DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:880928", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for kernel CESA-2009:0014 centos4 i386", "description": "Check for the Version of kernel", "published": "2011-08-09T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=880928", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html", "2009:0014"], "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "immutableFields": [], "lastseen": "2017-07-25T10:55:32", "viewCount": 7, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0885", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0014", "CESA-2009:1550"]}, {"type": "cve", "idList": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1630-1:8E4BC", "DEBIAN:DSA-1636-1:2F315", "DEBIAN:DSA-1681-1:67CE4", "DEBIAN:DSA-1687-1:1BA38", "DEBIAN:DSA-1787-1:1654D", "DEBIAN:DSA-1794-1:CF19C"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7", "FEDORA:BB6D9208DB1"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0885.NASL", "CENTOS_RHSA-2008-0973.NASL", "CENTOS_RHSA-2009-0014.NASL", "CENTOS_RHSA-2009-1550.NASL", "DEBIAN_DSA-1630.NASL", "DEBIAN_DSA-1636.NASL", "DEBIAN_DSA-1681.NASL", "DEBIAN_DSA-1687.NASL", "DEBIAN_DSA-1787.NASL", "DEBIAN_DSA-1794.NASL", "FEDORA_2008-11593.NASL", "FEDORA_2008-11618.NASL", "MANDRIVA_MDVSA-2008-234.NASL", "MANDRIVA_MDVSA-2008-246.NASL", "MANDRIVA_MDVSA-2009-032.NASL", "ORACLELINUX_ELSA-2008-0885.NASL", "ORACLELINUX_ELSA-2008-0973.NASL", "ORACLELINUX_ELSA-2009-0014.NASL", "ORACLELINUX_ELSA-2009-0264.NASL", "ORACLELINUX_ELSA-2009-1550.NASL", "ORACLEVM_OVMSA-2008-2006.NASL", "REDHAT-RHSA-2008-0885.NASL", "REDHAT-RHSA-2008-0973.NASL", "REDHAT-RHSA-2009-0001.NASL", "REDHAT-RHSA-2009-0014.NASL", "REDHAT-RHSA-2009-0021.NASL", "REDHAT-RHSA-2009-0225.NASL", "REDHAT-RHSA-2009-0264.NASL", "REDHAT-RHSA-2009-1550.NASL", "SL_20080924_KERNEL_ON_SL5_X.NASL", "SL_20081216_KERNEL_ON_SL3_X.NASL", "SL_20090114_KERNEL_ON_SL4_X.NASL", "SL_20090210_KERNEL_ON_SL5_X.NASL", "SL_20091103_KERNEL_ON_SL3_X.NASL", "SUSE9_12636.NASL", "SUSE_11_0_KERNEL-080822.NASL", "SUSE_11_0_KERNEL-090114.NASL", "SUSE_KERNEL-5565.NASL", "SUSE_KERNEL-5566.NASL", "SUSE_KERNEL-5605.NASL", "SUSE_KERNEL-5608.NASL", "SUSE_KERNEL-5920.NASL", "SUSE_KERNEL-5924.NASL", "SUSE_KERNEL-5927.NASL", "SUSE_KERNEL-6274.NASL", "UBUNTU_USN-637-1.NASL", "UBUNTU_USN-679-1.NASL", "UBUNTU_USN-714-1.NASL", "UBUNTU_USN-715-1.NASL", "VMWARE_VMSA-2009-0014.NASL", "VMWARE_VMSA-2009-0014_REMOTE.NASL", "VMWARE_VMSA-2010-0010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122516", "OPENVAS:1361412562310122525", "OPENVAS:1361412562310122555", "OPENVAS:136141256231063097", "OPENVAS:136141256231063132", "OPENVAS:136141256231063191", "OPENVAS:136141256231063224", "OPENVAS:136141256231063245", "OPENVAS:136141256231063249", "OPENVAS:136141256231063250", "OPENVAS:136141256231063273", "OPENVAS:136141256231063285", "OPENVAS:136141256231063317", "OPENVAS:136141256231063344", "OPENVAS:136141256231063367", "OPENVAS:136141256231063433", "OPENVAS:136141256231063467", "OPENVAS:136141256231063939", "OPENVAS:136141256231063959", "OPENVAS:136141256231064187", "OPENVAS:136141256231065259", "OPENVAS:136141256231065887", "OPENVAS:136141256231065920", "OPENVAS:136141256231066178", "OPENVAS:136141256231066217", "OPENVAS:1361412562310830503", "OPENVAS:1361412562310830770", "OPENVAS:1361412562310850140", "OPENVAS:1361412562310870022", "OPENVAS:1361412562310870087", "OPENVAS:1361412562310880079", "OPENVAS:1361412562310880082", "OPENVAS:1361412562310880838", "OPENVAS:1361412562310880928", "OPENVAS:1361412562310880937", "OPENVAS:61436", "OPENVAS:61594", "OPENVAS:62843", "OPENVAS:62957", "OPENVAS:63097", "OPENVAS:63132", "OPENVAS:63191", "OPENVAS:63224", "OPENVAS:63245", "OPENVAS:63249", "OPENVAS:63250", "OPENVAS:63273", "OPENVAS:63285", "OPENVAS:63309", "OPENVAS:63317", "OPENVAS:63344", "OPENVAS:63367", "OPENVAS:63433", "OPENVAS:63467", "OPENVAS:63939", "OPENVAS:63959", "OPENVAS:64164", "OPENVAS:64187", "OPENVAS:65259", "OPENVAS:65887", "OPENVAS:65920", "OPENVAS:66178", "OPENVAS:66217", "OPENVAS:830503", "OPENVAS:830770", "OPENVAS:840288", "OPENVAS:840325", "OPENVAS:850019", "OPENVAS:850037", "OPENVAS:850140", "OPENVAS:860465", "OPENVAS:860598", "OPENVAS:870022", "OPENVAS:870087", "OPENVAS:880079", "OPENVAS:880082", "OPENVAS:880838", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0885", "ELSA-2008-0973", "ELSA-2009-0014", "ELSA-2009-0225", "ELSA-2009-0264", "ELSA-2009-1243", "ELSA-2009-1550"]}, {"type": "osv", "idList": ["OSV:DSA-1630-1", "OSV:DSA-1636-1", "OSV:DSA-1681-1", "OSV:DSA-1687-1", "OSV:DSA-1787-1", "OSV:DSA-1794-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0787", "RHSA-2008:0857", "RHSA-2008:0885", "RHSA-2008:0973", "RHSA-2009:0001", "RHSA-2009:0009", "RHSA-2009:0014", "RHSA-2009:0021", "RHSA-2009:0053", "RHSA-2009:0225", "RHSA-2009:0264", "RHSA-2009:1550"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20387", "SECURITYVULNS:DOC:20515", "SECURITYVULNS:DOC:20907", "SECURITYVULNS:DOC:21097", "SECURITYVULNS:DOC:21767", "SECURITYVULNS:VULN:9235", "SECURITYVULNS:VULN:9285", "SECURITYVULNS:VULN:9453", "SECURITYVULNS:VULN:9488", "SECURITYVULNS:VULN:9555", "SECURITYVULNS:VULN:9633"]}, {"type": "seebug", "idList": ["SSV:4139", "SSV:4428", "SSV:4459", "SSV:4610"]}, {"type": "suse", "idList": ["SUSE-SA:2008:044", "SUSE-SA:2008:048", "SUSE-SA:2008:049", "SUSE-SA:2008:057", "SUSE-SA:2009:003", "SUSE-SA:2009:004", "SUSE-SA:2009:008", "SUSE-SA:2009:010", "SUSE-SA:2009:030", "SUSE-SA:2010:036"]}, {"type": "ubuntu", "idList": ["USN-637-1", "USN-679-1", "USN-714-1", "USN-715-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-3275", "UB:CVE-2008-4933", "UB:CVE-2008-4934", "UB:CVE-2008-5025", "UB:CVE-2008-5029", "UB:CVE-2008-5300", "UB:CVE-2008-5702"]}, {"type": "veracode", "idList": ["VERACODE:23414", "VERACODE:23512", "VERACODE:23524", "VERACODE:23571", "VERACODE:23572", "VERACODE:23573"]}, {"type": "vmware", "idList": ["VMSA-2009-0014", "VMSA-2009-0014.3", "VMSA-2010-0010"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0885", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0014", "CESA-2009:1550"]}, {"type": "cve", "idList": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5702"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1630-1:8E4BC"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2008-5300/"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1681.NASL", "DEBIAN_DSA-1794.NASL", "SUSE_KERNEL-5924.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063132", "OPENVAS:136141256231063317", "OPENVAS:136141256231065259", "OPENVAS:136141256231066178", "OPENVAS:1361412562310880838", "OPENVAS:64164", "OPENVAS:830770", "OPENVAS:850019"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0885", "ELSA-2008-0973", "ELSA-2009-0014", "ELSA-2009-0225", "ELSA-2009-0264", "ELSA-2009-1550"]}, {"type": "redhat", "idList": ["RHSA-2008:0787", "RHSA-2008:0885", "RHSA-2008:0973", "RHSA-2009:0014", "RHSA-2009:0264"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20907"]}, {"type": "seebug", "idList": ["SSV:4428"]}, {"type": "suse", "idList": ["SUSE-SA:2009:003", "SUSE-SA:2009:030"]}, {"type": "ubuntu", "idList": ["USN-714-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-5025"]}, {"type": "vmware", "idList": ["VMSA-2010-0010"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-5702", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2008-5029", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2008-5025", "epss": "0.002510000", "percentile": "0.612670000", "modified": "2023-03-15"}, {"cve": "CVE-2008-5300", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2008-4933", "epss": "0.002850000", "percentile": "0.637680000", "modified": "2023-03-15"}, {"cve": "CVE-2008-3275", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2008-4934", "epss": "0.002310000", "percentile": "0.594520000", "modified": "2023-03-15"}], "vulnersScore": 0.8}, "_state": {"dependencies": 1678913968, "score": 1683821708, "epss": 1678928294}, "_internal": {"score_hash": "d6b6f899a1a2833680abfa77aaf062b7"}, "pluginID": "880928", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0014 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * the sendmsg() function in the Linux kernel did not block during UNIX\n socket garbage collection. This could, potentially, lead to a local denial\n of service. (CVE-2008-5300, Important)\n \n * when fput() was called to close a socket, the __scm_destroy() function in\n the Linux kernel could make indirect recursive calls to itself. This could,\n potentially, lead to a local denial of service. (CVE-2008-5029, Important)\n \n * a deficiency was found in the Linux kernel virtual file system (VFS)\n implementation. This could allow a local, unprivileged user to make a\n series of file creations within deleted directories, possibly causing a\n denial of service. (CVE-2008-3275, Moderate)\n \n * a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog\n timer driver. This deficiency could lead to a possible information leak. By\n default, the "/dev/watchdog" device is accessible only to the root user.\n (CVE-2008-5702, Low)\n \n * the hfs and hfsplus file systems code failed to properly handle corrupted\n data structures. This could, potentially, lead to a local denial of\n service. (CVE-2008-4933, CVE-2008-5025, Low)\n \n * a flaw was found in the hfsplus file system implementation. This could,\n potentially, lead to a local denial of service when write operations were\n performed. (CVE-2008-4934, Low)\n \n This update also fixes the following bugs:\n \n * when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running\n Intel\u00ae CPUs, the cpuspeed daemon did not run, preventing the CPU speed from\n being changed, such as not being reduced to an idle state when not in use.\n \n * mmap() could be used to gain access to beyond the first megabyte of RAM,\n due to insufficient checks in the Linux kernel code. Checks have been added\n to prevent this.\n \n * attempting to turn keyboard LEDs on and off rapidly on keyboards with\n slow keyboard controllers, may have caused key presses to fail.\n \n * after migrating a hypervisor guest, the MAC address table was not\n updated, causing packet loss and preventing network connections to the\n guest. Now, a gratuitous ARP request is sent after migration. This\n refreshes the ARP caches, minimizing network downtime.\n \n * writing crash dumps with diskdump may have caused a kernel panic on\n Non-Uniform Memory Access (NUMA) systems with certain memory\n configurations.\n \n * on big-endian systems, such as PowerPC, the getsockopt() function\n incorrectly returned 0 depending on ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\");\n script_id(880928);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0014\");\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \n \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_name(\"CentOS Update for kernel CESA-2009:0014 centos4 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.13.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks"}

