leak in control path of driver (Rob Evers) [955504 947550]\n- [virt] kvm: validate userspace_addr of memslot (Petr Matousek) [950496 950498] {CVE-2013-1943}\n- [virt] kvm: fix copy to user with irq disabled (Michael S. Tsirkin) [949985 906602] {CVE-2013-1935}\n- [net] veth: Dont kfree_skb() after dev_forward_skb() (Jiri Benc) [957712 957713] {CVE-2013-2017}\n- [net] tcp: Reallocate headroom if it would overflow csum_start (Thomas Graf) [954298 896233]\n- [net] tcp: take care of misalignments (Thomas Graf) [954298 896233]\n- [net] skbuff.c cleanup (Thomas Graf) [954298 896233]\n- [idle] intel_idle: Initialize driver_data correctly in ivb_cstates on IVB processor (Prarit Bhargava) [960864 953630]\n- [x86] Prevent panic in init_memory_mapping() when booting more than 1TB on AMD systems (Larry Woodman) [962482 869736]\n- [mm] enforce mmap_min_addr on x86_64 (Rik van Riel) [961431 790921]\n- [mm] optional next-fit policy for arch_get_unmapped_area (Rik van Riel) [961431 790921]\n- [mm] fix quadratic behaviour in get_unmapped_area_topdown (Rik van Riel) [961431 790921]\n- [scsi] Revert: qla2xxx: Optimize existing port name server query matching (Chad Dupuis) [950529 924804]\n- [scsi] Revert: qla2xxx: Avoid losing any fc ports when loop id's are exhausted (Chad Dupuis) [950529 924804]\n- [fs] defer do_filp_open() access checks to may_open() (Eric Sandeen) [928683 920752]\n- [md] dm thin: bump the target version numbers (Mike Snitzer) [924823 922931]\n- [md] dm-thin: fix discard corruption (Mike Snitzer) [924823 922931]\n- [md] persistent-data: rename node to btree_node (Mike Snitzer) [924823 922931]\n- [md] dm: fix limits initialization when there are no data devices (Mike Snitzer) [923096 908851]\n[2.6.32-358.9.1]\n- [fs] nfs: Fix handling of revoked delegations by setattr (Steve Dickson) [960415 952329]\n- [fs] nfs: Return the delegation if the server returns NFS4ERR_OPENMODE (Steve Dickson) [960415 952329]\n- [fs] nfs: Fix another potential state manager deadlock (Steve Dickson) [960436 950598]\n- [fs] nfs: Fix another open/open_recovery deadlock (Steve Dickson) [960433 916806]\n- [fs] nfs: Hold reference to layout hdr in layoutget (Steve Dickson) [960429 916726]\n- [fs] nfs: add 'pnfs_' prefix to get_layout_hdr() and put_layout_hdr() (Steve Dickson) [960429 916726]\n- [fs] nfs: nfs4_open_done first must check that GETATTR decoded a file type (Steve Dickson) [960412 916722]\n- [net] sunrpc: Dont start the retransmission timer when out of socket space (Steve Dickson) [960426 916735]\n- [fs] nfs: Dont use SetPageError in the NFS writeback code (Steve Dickson) [960420 912867]\n- [fs] nfs: Dont decode skipped layoutgets (Steve Dickson) [927294 904025]\n- [fs] nfs: nfs4_proc_layoutget returns void (Steve Dickson) [927294 904025]\n- [fs] nfs: defer release of pages in layoutget (Steve Dickson) [927294 904025]\n- [fs] nfs: Use kcalloc() when allocating arrays (Steve Dickson) [927294 904025]\n- [fs] nfs: Fix an ABBA locking issue with session and state serialisation (Steve Dickson) [960417 912842]\n- [fs] nfs: Fix a race in the pNFS return-on-close code (Steve Dickson) [960417 912842]\n- [fs] nfs: Do not accept delegated opens when a delegation recall is in effect (Steve Dickson) [960417 912842]\n- [fs] nfs: Fix a reboot recovery race when opening a file (Steve Dickson) [952613 908524]\n- [fs] nfs: Ensure delegation recall and byte range lock removal don't conflict (Steve Dickson) [952613 908524]\n- [fs] nfs: Fix up the return values of nfs4_open_delegation_recall (Steve Dickson) [952613 908524]\n- [fs] nfs: Dont lose locks when a server reboots during delegation return (Steve Dickson) [952613 908524]\n- [fs] nfs: Move nfs4_wait_clnt_recover and nfs4_client_recover_expired_lease (Steve Dickson) [952613 908524]\n- [fs] nfs: Add NFSDBG_STATE (Steve Dickson) [952613 908524]\n- [fs] nfs: nfs_inode_return_delegation() should always flush dirty data (Steve Dickson) [952613 908524]\n- [fs] nfs: nfs_client_return_marked_delegations cant flush data (Steve Dickson) [952613 908524]\n- [fs] nfs: Prevent deadlocks between state recovery and file locking (Steve Dickson) [952613 