{"oraclelinux": [{"lastseen": "2019-05-29T18:38:46", "description": "[2.6.9-78.0.13.0.1.EL]\n- fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) \n [orabug 5931647]\n- fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) \n [orabug 6845794]\n- fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]\n- fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648]\n- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane) \n [orabug 6125546]\n- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]\n- fix guest spinning in xen (Herbert van den Bergh) [orabug 7004010]\n- fix serial port lock recursion (Herbert van den Bergh) [orabug 6761872]\n- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]\n- fix in nfs_attribute_timeout() (Trond Myklebust) [orabug 7378108]\n- use lfence instead of cpuid instruction to implement memory barriers\n (Herbert van den Bergh) [orabug 7452412]\n- add netpoll support to xen netfront (Tina Yang) [orabz 7261]\n- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395]\n- port Red Hat bug 472572: HVM crash in net/core/dev.c during boot [orabug 7653948]\n The following Red Hat patches were ported from the source RPM at:\n http://people.redhat.com/vgoyal/rhel4/SRPMS.kernel/kernel-2.6.9-78.22.EL.src.rpm\n linux-2.6.9-xen-fix-netfront-mem-leak.patch\n linux-2.6.9-xen-xen-vnif-stops-working-on-reception-of-duplicat.patch\n linux-2.6.9-xen-guest-will-crash-if-rtl8139-nic-is-only-one-spe.patch\n- fix kernel null dereference in ap_suspend() during migration [orabug 7635625]\n Ported from the el5u2 xenpv-0.1-9.0.1.el5 patch\n ovs-bugz7262-fix-migration-hang-due-to-write-lock-starvation.patch.\n In el5u2, the fix is to the xenpv driver. For el4u7, the xenpv driver\n was moved into the kernel.\n- port el4u6 xenpv patch (orabug 7442030) for live migration hang \n [orabug 7458244]\n- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit \n dom0 [orabug 7452107]\n- [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki, \n Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839] \n- [nfs] update fix for attribute caching when using actimeo=0 (Chuck Lever, \n John Sobecki) [ORABUG 7131141,7156607,7388056] [RHBZ 446083,476726]\n- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) \n [orabug 6110605]\n[2.6.9-78.0.13]\n-net: fix unix socket panic patch missing hunk (Neil Horman) [473267 473268] {CVE-2008-5300}\n[2.6.9-78.0.12]\n-revert: fix race between poll_napi and net_rx_action (Andy Gospodarek) [475970 463815]\n[2.6.9-78.0.11]\n-net: fix unix socket panic patch regression (Neil Horman) [470433 470434 473267 473268] {CVE-2008-5029 CVE-2008-5300}\n-net: fix race between poll_napi and net_rx_action (Andy Gospodarek) [475970 463815]\n-kernel: watchdog: fix buffer_underflow bug (Eugene Teo) [475738 475739]\n-xen: fix lost packets when live migrating (Don Dutile) [469891 460874]\n-xen: remove /proc/xen from fv and bare metal kernels (Don Dutile) [476534 460984]\n[2.6.9-78.0.10]\n-fix cpuspeed not working on intel based servers (Tony Camuso) [458156 440267]\n-fix regression in cpuspeed (Prarit Bhargava) [458156 440267]\n-cpuspeed: fix transition of p-states (Tony Camuso) [458156 440267]\n-net: fix unix socket panic (Neil Horman) [470433 470434] {CVE-2008-5029}\n-hfsplus: fix buffer overflow with a corrupted image (Anton Arapov) [469635 469636] {CVE-2008-4933}\n-hfsplus: check read_mapping_page return value (Anton Arapov) [469642 469643] {CVE-2008-4934}\n-hfs: fix namelength memory corruption (Anton Arapov) [470770 470771] {CVE-2008-5025}\n-add range_is_allowed check to mmap_mem (Eugene Teo) [460862 460859]\n-fix add range_is_allowed check regression (Vitaly Mayatskikh) [460862 460859]\n[2.6.9-78.0.9]\n-atkbd: cancel delayed work before freeing its structure (Jiri Pirko) [461239 461240]\n-atkbd: delay executing of led switching request (Jiri Pirko) [461239 461240]\n-kernel: fix copy_user on x86_64 for read of < 8 bytes (Larry Woodman) [471015 453053]\n-fix diskdump failure when numa is on (Takao Indoh) [470034 457736]\n-ipv4: fix byte value boundary check in ip_getsockopt (Jiri Pirko) [470196 462741]\n-fix linux kernel local filesystem dos (Eugene Teo) [457863 457864] {CVE-2008-3275}\n-netpoll: play nicely with bonding (Andy Gospodarek) [471391 248374]\n-sched: fix isolcpus vs balance bug (Peter Zijlstra) [471222 461156]", "cvss3": {}, "published": "2009-01-15T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-5702", "CVE-2008-5029", "CVE-2008-5025", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-3275", "CVE-2008-4934"], "modified": "2009-01-15T00:00:00", "id": "ELSA-2009-0014", "href": "http://linux.oracle.com/errata/ELSA-2009-0014.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:16", "description": "[2.6.18-128.1.1.0.1.el5]\n- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759]\n- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]\n- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]\n[2.6.18-128.1.1.el5]\n- [security] introduce missing kfree (Jiri Pirko ) [480597 480598] {CVE-2009-0031}\n- [sched] fix clock_gettime monotonicity (Peter Zijlstra ) [481122 477763]\n- [nfs] create rpc clients with proper auth flavor (Jeff Layton ) [481119 465456]\n- [net] sctp: overflow with bad stream ID in FWD-TSN chunk (Eugene Teo ) [478804 478805] {CVE-2009-0065}\n- [md] fix oops with device-mapper mirror target (Heinz Mauelshagen ) [481120 472558]\n- [openib] restore traffic in connected mode on HCA (AMEET M. PARANJAPE ) [479812 477000]\n- [net] add preemption point in qdisc_run (Jiri Pirko ) [477746 471398] {CVE-2008-5713}\n- [x86_64] copy_user_c assembler can leave garbage in rsi (Larry Woodman ) [481117 456682]\n- [misc] setpgid returns ESRCH in some situations (Oleg Nesterov ) [480576 472433]\n- [s390] zfcp: fix hexdump data in s390dbf traces (Hans-Joachim Picht ) [480996 470618]\n- [fs] hfsplus: fix buffer overflow with a corrupted image (Anton Arapov ) [469637 469638] {CVE-2008-4933}\n- [fs] hfsplus: check read_mapping_page return value (Anton Arapov ) [469644 469645] {CVE-2008-4934}\n- [fs] hfs: fix namelength memory corruption (Anton Arapov ) [470772 470773] {CVE-2008-5025}", "cvss3": {}, "published": "2009-02-11T00:00:00", "type": "oraclelinux", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-5713", "CVE-2008-5025", "CVE-2009-0065", "CVE-2008-4933", "CVE-2009-0031", "CVE-2008-4934"], "modified": "2009-02-11T00:00:00", "id": "ELSA-2009-0264", "href": "http://linux.oracle.com/errata/ELSA-2009-0264.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:23", "description": "[2.4.21-63.0.0.0.1.EL]\n- add directio support for qla drivers (herb) [ora 6346849]\n- support PT Quad card [ora 5751043]\n- io to nfs partition hangs [ora 5088963]\n- add entropy for bnx2 nic [ora 5931647]\n- avoid large allocation-fragmentation in MTU (zab)\n- fix clear highpage (wli)\n[2.4.21-63.EL]\n- fs: fix pipe null pointer dereference (Don Howard) [530935] {CVE-2009-3547}\n[2.4.21-61.EL]\n- ipv6: use timer pending to fix bridge reference count problem (Don Howard) [457010]\n- net: fix unix socket panic (Don Howard) [470432] {CVE-2008-5029}\n- unix: fix oom with unix socket garbage collector [473266] {CVE-2008-5300}\n- exit_notify: kill the wrong capable check (Don Howard) [497266] {CVE-2009-1337}\n- e1000: fix skb_over_panic (Don Howard) [503439] {CVE-2009-1385}\n- net: ensure devname passed to SO_BINDTODEVICE is NULL-terminated (Don Howard) [505514]\n- kernel: personality handling: fix per_clear_on_setid (Don Howard) [508845] {CVE-2009-1895}\n- build with fno-delete-null-pointer-checks (Don Howard) [511185]\n- implement mmap_min_addr infrastructure (Don Howard) [512642]\n- execve: must clear current->clear_child_tid (Don Howard) [515426] {CVE-2009-2848}\n- net: Fix info leaks in getname() implementations (Don Howard) [520292] {CVE-2009-3002}\n- net: ipv4: ip_append_data handle NULL routing table (Don Howard) [520300] ", "cvss3": {}, "published": "2009-11-04T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2009-11-04T00:00:00", "id": "ELSA-2009-1550", "href": "http://linux.oracle.com/errata/ELSA-2009-1550.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:42", "description": "[2.6.18-128.el5]\n- [cifs] cifs_writepages may skip unwritten pages (Jeff Layton ) [470267]\n[2.6.18-127.el5]\n- Revert: [i386]: check for dmi_data in powernow_k8 driver (Prarit Bhargava ) [476184]\n- [xen] re-enable using xenpv in boot path for FV guests (Don Dutile ) [473899]\n- [xen] pv_hvm: guest hang on FV save/restore (Don Dutile ) [475778]\n- [openib] fix ipoib oops in unicast_arp_send (Doug Ledford ) [476005]\n- [scsi] fnic: remove link down count processing (mchristi@redhat.com ) [474935]\n- Revert: [x86] disable hpet on machine_crash_shutdown (Neil Horman ) [475652]\n- [scsi] ibmvscsi: EH fails due to insufficient resources (AMEET M. PARANJAPE ) [475618]\n- [x86_64] proc: export GART region through /proc/iomem (Neil Horman ) [475507]\n- [acpi] add xw8600 and xw6600 to GPE0 block blacklist (Prarit Bhargava ) [475418]\n- [net] cxgb3: fixup embedded firmware problems take 2 (Andy Gospodarek ) [469774]\n[2.6.18-126.el5]\n- [scsi] mpt fusion: disable msi by default (Tomas Henzl ) [474465]\n- [scsi] fcoe: update drivers (mchristi@redhat.com ) [474089]\n- [scsi] fix error handler to call scsi_decide_disposition (Tom Coughlan ) [474345]\n- [scsi] lpfc: fix cancel_retry_delay (Tom Coughlan ) [470610]\n- [x86] disable hpet on machine_crash_shutdown (Neil Horman ) [473038]\n- Revert [mm] keep pagefault from happening under pagelock (Don Zickus ) [473150]\n- [net] enic: update to version 1.0.0.648 (Andy Gospodarek ) [473871]\n- [scsi] qla4xxx: increase iscsi session check to 3-tuple (Marcus Barrow ) [474736]\n- [agp] update the names of some graphics drivers (John Villalovos ) [472438]\n- [net] atm: prevent local denial of service (Eugene Teo ) [473701] {CVE-2008-5079}\n- [scsi] remove scsi_dh_alua (mchristi@redhat.com ) [471920]\n- [scsi] qla2xx/qla84xx: occasional panic on loading (Marcus Barrow ) [472382]\n- [net] cxgb3: eeh and eeprom fixups (Andy Gospodarek ) [441959]\n- [net] cxgb3: fixup embedded firmware problems (Andy Gospodarek ) [469774]\n- [wireless] iwlwifi/mac80211: various small fixes (John W. Linville ) [468967]\n- [x86_64] fix AMD IOMMU boot issue (Joachim Deguara ) [473464]\n- [x86_64] limit num of mce sysfs files removed on suspend (Prarit Bhargava ) [467725]\n- [xen] console: make LUKS passphrase readable (Bill Burns ) [466240]\n- [x86_64] Calgary IOMMU sysdata fixes (Prarit Bhargava ) [474047]\n- [alsa] select 3stack-dig model for SC CELSIUS R670 (Jaroslav Kysela ) [470449]\n- [ata] libata: lba_28_ok sector off by one (David Milburn ) [464868]\n- [ppc64] fix system calls on Cell entered with XER.SO=1 (Jesse Larrew ) [474196]\n- [block] fix max_segment_size, seg_boundary mask setting (Milan Broz ) [471639]\n- [fs] jbd: alter EIO test to avoid spurious jbd aborts (Eric Sandeen ) [472276]\n- [acpi] acpi_cpufreq: fix panic when removing module (Prarit Bhargava ) [472844]\n- [openib] ehca: fix generating flush work completions (AMEET M. PARANJAPE ) [472812]\n- [ata] libata: sata_nv hard reset mcp55 (David Milburn ) [473152]\n- [misc] fix add return signal to ptrace_report_exec (AMEET M. PARANJAPE ) [471112]\n- [misc] utrace: prevent ptrace_induce_signal() crash (Oleg Nesterov ) [469754]\n- [misc] utrace: make ptrace_state refcountable (Oleg Nesterov ) [469754]\n- [net] virtio_net: mergeable receive buffers (Mark McLoughlin ) [473120]\n- [net] virtio_net: jumbo frame support (Mark McLoughlin ) [473114]\n- [net] tun: jumbo frame support (Mark McLoughlin ) [473110]\n- [net] fix unix sockets kernel panic (Neil Horman ) [470436] {CVE-2008-5029}\n- [xen] x86: emulate movzwl with negative segment offsets (Chris Lalancette ) [471801]\n[2.6.18-125.el5]\n- [net] cxgb3: embed firmware in driver (Andy Gospodarek ) [469774]\n- [net] cxgb3: eeh, lro, and multiqueue fixes (Andy Gospodarek ) [441959]\n- [misc] support for Intels Ibex Peak (peterm@redhat.com ) [472961]\n- [audit] race between inotify watch removal and unmount (Josef Bacik ) [472329] {CVE-2008-5182}\n- [net] mlx4: panic when inducing pci bus error (AMEET M. PARANJAPE ) [472769]\n- [s390] cio: DASD device driver times out (Hans-Joachim Picht ) [459803]\n- [misc] hugepages: ia64 stack overflow and corrupt memory (Larry Woodman ) [472802]\n- [net] niu: fix obscure 64-bit read issue (Andy Gospodarek ) [472849]\n- [x86] nmi_watchdog: call do_nmi_callback from traps-xen (Aristeu Rozanski ) [471111]\n- [GFS2] recovery stuck (Abhijith Das ) [465856]\n- [misc] fix check_dead_utrace vs do_wait() race (Oleg Nesterov ) [466774]\n- [scsi] cciss: add two new PCI IDs (Tom Coughlan ) [471679]\n- [x86] fix memory-less NUMA node booting (Prarit Bhargava ) [471424]\n- [pci] generic fix for EEH restore all registers (Jesse Larrew ) [470580]\n- [net] e1000e: remove fix for EEH restore all registers (Jesse Larrew ) [470580]\n- [agp] use contiguous memory to support xen (Rik van Riel ) [412691]\n- [edac] i5000_edac: fix misc/thermal error messages (Aristeu Rozanski ) [471933]\n- [alsa] fix PCM write blocking (Jaroslav Kysela ) [468202]\n- [xen] build xen-platform-pci as a module (Don Dutile ) [472504]\n- [scsi] qla2xx/qla84xx: failure to establish link (Marcus Barrow ) [472382]\n- [acpi] add systems to GPE register blacklist (Prarit Bhargava ) [471341]\n- [ia64] replace printk with mprintk in MCA/INIT context (Kei Tokunaga ) [471970]\n- [usb] add support for dell keyboard 431c:2003 (Mauro Carvalho Chehab ) [471469]\n- [net] e1000e: enable ECC correction on 82571 silicon (Andy Gospodarek ) [472095]\n- [dlm] fix up memory allocation flags (David Teigland ) [471871]\n- [xen] x86: fix highmem-xen.c BUG() (Chris Lalancette ) [452175]\n- [xen] guest crashes if RTL8139 NIC is only one specified (Don Dutile ) [471110]\n- [net] bnx2: fix oops on call to poll_controller (Neil Horman ) [470625]\n- [scsi] update fcoe drivers (mchristi@redhat.com ) [436051]\n- [net] bnx2: add support for 5716s (Andy Gospodarek ) [471903]\n- [openib] IPoIB: fix oops on fabric events (Doug Ledford ) [471890]\n- [libata] force sb600/700 ide mode into ahci on resume (David Milburn ) [466422]\n- [xen] increase maximum DMA buffer size (Rik van Riel ) [412691]\n- [xen] fix physical memory address overflow (Rik van Riel ) [412691]\n[2.6.18-124.el5]\n- [s390] qeth: EDDP for large TSO skb fragment list (Hans-Joachim Picht ) [468068]\n- [s390] missing bits for audit-fork (Alexander Viro ) [461831]\n- [net] ixgbe: add support for 82598AT (Andy Gospodarek ) [454910]\n- [libata] avoid overflow in ata_tf_read_block (David Milburn ) [471576]\n- [md] dm-mpath: NULL ptr access in path activation code (Milan Broz ) [471393]\n- [scsi] qla2xxx: no NPIV for loop connections (Marcus Barrow ) [471269]\n- [ppc64] spufs: clean up page fault error checking (AMEET M. PARANJAPE ) [470301]\n- [fs] cifs: corrupt data due to interleaved write calls (Jeff Layton ) [470267]\n- [misc] lots of interrupts with /proc/.../hz_timer=0 (Hans-Joachim Picht ) [470289]\n- [selinux] recognize addrlabel netlink messages (Thomas Graf ) [446063]\n- [acpi] thinkpad: fix autoloading (Matthew Garrett ) [466816]\n- [net] bnx2x: eeh, unload, probe, and endian fixes (Andy Gospodarek ) [468922]\n- [firewire] various bug and module unload hang fixes (Jay Fenlason ) [469710 469711]\n[2.6.18-123.el5]\n- [s390] cio: reduce cpu utilization during device scan (Hans-Joachim Picht ) [459793]\n- [s390] cio: fix double unregistering of subchannels (Hans-Joachim Picht ) [456087]\n- [video] uvc: buf overflow in format descriptor parsing (Jay Fenlason ) [470427] {CVE-2008-3496}\n- [usb] add HID_QUIRK_RESET_LEDS to some keyboards (mchehab@infradead.org ) [434538]\n- [acpi] always use 32 bit value for GPE0 on HP xw boxes (Prarit Bhargava ) [456638]\n- [wireless] iwlagn/mac80211 IBSS fixes (John W. Linville ) [438388]\n- [ppc64] cell: fix page fault error checking in spufs (AMEET M. PARANJAPE ) [470301]\n- [input] atkbd: cancel delayed work before freeing struct (Jiri Pirko ) [461233]\n- [openib] ehca: deadlock race when creating small queues (Jesse Larrew ) [470137]\n- [openib] mthca: fix dma mapping leak (AMEET M. PARANJAPE ) [469902]\n- [openib] ib_core: use weak ordering for user memory (AMEET M. PARANJAPE ) [469902]\n- [ppc64] dma-mapping: provide attributes on cell platform (AMEET M. PARANJAPE ) [469902]\n- [net] bnx2: prevent ethtool -r EEH event (AMEET M. PARANJAPE ) [469962]\n- [net] bonding: update docs for arp_ip_target behavior (Andy Gospodarek ) [468870]\n- [xen] uninitialized watch structure can lead to crashes (Don Dutile ) [465849]\n- [openib] ehca: remove ref to QP if port activation fails (AMEET M. PARANJAPE ) [469941]\n- [usb] fix locking for input devices (James Paradis ) [468915]\n- [nfs] oops in direct I/O error handling (Steve Dickson ) [466164]\n- [md] crash in device mapper if the user removes snapshot (Mikulas Patocka ) [468473]\n- [openib] config update: enable some debugging (Doug Ledford ) [469410]\n- [sata] libata is broken with large disks (David Milburn ) [469715]\n- [md] dm-raid1: support extended status output (Jonathan Brassow ) [437177]\n- [s390] qdio: repair timeout handling for qdio_shutdown (Hans-Joachim Picht ) [463164]\n- [openib] race in ipoib_cm_post_receive_nonsrq (AMEET M. PARANJAPE ) [463485]\n- [xen] remove contiguous_bitmap (Chris Lalancette ) [463500]\n- [xen] ia64: backport check_pages_physically_contiguous (Chris Lalancette ) [463500]\n- [ppc64] cell: corrupt SPU coredump notes (AMEET M. PARANJAPE ) [431881]\n- [ppc64] spufs: missing context switch notification log-2 (AMEET M. PARANJAPE ) [462622]\n- [ppc64] spufs: missing context switch notification log-1 (AMEET M. PARANJAPE ) [462622]\n- [misc] spec: add generic Obsoletes for 3rd party drivers (Jon Masters ) [460047]\n- [x86] vDSO: use install_special_mapping (Peter Zijlstra ) [460276] {CVE-2008-3527}\n- [xen] limit node poking to available nodes (Joachim Deguara ) [449803]\n- [xen] live migration of PV guest fails (Don Dutile ) [469230]\n[2.6.18-122.el5]\n- [acpi] check common dmi tables on systems with acpi (Andy Gospodarek ) [469444]\n- [scsi] qla3xxx, qla4xxx: update/use new version format (Marcus Barrow ) [469414]\n- [md] dm-stripe.c: RAID0 event handling (Heinz Mauelshagen ) [437173]\n- [md] dm-raid45.c: add target to makefile (Heinz Mauelshagen ) [437180]\n- [md] dm-raid45.c: revert to RHEL5 dm-io kabi (Heinz Mauelshagen ) [437180]\n- [wireless] iwlwifi: avoid sleep in softirq context (John W. Linville ) [467831]\n- [net] bonding: allow downed interface before mod remove (Andy Gospodarek ) [467244]\n- [acpi] fix boot hang on old systems without _CST methods (Matthew Garrett ) [467927]\n- [scsi] qla2xxx: fix entries in class_device_attributes (Marcus Barrow ) [468873]\n- [ppc64] clock_gettime is not incrementing nanoseconds (AMEET M. PARANJAPE ) [469073]\n- [scsi] add fnic driver (mchristi@redhat.com ) [462385]\n- [scsi] add libfc and software fcoe driver (mchristi@redhat.com ) [436051]\n- [openib] ppc64: fix using SDP on 64K page systems (AMEET M. PARANJAPE ) [468872]\n- [fs] ext4: delay capable checks to avoid avc denials (Eric Sandeen ) [467216]\n- [fs] ext3: fix accessing freed memory in ext3_abort (Eric Sandeen ) [468547]\n- [fs] autofs4: correct offset mount expire check (Ian Kent ) [468187]\n- [fs] autofs4: cleanup autofs mount type usage (Ian Kent ) [468187]\n- [openib] ehca: queue and completion pair setup problem (AMEET M. PARANJAPE ) [468237]\n- [xen] PV: dom0 hang when device re-attached to in guest (Don Dutile ) [467773]\n- [scsi] qla2xxx: correct Atmel flash-part handling (Marcus Barrow ) [468573]\n- [scsi] qla2xxx: 84xx show FW VER and netlink code fixes (Marcus Barrow ) [464681]\n- [scsi] qla2xxx: restore disable by default of MSI, MSI-X (Marcus Barrow ) [468555]\n- [scsi] lpfc: Emulex RHEL-5.3 bugfixes (Tom Coughlan ) [461795]\n- [s390] qdio: speedup multicast on full HiperSocket queue (Hans-Joachim Picht ) [463162]\n- [ppc64] kexec/kdump: disable ptcal on QS21 (AMEET M. PARANJAPE ) [462744]\n- [ppc64] ptcal has to be disabled to use kexec on QS21 (AMEET M. PARANJAPE ) [462744]\n- [net] ixgbe: bring up device without crashing fix (AMEET M. PARANJAPE ) [467777]\n- [fs] ecryptfs: storing crypto info in xattr corrupts mem (Eric Sandeen ) [468192]\n- [misc] rtc: disable SIGIO notification on close (Vitaly Mayatskikh ) [465747]\n- [net] allow rcv on inactive slaves if listener exists (Andy Gospodarek ) [448144]\n- [net] e1000e: update driver to support recovery (AMEET M. PARANJAPE ) [445299]\n- [xen] virtio_net: some relatively minor fixes (Mark McLoughlin ) [468034]\n- [kabi] add dlm_posix_set_fsid (Jon Masters ) [468538]\n- [wireless] iwlwifi: fix busted tkip encryption _again_ (John W. Linville ) [467831]\n- [x86] make halt -f command work correctly (Ivan Vecera ) [413921]\n- [ppc64] EEH PCI-E: recovery fails E1000; support MSI (AMEET M. PARANJAPE ) [445299]\n- [x86_64] create a fallback for IBM Calgary (Pete Zaitcev ) [453680]\n- [drm] i915 driver arbitrary ioremap (Eugene Teo ) [464509] {CVE-2008-3831}\n- [xen] x86: allow the kernel to boot on pre-64 bit hw (Chris Lalancette ) [468083]\n[2.6.18-121.el5]\n- [net] tun: fix printk warning (Mark McLoughlin ) [468536]\n- [xen] FV: fix lockdep warnings when running debug kernel (Don Dutile ) [459876]\n- [xen] fix crash on IRQ exhaustion (Bill Burns ) [442736]\n- [net] ipv4: fix byte value boundary check (Jiri Pirko ) [468148]\n- [ia64] fix ptrace hangs when following threads (Denys Vlasenko ) [461456]\n- [net] tcp: let skbs grow over a page on fast peers (Mark McLoughlin ) [467845]\n- [md] random memory corruption in snapshots (Mikulas Patocka ) [465825]\n- [misc] ptrace: fix exec report (Jerome Marchand ) [455060]\n- [gfs2] set gfp for data mappings to GFP_NOFS (Steven Whitehouse ) [467689]\n- [nfs] remove recoverable BUG_ON (Steve Dickson ) [458774]\n- [openib] ehca: attempt to free srq when none exists (AMEET M. PARANJAPE ) [463487]\n- [fs] dont allow splice to files opened with O_APPEND (Eugene Teo ) [466710] {CVE-2008-4554}\n- [fs] ext4: add missing aops (Eric Sandeen ) [466246]\n- [ppc64] add missing symbols to vmcoreinfo (Neil Horman ) [465396]\n- [net] sctp: INIT-ACK indicates no AUTH peer support oops (Eugene Teo ) [466082] {CVE-2008-4576}\n- [ppc64] fix race for a free SPU (AMEET M. PARANJAPE ) [465581]\n- [ppc64] SPUs hang when run with affinity-2 (AMEET M. PARANJAPE ) [464686]\n- [ppc64] SPUs hang when run with affinity-1 (AMEET M. PARANJAPE ) [464686]\n- [openib] ehca: add flush CQE generation (AMEET M. PARANJAPE ) [462619]\n- [x86] PAE: limit RAM to 64GB/PAE36 (Larry Woodman ) [465373]\n- [nfs] portmap client race (Steve Dickson ) [462332]\n- [input] atkbd: delay executing of LED switching request (Jiri Pirko ) [461233]\n- [x86] powernow_k8: depend on newer version of cpuspeed (Brian Maly ) [468764]\n- [fs] ext4: fix warning on x86_64 build (Eric Sandeen ) [463277]\n- [crypto] fix ipsec crash with MAC longer than 16 bytes (Neil Horman ) [459812]\n- [fs] ecryptfs: depend on newer version of ecryptfs-utils (Eric Sandeen ) [468772]\n- [ppc64] support O_NONBLOCK in /proc/ppc64/rtas/error_log (Vitaly Mayatskikh ) [376831]\n- [xen] ia64: make viosapic SMP-safe by adding lock/unlock (Tetsu Yamamoto ) [466552]\n- [xen] ia64: VT-i2 performance restoration (Bill Burns ) [467487]\n[2.6.18-120.el5]\n- [misc] futex: fixup futex compat for private futexes (Peter Zijlstra ) [467459]\n- [pci] set domain/node to 0 in PCI BIOS enum code path (Prarit Bhargava ) [463418]\n- [scsi] qla2xxx: prevent NPIV conf for older hbas (Marcus Barrow ) [467153]\n- [scsi] fix oops after trying to removing rport twice (Marcus Barrow ) [465945]\n- [agp] re-introduce 82G965 graphics support (Prarit Bhargava ) [466307]\n- [agp] correct bug in stolen size calculations (Dave Airlie ) [463853]\n- [scsi] qla2xxx: merge errors caused initialize failures (Marcus Barrow ) [442946]\n- [dm] mpath: moving path activation to workqueue panics (Milan Broz ) [465570]\n- [scsi] aacraid: remove some quirk AAC_QUIRK_SCSI_32 bits (Tomas Henzl ) [453472]\n- Revert: [ppc64] compile and include the addnote binary (Don Zickus ) [462663]\n- [scsi] cciss: the output of LUN size and type wrong (Tomas Henzl ) [466030]\n- [misc] posix-timers: event vs dequeue_signal() race (Mark McLoughlin ) [466167]\n- [ata] libata: ahci enclosure management support (David Milburn ) [437190]\n- [gfs2] fix jdata page invalidation (Steven Whitehouse ) [437803]\n- [net] sky2: fix hang resulting from link flap (Neil Horman ) [461681]\n- [ata] libata: ata_piix sata/ide combined mode fix (David Milburn ) [463716]\n- [gfs2] fix for noatime support (Steven Whitehouse ) [462579]\n- [fs] remove SUID when splicing into an inode (Eric Sandeen ) [464452]\n- [fs] open() allows setgid bit when user is not in group (Eugene Teo ) [463687] {CVE-2008-4210}\n- [dlm] add old plock interface (David Teigland ) [462354]\n- [audit] fix NUL handling in TTY input auditing (Miloslav Trmac ) [462441]\n- [xen] ia64: fix INIT injection (Tetsu Yamamoto ) [464445]\n[2.6.18-119.el5]\n- [ppc64] compile and include the addnote binary (Don Zickus ) [462663]\n- [scsi] qla2xxx: new version string defintion (Marcus Barrow ) [465023]\n- [acpi] configs update for acpi-cpufreq driver (Matthew Garrett ) [449787]\n[2.6.18-118.el5]\n- [scsi] fix QUEUE_FULL retry handling (mchristi@redhat.com ) [463709]\n- [drm] support for Intel Cantiga and Eaglelake (Dave Airlie ) [438400]\n- [agp] add support for Intel Cantiga and Eaglelake (Dave Airlie ) [463853]\n- Revert: [mm] fix support for fast get user pages (Dave Airlie ) [447649]\n- [ppc64] netboot image too large (Ameet Paranjape ) [462663]\n- [scsi] scsi_error: retry cmd handling of transport error (mchristi@redhat.com ) [463206]\n- [net] correct mode setting for extended sysctl interface (Neil Horman ) [463659]\n- [net] e1000e: protect ICHx NVM from malicious write/erase (Andy Gospodarek ) [463503]\n- [s390] qdio: fix module ref counting in qdio_free (Hans-Joachim Picht ) [458074]\n- [scsi] qla2xxx: use the NPIV table to instantiate port (Marcus Barrow ) [459015]\n- [scsi] qla2xxx: use the Flash Layout Table (Marcus Barrow ) [459015]\n- [scsi] qla2xxx: use the Flash Descriptor Table (Marcus Barrow ) [459015]\n- [net] enic: add new 10GbE device (Andy Gospodarek ) [462386]\n- [net] ipt_CLUSTERIP: fix imbalanced ref count (Neil Horman ) [382491]\n- [scsi] qla2xxx: update 24xx,25xx firmware for RHEL-5.3 (Marcus Barrow ) [442946]\n- [net] bnx2: fix problems with multiqueue receive (Andy Gospodarek ) [441964]\n- [net] e1000: add module param to set tx descriptor power (Andy Gospodarek ) [436966]\n- [misc] preempt-notifier fixes (Eduardo Habkost ) [459838]\n- [tty] termiox support missing mutex lock (aris ) [445211]\n- [fs] ecryptfs: off-by-one writing null to end of string (Eric Sandeen ) [463478]\n- [misc] add tracepoints to activate/deactivate_task (Jason Baron ) [461966]\n- [scsi] qla2xxx: use rport dev loss timeout consistently (Marcus Barrow ) [462109]\n- [ata] libata: rmmod pata_sil680 hangs (David Milburn ) [462743]\n- [scsi] qla2xxx: support PCI Enhanced Error Recovery (Marcus Barrow ) [462416]\n- [ppc64] subpage protection for pAVE (Brad Peters ) [439489]\n- [ppc64] edac: enable for cell platform (Brad Peters ) [439507]\n[2.6.18-117.el5]\n- [mm] filemap: fix iov_base data corruption (Josef Bacik ) [463134]\n- Revert: [misc] create a kernel checksum file per FIPS140-2 (Don Zickus ) [444632]\n- [x86_64] NMI wd: clear perf counter registers on P4 (Aristeu Rozanski ) [461671]\n- [scsi] failfast bit setting in dm-multipath/multipath (mchristi@redhat.com ) [463470]\n- [scsi] fix hang introduced by failfast changes (Mark McLoughlin ) [463416]\n- [x86_64] revert time syscall changes (Prarit Bhargava ) [461184]\n[2.6.18-116.el5]\n- [x86] mm: fix endless page faults in mount_block_root (Larry Woodman ) [455491]\n- [mm] check physical address range in ioremap (Larry Woodman ) [455478]\n- [scsi] modify failfast so it does not always fail fast (mchristi@redhat.com ) [447586]\n- Revert: [mm] NUMA: system is slow when over-committing memory (Larry Woodman ) [457264]\n- [docs] update kernel-parameters with tick-divider (Chris Lalancette ) [454792]\n- [openib] add an enum for future RDS support (Doug Ledford ) [462551]\n- [pci] allow multiple calls to pcim_enable_device (John Feeney ) [462500]\n- [xen] virtio: include headers in kernel-headers package (Eduardo Pereira Habkost ) [446214]\n- [scsi] libiscsi: data corruption when resending packets (mchristi@redhat.com ) [460158]\n- [gfs2] glock deadlock in page fault path (Bob Peterson ) [458684]\n- [gfs2] panic if you misspell any mount options (Abhijith Das ) [231369]\n- [xen] allow guests to hide the TSC from applications (Chris Lalancette ) [378481] {CVE-2007-5907}\n[2.6.18-115.el5]\n- [scsi] qla2xxx: additional residual-count correction (Marcus Barrow ) [462117]\n- [audit] audit-fork patch (Alexander Viro ) [461831]\n- [net] ipv6: extra sysctls for additional TAHI tests (Neil Horman ) [458270]\n- [nfs] disable the fsc mount option (Steve Dickson ) [447474]\n- [acpi] correctly allow WoL from S4 state (Neil Horman ) [445890]\n- [ia64] procfs: show the size of page table cache (Takao Indoh ) [458410]\n- [ia64] procfs: reduce the size of page table cache (Takao Indoh ) [458410]\n- [fs] ecryptfs: disallow mounts on nfs, cifs, ecryptfs (Eric Sandeen ) [435115]\n- [md] add device-mapper message parser interface (heinzm@redhat.com ) [437180]\n- [md] add device-mapper RAID4/5 stripe locking interface (heinzm@redhat.com ) [437180]\n- [md] add device-mapper dirty region hash file (heinzm@redhat.com ) [437180]\n- [md] add device-mapper object memory cache interface (heinzm@redhat.com ) [437180]\n- [md] add device-mapper object memory cache (heinzm@redhat.com ) [437180]\n- [md] export dm_disk and dm_put (heinzm@redhat.com ) [437180]\n- [md] add device-mapper RAID4/5 target (heinzm@redhat.com ) [437180]\n- [md] add device-mapper message parser (heinzm@redhat.com ) [437180]\n- [md] add device mapper dirty region hash (heinzm@redhat.com ) [437180]\n- [md] add config option for dm RAID4/5 target (heinzm@redhat.com ) [437180]\n- [scsi] qla2xxx: update 8.02.00-k5 to 8.02.00-k6 (Marcus Barrow ) [459722]\n- [kabi] add vscnprintf, down_write_trylock to whitelist (Jon Masters ) [425341]\n- [kabi] add dlm_posix_get/lock/unlock to whitelist (Jon Masters ) [456169]\n- [kabi] add mtrr_add and mtrr_del to whitelist (Jon Masters ) [437129]\n- [kabi] add iounmap to whitelist (Jon Masters ) [435144]\n- [x86] make powernow_k8 a module (Brian Maly ) [438835]\n- [fs] ecryptfs: delay lower file opens until needed (Eric Sandeen ) [429142]\n- [fs] ecryptfs: unaligned access helpers (Eric Sandeen ) [457143]\n- [fs] ecryptfs: string copy cleanup (Eric Sandeen ) [457143]\n- [fs] ecryptfs: discard ecryptfsd registration messages (Eric Sandeen ) [457143]\n- [fs] ecryptfs: privileged kthread for lower file opens (Eric Sandeen ) [457143]\n- [fs] ecryptfs: propagate key errors up at mount time (Eric Sandeen ) [440413]\n- [fs] ecryptfs: update to 2.6.26 codebase (Eric Sandeen ) [449668]\n- Revert [misc] fix wrong test in wait_task_stopped (Anton Arapov ) [382211]\n[2.6.18-114.el5]\n- [xen] cpufreq: fix Nehalem/Supermicro systems (Rik van Riel ) [458894]\n- [net] enable TSO if supported by at least one device (Herbert Xu ) [461866]\n- [crypto] fix panic in hmac self test (Neil Horman ) [461537]\n- [scsi] qla2xxx/qla84xx: update to upstream for RHEL-5.3 (Marcus Barrow ) [461414]\n- [misc] hpilo: cleanup device_create for RHEL-5.3 (tcamuso@redhat.com ) [437212]\n- [misc] hpilo: update driver to 0.5 (tcamuso@redhat.com ) [437212]\n- [misc] hpilo: update to upstream 2.6.27 (tcamuso@redhat.com ) [437212]\n- [misc] futex: private futexes (Peter Zijlstra ) [460593]\n- [misc] preempt-notifiers implementation (Eduardo Habkost ) [459838]\n- [scsi] fusion: update to version 3.04.07 (Tomas Henzl ) [442025]\n- [fs] ext4/vfs/mm: core delalloc support (Eric Sandeen ) [455452]\n- [net] r8169: add support and fixes (Ivan Vecera ) [251252 441626 