908524]\n- [fs] nfs: Allow the state manager to mark an open_owner as being recovered (Steve Dickson) [952613 908524]\n- [kernel] seqlock: Dont smp_rmb in seqlock reader spin loop (Steve Dickson) [952613 908524]\n- [kernel] seqlock: add 'raw_seqcount_begin()' function (Steve Dickson) [952613 908524]\n- [kernel] seqlock: optimise seqlock (Steve Dickson) [952613 908524]\n- [fs] nfs: don't allow nfs_find_actor to match inodes of the wrong type (Jeff Layton) [921964 913660]\n- [net] sunrpc: Add barriers to ensure read ordering in rpc_wake_up_task_queue_locked (Dave Wysochanski) [956979 840860]\n[2.6.32-358.8.1]\n- [fs] raw: don't call set_blocksize when not changing the blocksize (Jeff Moyer) [951406 909482]\n- [x86] Allow greater than 1TB of RAM on AMD x86_64 sytems (Larry Woodman) [952570 876275]\n- [netdrv] ixgbe: Only set gso_type to SKB_GSO_TCPV4 as RSC does not support IPv6 (Michael S. Tsirkin) [927292 908196]\n- [netdrv] bnx2x: set gso_type (Michael S. Tsirkin) [927292 908196]\n- [netdrv] qlcnic: set gso_type (Michael S. Tsirkin) [927292 908196]\n- [netdrv] ixgbe: fix gso type (Michael S. Tsirkin) [927292 908196]\n- [fs] gfs2: Allocate reservation structure before rename and link (Robert S Peterson) [924847 922999]\n[2.6.32-358.7.1]\n- [infiniband] ipoib: Add missing locking when CM object is deleted (Doug Ledford) [928817 913645]", "edition": 4, "modified": "2013-06-11T00:00:00", "published": "2013-06-11T00:00:00", "id": "ELSA-2013-0911", "href": "http://linux.oracle.com/errata/ELSA-2013-0911.html", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:22", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2206", "CVE-2013-2232", "CVE-2013-2851", "CVE-2012-6544", "CVE-2013-2237"], "description": "kernel-uek\n[2.6.32-400.29.3uek]\n- block: do not pass disk names as format strings (Jerry Snitselaar) [Orabug: 17230124] {CVE-2013-2851}\n- af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370765] {CVE-2013-2237}\n- Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371054] {CVE-2012-6544}\n- Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371072] {CVE-2012-6544}\n- ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371079] {CVE-2013-2232}\n- sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371121] {CVE-2013-2206}\n- sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372129] {CVE-2013-2206}", "edition": 4, "modified": "2013-08-28T00:00:00", "published": "2013-08-28T00:00:00", "id": "ELSA-2013-2542", "href": "http://linux.oracle.com/errata/ELSA-2013-2542.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.0, "vector": "AV:L/AC:H/Au:S/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:36:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2141", "CVE-2013-4162", "CVE-2013-4387", "CVE-2012-4398", "CVE-2013-4299"], "description": "**Issue Overview:**\n\nThe do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.\n\nThe udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. \n\nnet/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. \n\nThe __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application. \n\nInterpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-devel-3.4.66-55.43.amzn1.i686 \n kernel-debuginfo-common-i686-3.4.66-55.43.amzn1.i686 \n kernel-debuginfo-3.4.66-55.43.amzn1.i686 \n kernel-3.4.66-55.43.amzn1.i686 \n kernel-tools-debuginfo-3.4.66-55.43.amzn1.i686 \n kernel-headers-3.4.66-55.43.amzn1.i686 \n kernel-tools-3.4.66-55.43.amzn1.i686 \n \n noarch: \n kernel-doc-3.4.66-55.43.amzn1.noarch \n \n src: \n kernel-3.4.66-55.43.amzn1.src \n \n x86_64: \n kernel-3.4.66-55.43.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.4.66-55.43.amzn1.x86_64 \n kernel-tools-3.4.66-55.43.amzn1.x86_64 \n kernel-headers-3.4.66-55.43.amzn1.x86_64 \n kernel-debuginfo-3.4.66-55.43.amzn1.x86_64 \n kernel-tools-debuginfo-3.4.66-55.43.amzn1.x86_64 \n kernel-devel-3.4.66-55.43.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-10-16T20:53:00", "published": "2013-10-16T20:53:00", "id": "ALAS-2013-233", "href": "https://alas.aws.amazon.com/ALAS-2013-233.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}}]}