442635 443623 452761 453563 457892]\n- [md] LVM raid-1 performance fixes (Mikulas Patocka ) [438153]\n- [md] LVM raid-1 performance fixes (Mikulas Patocka ) [438153]\n- [xen] kdump: ability to use makedumpfile with vmcoreinfo (Neil Horman ) [454498]\n- [scsi] aic79xx: reset HBA on kdump kernel boot (Neil Horman ) [458620]\n- [fs] implement fallocate syscall (Eric Sandeen ) [450566]\n- [misc] better clarify package descriptions (Don Zickus ) [249726]\n- [audit] audit TTY input (Miloslav Trmac ) [244135]\n- [scsi] qla2xxx - mgmt. API for FCoE, NetLink (Marcus Barrow ) [456900]\n- [scsi] qla2xxx - mgmt. API, CT pass thru (Marcus Barrow ) [455900]\n- [misc] hrtimer optimize softirq (George Beshers ) [442148]\n- [misc] holdoffs in hrtimer_run_queues (George Beshers ) [442148]\n- [xen] netfront xenbus race (Markus Armbruster ) [453574]\n- [gfs2] NFSv4 delegations fix for cluster systems (Brad Peters ) [433256]\n- [scsi] qla2xxx: update 8.02.00-k1 to 8.02.00.k4 (Marcus Barrow ) [455264]\n- [scsi] qla2xxx: upstream changes from 8.01.07-k7 (Marcus Barrow ) [453685]\n- [scsi] qla2xxx: add more statistics (Marcus Barrow ) [453441]\n- [scsi] qla2xxx: add ISP84XX support (Marcus Barrow ) [442083]\n- [ia64] set default max_purges=1 regardless of PAL return (Luming Yu ) [451593]\n- [ia64] param for max num of concurrent global TLB purges (Luming Yu ) [451593]\n- [ia64] multiple outstanding ptc.g instruction support (Luming Yu ) [451593]\n- [scsi] ST: buffer size doesnt match block size panics (Ivan Vecera ) [443645]\n- [scsi] fix medium error handling with bad devices (Mike Christie ) [431365]\n- [xen] ia64: VT-i2 performance addendum (Bill Burns ) [437096]\n- [xen] HV: ability to use makedumpfile with vmcoreinfo (Neil Horman ) [454498]\n- [xen] ia64: vps save restore patch (Bill Burns ) [437096]\n[2.6.18-113.el5]\n- [xen] remove /proc/xen*/* from bare-metal and FV guests (Don Dutile ) [461532]\n[2.6.18-112.el5]\n- [fs] jbd: test BH_write_EIO to detect errors on metadata (Hideo AOKI ) [439581]\n- [wireless] rt2x00: avoid NULL-ptr deref when probe fails (John W. Linville ) [448763]\n- [x86_64] suspend to disk fails with >4GB of RAM (Matthew Garrett ) [459980]\n- [char] add range_is_allowed check to mmap_mem (Eugene Teo ) [460857]\n- [acpi] add 3.0 _TSD _TPC _TSS _PTC throttling support (Brian Maly ) [440099]\n- [scsi] add scsi device handlers config options (Mike Christie ) [438761]\n- [scsi] scsi_dh: add ALUA handler (mchristi@redhat.com ) [438761]\n- [scsi] scsi_dh: add rdac handler (mchristi@redhat.com ) [438761]\n- [md] dm-mpath: use SCSI device handler (mchristi@redhat.com ) [438761]\n- [scsi] add infrastructure for SCSI Device Handlers (mchristi@redhat.com ) [438761]\n- [misc] driver core: port bus notifiers (mchristi@redhat.com ) [438761]\n- [fs] binfmt_misc: avoid potential kernel stack overflow (Vitaly Mayatskikh ) [459463]\n- [CRYPTO] tcrypt: Change the XTEA test vectors (Herbert Xu ) [446522]\n- [CRYPTO] skcipher: Use RNG instead of get_random_bytes (Herbert Xu ) [446526]\n- [CRYPTO] rng: RNG interface and implementation (Herbert Xu ) [446526]\n- [CRYPTO] api: Add fips_enable flag (Herbert Xu ) [444634]\n- [CRYPTO] cryptomgr - Test ciphers using ECB (Herbert Xu ) [446522]\n- [CRYPTO] api - Use test infrastructure (Herbert Xu ) [446522]\n- [CRYPTO] cryptomgr - Add test infrastructure (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt - Add alg_test interface (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: self test for des3_ebe cipher (Herbert Xu ) [446522]\n- [CRYPTO] api: missing accessors for new crypto_alg field (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Abort and only log if there is an error (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Avoid using contiguous pages (Herbert Xu ) [446522]\n- [CRYPTO] tcrpyt: Remove unnecessary kmap/kunmap calls (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Catch cipher destination mem corruption (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Shrink the tcrypt module (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: AES CBC test vector from NIST SP800-38A (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Change the usage of the test vectors (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Shrink speed templates (Herbert Xu ) [446522]\n- [CRYPTO] tcrypt: Group common speed templates (Herbert Xu ) [446522]\n- [fs] jdb: fix error handling for checkpoint I/O (Hideo AOKI ) [439581]\n- [fs] ext3: add checks for errors from jbd (Hideo AOKI ) [439581]\n- [fs] jbd: fix commit code to properly abort journal (Hideo AOKI ) [439581]\n- [fs] jbd: dont dirty original metadata buffer on abort (Hideo AOKI ) [439581]\n- [fs] jdb: abort when failed to log metadata buffers (Hideo AOKI ) [439581]\n- [fs] ext3: dont read inode block if buf has write error (Hideo AOKI ) [439581]\n- [fs] jdb: add missing error checks for file data writes (Hideo AOKI ) [439581]\n- [net] tun: add IFF_VNET_HDR, TUNGETFEATURES, TUNGETIFF (Herbert Xu ) [459719]\n- [acpi] increase deep idle state residency on platforms-2 (Matthew Garrett ) [455449]\n- [acpi] increase deep idle state residency on platforms (Matthew Garrett ) [455447]\n- [acpi] cpufreq: update to upstream for RHEL-5.3 (Matthew Garrett ) [449787]\n- [acpi] thinkpad_acpi: update to upstream for RHEL-5.3 (Matthew Garrett ) [457101]\n- [xen] fix crash on IRQ exhaustion and increase NR_IRQS (Bill Burns ) [442736]\n- [ide] enable DRAC4 (John Feeney ) [459197]\n- [md] move include files to include/linux for exposure (Jonathan Brassow ) [429337]\n- [md] expose dm.h macros (Jonathan Brassow ) [429337]\n- [md] remove internal mod refs fields from interface (Jonathan Brassow ) [429337]\n- [md] dm-log: move register functions (Jonathan Brassow ) [429337]\n- [md] dm-log: clean interface (Jonathan Brassow ) [429337]\n- [md] clean up the dm-io interface (Jonathan Brassow ) [429337]\n- [md] dm-log: move dirty log into separate module (Jonathan Brassow ) [429337]\n- [md] device-mapper interface exposure (Jonathan Brassow ) [429337]\n- [cifs] enable SPNEGO and DFS upcalls in config-generic (Jeff Layton ) [453462]\n- [fs] cifs: latest upstream for RHEL-5.3 (Jeff Layton ) [453462 431868 443395 445522 446142 447400]\n- [fs] introduce a function to register iget failure (Jeff Layton ) [453462]\n- [fs] proc: fix ->openless usage due to ->proc_fops flip (Jeff Layton ) [453462]\n- [security] key: fix lockdep warning when revoking auth (Jeff Layton ) [453462]\n- [security] key: increase payload size when instantiating (Jeff Layton ) [453462]\n- [fs] call flush_disk after detecting an online resize (Jeff Moyer ) [444964]\n- [fs] add flush_disk to flush out common buffer cache (Jeff Moyer ) [444964]\n- [fs] check for device resize when rescanning partitions (Jeff Moyer ) [444964]\n- [fs] adjust block device size after an online resize (Jeff Moyer ) [444964]\n- [fs] wrapper for lower-level revalidate_disk routines (Jeff Moyer ) [444964]\n- [scsi] sd: revalidate_disk wrapper (Jeff Moyer ) [444964]\n- [xen] virtio: add PV network and block drivers for KVM (Mark McLoughlin ) [446214]\n- [misc] remove MAX_ARG_PAGES limit: var length argument (Jerome Marchand ) [443659]\n- [misc] remove MAX_ARG_PAGES limit: rework execve audit (Jerome Marchand ) [443659]\n- [misc] remove MAX_ARG_PAGES limit: independent stack top (Jerome Marchand ) [443659]\n- [ia64] kprobes: support kprobe-booster (Masami Hiramatsu ) [438733]\n- [audit] fix compile when CONFIG_AUDITSYSCALL is disabled (Prarit Bhargava ) [452577]\n- [nfs] v4: handle old format exports gracefully (Brad Peters ) [427424]\n- [xen] x86: fix building with max_phys_cpus=128 (Bill Burns ) [447958]\n- [xen] Intel EPT 2MB patch (Bill Burns ) [426679]\n- [xen] Intel EPT Migration patch (Bill Burns ) [426679]\n- [xen] Intel EPT Patch (Bill Burns ) [426679]\n- [xen] Intel pre EPT Patch (Bill Burns ) [426679]\n- [xen] AMD 2MB backing pages support (Bhavna Sarathy ) [251980]\n[2.6.18-111.el5]\n- [ia64] kabi: remove sn symbols from whitelist (Jon Masters ) [455308]\n- [net] bnx2x: update to upstream version 1.45.21 (Andy Gospodarek ) [442026]\n- [net] cxgb3: updates and lro fixes (Andy Gospodarek ) [441959]\n- [net] niu: enable support for Sun Neptune cards (Andy Gospodarek ) [441416]\n- [scsi] scsi_host_lookup: error returns and NULL pointers (Tom Coughlan ) [460195]\n- [scsi] scsi_netlink: transport/LLD receive/event support (Tom Coughlan ) [460195]\n- [misc] install correct kernel chksum file for FIPS140-2 (Chris Lalancette ) [444632]\n- [net] ixgbe: update to version 1.3.18-k4 (Andy Gospodarek ) [436044]\n- [dlm] fix address compare (David Teigland ) [459585]\n- [net] bonding: fix locking in 802.3ad mode (Andy Gospodarek ) [457300]\n- [openib] OFED-1.3.2-pre update (Doug Ledford ) [439565 443476 453110 458886 459052 458375 459052 230035 460623]\n- [md] dm snapshot: use per device mempools (Mikulas Patocka ) [460846]\n- [md] dm kcopyd: private mempool (Mikulas Patocka ) [460845]\n- [md] deadlock with nested LVMs (Mikulas Patocka ) [460845]\n- [net] skge: dont clear MC state on link down (Andy Gospodarek ) [406051]\n- [net] sky2: re-enable 88E8056 for most motherboards (Andy Gospodarek ) [420961]\n- [net] update myri10ge 10Gbs ethernet driver (Flavio Leitner ) [357191]\n- [net] bnx2: update to upstream version 1.7.9 (Andy Gospodarek ) [441964]\n- [net] e1000e: update to upstream version 0.3.3.3-k2 (Andy Gospodarek ) [436045]\n- [net] tg3: update to upstream version 3.93 (Andy Gospodarek ) [441975 440958 436686]\n- [net] igb: update to upstream version 1.2.45-k2 (Andy Gospodarek ) [436040]\n- [misc] intel: new SATA, USB, HD Audio and I2C(SMBUS) ids (John Villalovos ) [433538]\n- [net] bnx2x: update to upstream version 1.45.20 (Andy Gospodarek ) [442026]\n- [net] ixgb: hardware support and other upstream fixes (Andy Gospodarek ) [441609]\n- [x86] amd oprofile: support instruction based sampling (Bhavna Sarathy ) [438385]\n- [scsi] cciss: support for sg_ioctl (Tomas Henzl ) [250483]\n- [scsi] cciss: support for new controllers (Tomas Henzl ) [437497 447427]\n- [net] pppoe: check packet length on all receive paths (Jiri Pirko ) [457013]\n- [scsi] iscsi: fix nop timeout detection (mchristi@redhat.com ) [453969]\n- [scsi] lpfc: update to version 8.2.0.30 (Tom Coughlan ) [441746]\n- [md] fix handling of sense buffer in eh commands (Doug Ledford ) [441640]\n- [md] fix error propogation in raid arrays (Doug Ledford ) [430984]\n- [md] dm: reject barrier requests (Milan Broz ) [458936]\n- [scsi] 3w-9xxx: update to version 2.26.08.003 (Tomas Henzl ) [451946]\n- [scsi] 3w-xxxx: update to version 1.26.03.000 (Tomas Henzl ) [451945]\n- [scsi] megaraid_sas: update to version 4.01-rh1 (Tomas Henzl ) [442913]\n- [md] dm snapshot: fix race during exception creation (Mikulas Patocka ) [459337]\n- [md] dm-snapshots: race condition and data corruption (Mikulas Patocka ) [459337]\n- [md] dm crypt: use cond_resched (Milan Broz ) [459095]\n- [md] dm mpath: fix bugs in error paths (Milan Broz ) [459092]\n- [mm] fix support for fast get user pages (Ed Pollard ) [447649]\n- [xen] ia64 PV: config file changes to add support (Don Dutile ) [442991]\n- [xen] ia64 PV: Kconfig additions (Don Dutile ) [442991]\n- [xen] ia64 PV: Makefile changes (Don Dutile ) [442991]\n- [xen] ia64 PV: shared used header file changes (Don Dutile ) [442991]\n- [IA64] Correct pernodesize calculation (George Beshers ) [455308]\n- [IA64] Fix large MCA bootmem allocation (George Beshers ) [455308]\n- [IA64] Disable/re-enable CPE interrupts on Altix (George Beshers ) [455308]\n- [IA64] Dont set psr.ic and psr.i simultaneously (George Beshers ) [455308]\n- [IA64] Support multiple CPUs going through OS_MCA (George Beshers ) [455308]\n- [IA64] Remove needless delay in MCA rendezvous (George Beshers ) [455308]\n- [IA64] Clean up CPE handler registration (George Beshers ) [455308]\n- [IA64] CMC/CPE: Reverse fetching log and checking poll (George Beshers ) [455308]\n- [IA64] Force error to surface in nofault code (George Beshers ) [455308]\n- [IA64] Fix Altix BTE error return status (George Beshers ) [455308]\n- [IA64] BTE error timer fix (George Beshers ) [455308]\n- [IA64] Update processor_info features (George Beshers ) [455308]\n- [IA64] More Itanium PAL spec updates (George Beshers ) [455308]\n- [IA64] Add se bit to Processor State Parameter structure (George Beshers ) [455308]\n- [IA64] Add dp bit to cache and bus check structs (George Beshers ) [455308]\n- [IA64] PAL calls need physical mode, stacked (George Beshers ) [455308]\n- [IA64] Cache error recovery (George Beshers ) [455308]\n- [IA64] handle TLB errors from duplicate itr.d dropins (George Beshers ) [455308]\n- [IA64] MCA recovery: Montecito support (George Beshers ) [455308]\n[2.6.18-110.el5]\n- [x86_64] use strncmp for memmap=exactmap boot argument (Prarit Bhargava ) [450244]\n- [wireless] compiler warning fixes for mac80211 update (John W. Linville ) [438391]\n- [serial] 8250: support for DTR/DSR hardware flow control (Aristeu Rozanski ) [445215]\n- [tty] add termiox support (Aristeu Rozanski ) [445211]\n- [vt] add shutdown method (Aristeu Rozanski ) [239604]\n- [tty] add shutdown method (Aristeu Rozanski ) [239604]\n- [tty] cleanup release_mem (Aristeu Rozanski ) [239604]\n- [mm] keep pagefault from happening under page lock (Josef Bacik ) [445433]\n- [wireless] iwlwifi: post-2.6.27-rc3 to support iwl5x00 (John W. Linville ) [438388]\n- [net] random32: seeding improvement (Jiri Pirko ) [458019]\n- [usb] work around ISO transfers in SB700 (Pete Zaitcev ) [457723]\n- [x86_64] AMD 8-socket APICID patches (Prarit Bhargava ) [459813]\n- [misc] make printk more robust against kexec shutdowns (Neil Horman ) [458368]\n- [fs] ext4: backport to rhel5.3 interfaces (Eric Sandeen ) [458718]\n- [fs] ext4: Kconfig/Makefile/config glue (Eric Sandeen ) [458718]\n- [fs] ext4: fixes from upstream pending patch queue (Eric Sandeen ) [458718]\n- [fs] ext4: revert delalloc upstream mods (Eric Sandeen ) [458718]\n- [fs] ext4: 2.6.27-rc3 upstream codebase (Eric Sandeen ) [458718]\n- [fs] ext4: new s390 bitops (Eric Sandeen ) [459436]\n- [usb] wacom: add support for Cintiq 20WSX (Aristeu Rozanski ) [248903]\n- [usb] wacom: add support for Intuos3 4x6 (Aristeu Rozanski ) [370471]\n- [usb] wacom: fix maximum distance values (Aristeu Rozanski ) [248903]\n- [x86] hpet: consolidate assignment of hpet_period (Brian Maly ) [435726]\n- [openib] lost interrupt after LPAR to LPAR communication (Brad Peters ) [457838]\n- [firmware] fix ibft offset calculation (mchristi@redhat.com ) [444776]\n- [block] performance fix for too many physical devices (Mikulas Patocka ) [459527]\n- [ide] Fix issue when appending data on an existing DVD (Mauro Carvalho Chehab ) [457025]\n- [misc] fix kernel builds on modern userland (Matthew Garrett ) [461540]\n- [x86_64] AMD IOMMU driver support (Bhavna Sarathy ) [251970]\n- [x86_64] GART iommu alignment fixes (Prarit Bhargava ) [455813]\n- [firewire] latest upstream snapshot for RHEL-5.3 (Jay Fenlason ) [449520 430300 429950 429951]\n- [net] ipv6: configurable address selection policy table (Neil Horman ) [446063]\n- [fs] relayfs: support larger on-memory buffer (Masami Hiramatsu ) [439269]\n- [xen] ia64: speed up hypercall for guest domain creation (Tetsu Yamamoto ) [456171]\n- [xen] make last processed event channel a per-cpu var (Tetsu Yamamoto ) [456171]\n- [xen] process event channel notifications in round-robin (Tetsu Yamamoto ) [456171]\n- [xen] use unlocked_ioctl in evtchn, gntdev and privcmd (Tetsu Yamamoto ) [456171]\n- [xen] disallow nested event delivery (Tetsu Yamamoto ) [456171]\n- [ppc64] spu: add cpufreq governor (Ed Pollard ) [442410]\n- [misc] cleanup header warnings and enable header check (Don Zickus ) [458360]\n- [mm] NUMA: over-committing memory compiler warnings (Larry Woodman ) [457264]\n- [misc] mmtimer: fixes for high resolution timers (George Beshers ) [442186]\n- [x86_64] xen: local DOS due to NT bit leakage (Eugene Teo ) [457722] {CVE-2006-5755}\n- [xen] ia64: mark resource list functions __devinit (Tetsu Yamamoto ) [430219]\n- [xen] ia64: issue ioremap HC in pci_acpi_scan_root (Tetsu Yamamoto ) [430219]\n- [xen] ia64: revert paravirt to ioremap /proc/pci (Tetsu Yamamoto ) [430219]\n- [xen] ia64: disable paravirt to remap /dev/mem (Tetsu Yamamoto ) [430219]\n- [x86_64] kprobe: kprobe-booster and return probe-booster (Masami Hiramatsu ) [438725]\n- [xen] NUMA: extend physinfo sysctl to export topo info (Tetsu Yamamoto ) [454711]\n- [xen] ia64: kludge for XEN_GUEST_HANDLE_64 (Tetsu Yamamoto ) [454711]\n- [xen] ia64: NUMA support (Tetsu Yamamoto ) [454711]\n- [misc] pipe support to /proc/sys/net/core_pattern (Neil Horman ) [410871]\n- [xen] ia64: fix and cleanup move to psr (Tetsu Yamamoto ) [447453]\n- [xen] ia64: turn off psr.i after PAL_HALT_LIGHT (Tetsu Yamamoto ) [447453]\n- [xen] ia64: fix ia64_leave_kernel (Tetsu Yamamoto ) [447453]\n- [xen] page scrub: serialise softirq with a new lock (Tetsu Yamamoto ) [456171]\n- [xen] serialize scrubbing pages (Tetsu Yamamoto ) [456171]\n- [xen] ia64: dont warn for EOI-ing edge triggered intr (Tetsu Yamamoto ) [430219]\n- [xen] ia64: remove regNaT fault message (Tetsu Yamamoto ) [430219]\n- [xen] ia64: suppress warning of __assign_domain_page (Tetsu Yamamoto ) [430219]\n- [xen] ia64: remove annoying log message (Tetsu Yamamoto ) [430219]\n- [xen] ia64: quieter Xen boot (Tetsu Yamamoto ) [430219]\n- [xen] ia64: quiet lookup_domain_mpa when domain is dying (Tetsu Yamamoto ) [430219]\n- [xen] ia64: fix XEN_SYSCTL_physinfo to handle NUMA info (Tetsu Yamamoto ) [454711]\n- [xen] ia64: fixup physinfo (Tetsu Yamamoto ) [454711]\n[2.6.18-109.el5]\n- [misc] cpufreq: fix format string bug (Vitaly Mayatskikh ) [459460]\n- [x86_64] perfctr: dont use CCCR_OVF_PMI1 on Pentium 4 Ds (Aristeu Rozanski ) [447618]\n- [wireless] iwlwifi: fix busted tkip encryption (John W. Linville ) [438388]\n- [wireless] ath5k: fixup Kconfig mess from update (John W. Linville ) [445578]\n- [fs] cifs: fix O_APPEND on directio mounts (Jeff Layton ) [460063]\n- [ia64] oprofile: recognize Montvale cpu as Itanium2 (Dave Anderson ) [452588]\n- [block] aoe: use use bio->bi_idx to avoid panic (Tom Coughlan ) [440506]\n- [x86] make bare-metal oprofile recognize other platforms (Markus Armbruster ) [458441]\n- [scsi] areca: update for RHEL-5.3 (Tomas Henzl ) [436068]\n- [sata] prep work for rhel5.3 (David Milburn ) [439247 445727 450962 451586 455445]\n- [sata] update driver to 2.6.26-rc5 (David Milburn ) [439247 442906 445727 450962 451586 455445 459197]\n- [openib] race between QP async handler and destroy_qp (Brad Peters ) [446109]\n- [mm] dont use large pages to map the first 2/4MB of mem (Larry Woodman ) [455504]\n- [mm] holdoffs in refresh_cpu_vm_stats using latency test (George Beshers ) [447654]\n- [ppc64] cell spufs: fix HugeTLB (Brad Peters ) [439483]\n- [ppc64] cell spufs: update with post 2.6.25 patches (Brad Peters ) [439483]\n- [xen] ia64 oprofile: recognize Montvale cpu as Itanium2 (Dave Anderson ) [452588]\n- [xen] x86: make xenoprof recognize other platforms (Markus Armbruster ) [458441]\n[2.6.18-108.el5]\n- [net] NetXen: remove performance optimization fix (Tony Camuso ) [457958]\n- [net] NetXen: update to upstream 2.6.27 (tcamuso@redhat.com ) [457958]\n- [net] NetXen: fixes from upstream 2.6.27 (tcamuso@redhat.com ) [457958]\n- [net] NetXen: cleanups from upstream 2.6.27 (tcamuso@redhat.com ) [457958]\n- [fs] anon_inodes implementation (Eduardo Habkost ) [459835]\n- [x86] PCI domain support (Jeff Garzik ) [228290]\n- [net] udp: possible recursive locking (Hideo AOKI ) [458909]\n- [gfs2] multiple writer performance issue (Abhijith Das ) [459738]\n- [alsa] asoc: double free and mem leak in i2c codec (Jaroslav Kysela ) [460103]\n- [net] ibmveth: cluster membership problems (Brad Peters ) [460379]\n- [net] ipv6: drop outside of box loopback address packets (Neil Horman ) [459556]\n- [net] dccp_setsockopt_change integer overflow (Vitaly Mayatskikh ) [459235] {CVE-2008-3276}\n- [x86] execute stack overflow warning on interrupt stack (Michal Schmidt ) [459810]\n- [ppc] export LPAR CPU utilization stats for use by hv (Brad Peters ) [439516]\n- [acpi] error attaching device data (peterm@redhat.com ) [459670]\n- [md] fix crashes in iterate_rdev (Doug Ledford ) [455471]\n- [utrace] signal interception breaks systemtap uprobes (Roland McGrath ) [459786]\n- [misc] markers and tracepoints: config patch (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: kabi fix-up patch (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: probes (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: sched patch (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: irq patch (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: create Module.markers (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: markers docs (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: markers samples (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: markers (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: tracepoint samples (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: tracepoints (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: samples patch (jbaron@redhat.com ) [329821]\n- [misc] markers and tracepoints: rcu-read patch (jbaron@redhat.com ) [329821]\n- [x86] nmi: fix disable and enable _timer_nmi_watchdog (Aristeu Rozanski ) [447618]\n- [x86] nmi: disable LAPIC/IO APIC on unknown_nmi_panic (Aristeu Rozanski ) [447618]\n- [x86] nmi: use lapic_adjust_nmi_hz (Aristeu Rozanski ) [447618]\n- [x86] nmi: update check_nmi_watchdog (Aristeu Rozanski ) [447618]\n- [x86] nmi: update reserve_lapic_nmi (Aristeu Rozanski ) [447618]\n- [x86] nmi: use setup/stop routines in suspend/resume (Aristeu Rozanski ) [447618]\n- [x86] nmi: change nmi_active usage (Aristeu Rozanski ) [447618]\n- [x86] nmi: update nmi_watchdog_tick (Aristeu Rozanski ) [447618]\n- [x86] nmi: introduce do_nmi_callback (Aristeu Rozanski ) [447618]\n- [x86] nmi: introduce per-cpu wd_enabled (Aristeu Rozanski ) [447618]\n- [x86] nmi: add perfctr infrastructure (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: add missing prototypes in xen headers (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: kill disable_irq calls (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: disable LAPIC/IO APIC on unknown_nmi_panic (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: use perfctr functions for probing (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: update check_nmi_watchdog (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: update reserve_lapic_nmi (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: use new setup/stop routines in suspend/resume (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: change nmi_active usage (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: update nmi_watchdog_tick (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: setup apic to handle both IO APIC and LAPIC (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: introduce do_nmi_callback (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: introduce per-cpu wd_enabled (Aristeu Rozanski ) [447618]\n- [x86_64] nmi: add perfctr infrastructure (Aristeu Rozanski ) [447618]\n- [mm] drain_node_page: drain pages in batch units (George Beshers ) [442179]\n- [mm] optimize ZERO_PAGE in 'get_user_pages' and fix XIP (Anton Arapov ) [452668] {CVE-2008-2372}\n- [x86_64] UEFI code support (Brian Maly ) [253295]\n[2.6.18-107.el5]\n- [scsi] mptscsi: check for null device in error handler (Doug Ledford ) [441832]\n- [openib] ehca: local CA ACK delay has an invalid value (Brad Peters ) [458378]\n- [gfs2] fix metafs (Abhijith Das ) [457798]\n- [sound] HDMI Audio: new PCI device ID (Bhavna Sarathy ) [459221]\n- [s390] cio: memory leak when ccw devices are discarded (Hans-Joachim Picht ) [459495]\n- [openib] ehca: handle two completions for one work req (Brad Peters ) [459142]\n- [scsi] cciss: possible race condition during init (Ivan Vecera ) [455663]\n- [wireless] rtl818x: add driver from 2.6.26 (John W. Linville ) [448764]\n- [wireless] rt2x00: add driver from 2.6.26 (John W. Linville ) [448763]\n- [wireless] ath5k: add driver from 2.6.26 (John W. Linville ) [445578]\n- [wireless] iwlwifi update to version from 2.6.26 (John W. Linville ) [438395]\n- [wireless] mac80211 update to version from 2.6.26 (John W. Linville ) [438391 438464 446076]\n- [wireless] infrastructure changes for mac80211 update (John W. Linville ) [438391]\n- [xen] xennet: coordinate ARP with backend network status (Herbert Xu ) [458934]\n- [x86] oprofile: enable additional perf counters (Markus Armbruster ) [426096]\n- [wireless] update zd1211rw to last non-mac80211 version (John W. Linville ) [448762]\n- [wireless] update bcm43xx driver to 2.6.25 (John W. Linville ) [448762]\n- [wireless] update ipw2x00 driver to 2.6.25 (John W. Linville ) [448762]\n- [wireless] update ieee80211 to 2.6.25 (John W. Linville ) [448762]\n- [xen] hv: support up to 128 cpus (Bill Burns ) [447958]\n- [gfs2] rm on multiple nodes causes panic (Bob Peterson ) [458289]\n- [gfs2] d_rwdirectempty fails with short read (Benjamin Marzinski ) [456453]\n- [sound] snd_seq_oss_synth_make_info info leak (Eugene Teo ) [458001] {CVE-2008-3272}\n- Revert: [mm] add support for fast get user pages (Ed Pollard ) [447649]\n- [xen] fix GDT allocation for 128 CPUs (Bill Burns ) [447958]\n- [xen] fix building with max_phys_cpus=128 (Bill Burns ) [447958]\n- [xen] limit dom0 to 32GB by default (Rik van Riel ) [453467]\n- [xen] automatically make heap larger on large mem system (Rik van Riel ) [453467]\n[2.6.18-106.el5]\n- [x86_64] resume from s3 in text mode with >4GB of mem (Matthew Garrett ) [452961]\n- [x86] kdump: calgary iommu: use boot kernels TCE tables (Tom Coughlan ) [239272]\n- [net] neigh_destroy: call destructor before unloading (Brad Peters ) [449161]\n- [usb] removing bus with an open file causes an oops (Pete Zaitcev ) [450786]\n- [nfs] missing nfs_fattr_init in nfsv3 acl functions (Jeff Layton ) [453711]\n- [xen] x86: fix endless loop when GPF (Chris Lalancette ) [457093]\n- [dlm] user.c input validation fixes (David Teigland ) [458760]\n- [serial] support for Digi PCI-E 4-8port Async IO adapter (Brad Peters ) [439443]\n- [cpufreq] acpi: boot crash due to _PSD return-by-ref (John Villalovos ) [428909]\n- [x86] io_apic: check timer with irq off (Brian Maly ) [432407]\n- [nfs] v4: dont reuse expired nfs4_state_owner structs (Jeff Layton ) [441884]\n- [nfs] v4: credential ref leak in nfs4_get_state_owner (Jeff Layton ) [441884]\n- [xen] PVFB probe & suspend fixes fix (Markus Armbruster ) [459107]\n- [x86] acpi: prevent resources from corrupting memory (Prarit Bhargava ) [458988]\n- [mm] add support for fast get user pages (Ed Pollard ) [447649]\n- [ipmi] control BMC device ordering (peterm@redhat.com ) [430157]\n- [net] pppoe: fix skb_unshare_check call position (Jiri Pirko ) [459062]\n- [net] ipv6: use timer pending to fix bridge ref count (Jiri Pirko ) [457006]\n- [nfs] v4: Poll aggressively when handling NFS4ERR_DELAY (Jeff Layton ) [441884]\n- [net] ixgbe: fix EEH recovery time (Brad Peters ) [457466]\n- [net] pppoe: unshare skb before anything else (Jiri Pirko ) [457018]\n- [ppc64] EEH: facilitate vendor driver recovery (Brad Peters ) [457253]\n- [ia64] fix to check module_free parameter (Masami Hiramatsu ) [457961]\n- [video] make V4L2 less verbose (Mauro Carvalho Chehab ) [455230]\n- [autofs4] remove unused ioctls (Ian Kent ) [452139]\n- [autofs4] reorganize expire pending wait function calls (Ian Kent ) [452139]\n- [autofs4] fix direct mount pending expire race (Ian Kent ) [452139]\n- [autofs4] fix indirect mount pending expire race (Ian Kent ) [452139]\n- [autofs4] fix pending checks (Ian Kent ) [452139]\n- [autofs4] cleanup redundant readdir code (Ian Kent ) [452139]\n- [autofs4] keep most direct and indirect dentrys positive (Ian Kent ) [452139]\n- [autofs4] fix waitq memory leak (Ian Kent ) [452139]\n- [autofs4] check communication pipe is valid for write (Ian Kent ) [452139]\n- [autofs4] fix waitq locking (Ian Kent ) [452139]\n- [autofs4] fix pending mount race (Ian Kent ) [452139]\n- [autofs4] use struct qstr in waitq.c (Ian Kent ) [452139]\n- [autofs4] use lookup intent flags to trigger mounts (Ian Kent ) [448869]\n- [autofs4] hold directory mutex if called in oz_mode (Ian Kent ) [458749]\n- [autofs4] use rehash list for lookups (Ian Kent ) [458749]\n- [autofs4] dont make expiring dentry negative (Ian Kent ) [458749]\n- [autofs4] fix mntput, dput order bug (Ian Kent ) [452139]\n- [autofs4] bad return from root.c:try_to_fill_dentry (Ian Kent ) [452139]\n- [autofs4] sparse warn in waitq.c:autofs4_expire_indirect (Ian Kent ) [452139]\n- [autofs4] check for invalid dentry in getpath (Ian Kent ) [452139]\n- [misc] create a kernel checksum file per FIPS140-2 (Don Zickus ) [444632]\n- [net] h323: Fix panic in conntrack module (Thomas Graf ) [433661]\n- [misc] NULL pointer dereference in kobject_get_path (Jiri Pirko ) [455460]\n- [audit] new filter type, AUDIT_FILETYPE (Alexander Viro ) [446707]\n- [ppc64] missed hw breakpoints across multiple threads (Brad Peters ) [444076]\n- [net] race between neigh_timer_handler and neigh_update (Brad Peters ) [440555]\n- [security] NULL ptr dereference in __vm_enough_memory (Jerome Marchand ) [443659]\n- [ppc64] cell: spufs update for RHEL-5.3 (Brad Peters ) [439483]\n- [misc] null pointer dereference in register_kretprobe (Jerome Marchand ) [452308]\n- [alsa] HDA: update to 2008-07-22 (Jaroslav Kysela ) [456215]\n- [ia64] xen: handle ipi case IA64_TIMER_VECTOR (Luming Yu ) [451745]\n- [misc] batch kprobe register/unregister (Jiri Pirko ) [437579]\n- [ia64] add gate.lds to Documentation/dontdiff (Prarit Bhargava ) [449948]\n- [xen] fix netloop restriction (Bill Burns ) [358281]\n- [nfs] revert to sync writes when background write errors (Jeff Layton ) [438423]\n- [ia64] kdump: implement greater than 4G mem restriction (Doug Chapman ) [446188]\n- [nfs] clean up short packet handling for NFSv4 readdir (Jeff Layton ) [428720]\n- [nfs] clean up short packet handling for NFSv2 readdir (Jeff Layton ) [428720]\n- [nfs] clean up short packet handling for NFSv3 readdir (Jeff Layton ) [428720]\n[2.6.18-105.el5]\n- [misc] pnp: increase number of devices (Prarit Bhargava ) [445590]\n- [ppc] PERR/SERR disabled after EEH error recovery (Brad Peters ) [457468]\n- [ppc] eHEA: update from version 0076-05 to 0091-00 (Brad Peters ) [442409]\n- [net] modifies inet_lro for RHEL (Brad Peters ) [442409]\n- [net] adds inet_lro module (Brad Peters ) [442409]\n- [ppc] adds crashdump shutdown hooks (Brad Peters ) [442409]\n- [ppc] xmon: setjmp/longjmp code generically available (Brad Peters ) [442409]\n- [xen] PV: config file changes (Don Dutile ) [442991]\n- [xen] PV: Makefile and Kconfig additions (Don Dutile ) [442991]\n- [xen] PV: add subsystem (Don Dutile ) [442991]\n- [xen] PV: shared used header file changes (Don Dutile ) [442991]\n- [xen] PV: shared use of xenbus, netfront, blkfront (Don Dutile ) [442991]\n- [fs] backport zero_user_segments and friends (Eric Sandeen ) [449668]\n- [fs] backport list_first_entry helper (Eric Sandeen ) [449668]\n- [ia64] fix boot failure on ia64/sn2 (Luming Yu ) [451745]\n- [ia64] move SAL_CACHE_FLUSH check later in boot (Luming Yu ) [451745]\n- [ia64] use platform_send_ipi in check_sal_cache_flush (Luming Yu ) [451745]\n- [xen] avoid dom0 hang when tearing down domains (Chris Lalancette ) [347161]\n- [xen] ia64: SMP-unsafe with XENMEM_add_to_physmap on HVM (Tetsu Yamamoto ) [457137]\n[2.6.18-104.el5]\n- [crypto] IPsec memory leak (Vitaly Mayatskikh ) [455238]\n- [ppc] edac: add support for Cell processor (Brad Peters ) [439507]\n- [ppc] edac: add pre-req support for Cell processor (Brad Peters ) [439507]\n- [scsi] DLPAR remove operation fails on LSI SCSI adapter (Brad Peters ) [457852]\n- [net] bridge: eliminate delay on carrier up (Herbert Xu ) [453526]\n- [mm] tmpfs: restore missing clear_highpage (Eugene Teo ) [426083]{CVE-2007-6417}\n- [scsi] aic94xx: update to 2.6.25 (Ed Pollard ) [439573]\n- [fs] dio: lock refcount operations (Jeff Moyer ) [455750]\n- [fs] vfs: fix lookup on deleted directory (Eugene Teo ) [457866]{CVE-2008-3275}\n- [fs] jbd: fix races that lead to EIO for O_DIRECT (Brad Peters ) [446599]\n- [fs] add percpu_counter_add & _sub (Eric Sandeen ) [443896]\n- [xen] event channel lock and barrier (Markus Armbruster ) [457086]\n- [ppc] adds DSCR support in sysfs (Brad Peters ) [439567]\n- [ppc] oprofile: wrong cpu_type returned (Brad Peters ) [441539]\n- [s390] utrace: PTRACE_POKEUSR_AREA corrupts ACR0 (Anton Arapov ) [431183]\n- [pci] fix problems with msi interrupt management (Michal Schmidt ) [428696]\n- [misc] fix wrong test in wait_task_stopped (Jerome Marchand ) [382211]\n- [fs] ecryptfs: use page_alloc to get a page of memory (Eric Sandeen ) [457058]\n- [misc] serial: fix break handling for i82571 over LAN (Aristeu Rozanski ) [440018]\n- [xen] blktap: expand for longer busids (Chris Lalancette ) [442723]\n- [xen] fix blkfront to accept > 16 devices (Chris Lalancette ) [442723]\n- [xen] expand SCSI majors in blkfront (Chris Lalancette ) [442077]\n- [misc] core dump: remain dumpable (Jerome Marchand ) [437958]\n- [fs] inotify: previous event should be last in list (Jeff Burke ) [453990]\n- [block] Enhanced Partition Statistics: documentation (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: retain old stats (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: procfs (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: sysfs (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: cpqarray fix (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: cciss fix (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: aoe fix (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: update statistics (Jerome Marchand ) [224322]\n- [block] Enhanced Partition Statistics: core statistics (Jerome Marchand ) [224322]\n- [fs] add clear_nlink, drop_nlink (Eric Sandeen ) [443896]\n- [fs] add buffer_submit_read and bh_uptodate_or_lock (Eric Sandeen ) [443896]\n- [fs] noinline_for_stack attribute (Eric Sandeen ) [443896]\n- [fs] i_version updates (Eric Sandeen ) [443896]\n- [fs] add an ERR_CAST function (Eric Sandeen ) [443896]\n- [fs] introduce is_owner_or_cap (Eric Sandeen ) [443896]\n- [fs] add generic_find_next_le_bit (Eric Sandeen ) [443896]\n- [fs] add le32_add_cpu and friends (Eric Sandeen ) [443896]\n- [net] sctp: export needed data to implement RFC 3873 (Neil Horman ) [277111]\n- [xen] x86: xenoprof enable additional perf counters (Markus Armbruster ) [426096]\n[2.6.18-103.el5]\n- [fs] dio: use kzalloc to zero out struct dio (Jeff Moyer ) [439918]\n- [x86] hugetlb: inconsistent get_user_pages (x86 piece) (Brad Peters ) [456449]\n- [fs] fix softlockups when repeatedly dropping caches (Bryn M. Reeves ) [444961]\n- [char] add hp-ilo driver (Tony Camuso ) [437212]\n- [net] do liberal tracking for picked up connections (Anton Arapov ) [448328]\n- [scsi] BusLogic: typedef bool to boolean for compiler (Chip Coldwell ) [445095]\n- [misc] ioc4: fixes - pci_put_dev, printks, mem resource (Jonathan Lim ) [442424]\n[2.6.18-102.el5]\n- [net] slow_start_after_idle influences cwnd validation (Thomas Graf ) [448918]\n- [dlm] fix a couple of races (David Teigland ) [457569]\n- [net] NetXen driver update to 3.4.18 (Ed Pollard ) [443619]\n- [mm] NUMA: system is slow when over-committing memory (Larry Woodman ) [457264]\n- [net] ixgbe: remove device ID for unsupported device (Andy Gospodarek ) [454910]\n- [ppc] Event Queue overflow on eHCA adapters (Brad Peters ) [446713]\n- [ppc] IOMMU Performance Enhancements (Brad Peters ) [439469]\n- [ppc] RAS update for Cell (Brad Peters ) [313731]\n- [ppc] fast little endian implementation for System p AVE (Brad Peters ) [439505]\n- [net] proc: add unresolved discards stat to ndisc_cache (Neil Horman ) [456732]\n- [x86_64] ia32: increase stack size (Larry Woodman ) [442331]\n- [mm] fix PAE pmd_bad bootup warning (Larry Woodman ) [455434]\n- [video] add uvcvideo module (Jay Fenlason ) [439899]\n- [crypto] add tests for cipher types to self test module (Neil Horman ) [446514]\n- [mm] fix debug printks in page_remove_rmap() (Larry Woodman ) [457458]\n- [mm] fix /proc/sys/vm/lowmem_reserve_ratio (Larry Woodman ) [457471]\n- [xen] add VPS sync read/write according to spec (Bill Burns ) [437096]\n- [xen] use VPS service to take place of PAL call (Bill Burns ) [437096]\n- [xen] enable serial console for new ia64 chip (Bill Burns ) [437096]\n[2.6.18-101.el5]\n- [ipmi] restrict keyboard I/O port reservation (peterm@redhat.com ) [456300]\n- [mm] xpmem: inhibit page swapping under heavy mem use (George Beshers ) [456574]\n- [fs] vfs: wrong error code on interrupted close syscalls (Jeff Layton ) [455729]\n- [misc] dont randomize when no randomize personality set (Bryn M. Reeves ) [444611]\n- [ia64] holdoffs in sn_ack_irq when running latency tests (Jonathan Lim ) [447838]\n- [xen] x86: new vcpu_op call to get physical CPU identity (Bhavana Nagendra ) [434548]\n- [xen] HV: memory corruption with large number of cpus (Chris Lalancette ) [449945]\n- [xen] save phys addr for crash utility (Bill Burns ) [443618]\n- [xen] kexec: allocate correct memory reservation (Bill Burns ) [442661]\n[2.6.18-100.el5]\n- [gfs2] glock dumping missing out some glocks (Steven Whitehouse ) [456334]\n- [scsi] ibmvscsi: add tape device support (Brad Peters ) [439488]\n- [misc] irq: reset stats when installing new handler (Eugene Teo ) [456218]\n- [scsi] ibmvscsi: latest 5.3 fixes and enhancements (Brad Peters ) [439487]\n- [selinux] prevent illegal selinux options when mounting (Eugene Teo ) [456052]\n- [xen] remove blktap sysfs entries before shutdown (Chris Lalancette ) [250104]\n- [xen] dont collide symbols with blktap (Chris Lalancette ) [250104]\n- [xen] blktap: modify sysfs entries to match blkback (Chris Lalancette ) [250104]\n- [xen] dont try to recreate sysfs entries (Chris Lalancette ) [250104]\n- [xen] blktap: stats error cleanup (Chris Lalancette ) [250104]\n- [xen] blktap: add statistics (Chris Lalancette ) [250104]\n- [xen] rename blktap kernel threads to blktap.dom.blkname (Chris Lalancette ) [250104]\n- [ia64] xen: incompatibility with HV and userspace tools (Tetsu Yamamoto ) [444589]\n- [usb] add ids for WWAN cards (John Feeney ) [253137]\n- [ia64] handle invalid ACPI SLIT table (Luming Yu ) [451591]\n- [pci] mmconfig: use conf1 for access below 256 bytes (Tony Camuso ) [441615 251493]\n- [pci] mmconfig: rm pci_legacy_ops and nommconf blacklist (Tony Camuso ) [441615 251493]\n- [pci] mmconfig: remove pci_bios_fix_bus_scan_quirk (Tony Camuso ) [441615 251493]\n- [fs] nlm: tear down RPC clients in nlm_shutdown_hosts (Jeff Layton ) [254195]\n- [fs] nlm: dont reattempt GRANT_MSG with an inflight RPC (Jeff Layton ) [254195]\n- [fs] nlm: canceled inflight GRANT_MSG shouldnt requeue (Jeff Layton ) [254195]\n- [fs] potential race in mark_buffer_dirty (Mikulas Patocka ) [442577]\n[2.6.18-99.el5]\n- [fs] lockd: nlmsvc_lookup_host called with f_sema held (Jeff Layton ) [453094]\n- [x86] dont call MP_processor_info for disabled cpu (Prarit Bhargava ) [455425]\n- [x86_64] dont call MP_processor_info for disabled cpu (Prarit Bhargava ) [455427]\n- [x86] show apicid in /proc/cpuinfo (Prarit Bhargava ) [455424]\n- [acpi] disable lapic timer on C2 states (John Villalovos ) [438409]\n- [acpi] enable deep C states for idle efficiency (Matthew Garrett ) [443516]\n- [fs] missing check before setting mount propagation (Eugene Teo ) [454393]\n- [xen] pvfb: frontend mouse wheel support (Markus Armbruster ) [446235]\n- [ppc] use ibm,slb-size from device tree (Brad Peters ) [432127]\n- [mm] dio: fix cache invalidation after sync writes (Jeff Moyer ) [445674]\n- [misc] fix UP compile in skcipher.h (Prarit Bhargava ) [453038]\n- [ia64] softlock: prevent endless warnings in kdump (Neil Horman ) [453200]\n- [net] s2io: fix documentation about intr_type (Michal Schmidt ) [450921]\n- [net] make udp_encap_rcv use pskb_may_pull (Neil Horman ) [350281]\n- [misc] fix compile when selinux is disabled (Prarit Bhargava ) [452535]\n- [scsi] update aacraid to 1.1.5-2455 (Chip Coldwell ) [429862]\n- [x86_64] ptrace: sign-extend orig_rax to 64 bits (Jerome Marchand ) [437882]\n- [x86_64] ia32 syscall restart fix (Jerome Marchand ) [434998]\n- [misc] optimize byte-swapping, fix -pedantic compile (Jarod Wilson ) [235699]\n- [dm] snapshot: reduce default memory allocation (Milan Broz ) [436494]\n- [dm] snapshot: fix chunksize sector conversion (Milan Broz ) [443627]\n- [net] ip tunnel cant be bound to another device (Michal Schmidt ) [451196]\n- [net] bnx2x: chip reset and port type fixes (Andy Gospodarek ) [441259]\n- [audit] records sender of SIGUSR2 for userspace (Eric Paris ) [428277]\n- [audit] deadlock under load and auditd takes a signal (Eric Paris ) [429941]\n- [audit] send EOE audit record at end of syslog events (Eric Paris ) [428275]\n- [x86] brk: fix RLIMIT_DATA check (Vitaly Mayatskikh ) [315681]\n- [misc] fix ?!/!? inversions in spec file (Jarod Wilson ) [451008]\n- [scsi] fix high I/O wait using 3w-9xxx (Tomas Henzl ) [444759]\n- [net] ipv6: fix unbalanced ref count in ndisc_recv_ns (Neil Horman ) [450855]\n- [fs] cifs: wait on kthread_stop before thread exits (Jeff Layton ) [444865]\n- [net] fix the redirected packet if jiffies wraps (Ivan Vecera ) [445536]\n- [nfs] pages of a memory mapped file get corrupted (Peter Staubach ) [435291]\n- [net] sunrpc: memory corruption from dead rpc client (Jeff Layton ) [432867]\n- [fs] debugfs: fix dentry reference count bug (Josef Bacik ) [445787]\n- [acpi] remove processor module errors (John Feeney ) [228836]\n- [fs] ext3: make fdatasync not sync metadata (Josef Bacik ) [445649]\n- [pci] acpiphp_ibm: let ACPI determine _CID buffer size (Prarit Bhargava ) [428874]\n- [fs] need process map reporting for swapped pages (Anton Arapov ) [443749]\n- [misc] optional panic on softlockup warnings (Prarit Bhargava ) [445422]\n- [net] sctp: support remote address table oid (Neil Horman ) [435110]\n- [nfs] knfsd: revoke setuid/setgid when uid/gid changes (Jeff Layton ) [443043]\n- [nfs] remove error field from nfs_readdir_descriptor_t (Jeff Layton ) [437479]\n[2.6.18-98.el5]\n- [nfs] sunrpc: sleeping rpc_malloc might deadlock (Jeff Layton ) [451317]\n- [gfs2] initial write performance very slow (Benjamin Marzinski ) [432826]\n- [ia64] avoid unnecessary TLB flushes when allocating mem (Doug Chapman ) [435362]\n- [gfs2] lock_dlm: deliver callbacks in the right order (Bob Peterson ) [447748]\n- [sound] alsa: HDA driver update from upstream 2008-06-11 (Jaroslav Kysela ) [451007]\n- [x86_64] xen: fix syscall return when tracing (Chris Lalancette ) [453394]\n- [fs] ext3: lighten up resize transaction requirements (Eric Sandeen ) [425955]\n- [xen] PVFB probe & suspend fixes (Markus Armbruster ) [434800]\n- [nfs] ensure that options turn off attribute caching (Peter Staubach ) [450184]\n- [x86_64] memmap flag results in bogus RAM map output (Prarit Bhargava ) [450244]\n- [nfs] sunrpc: fix a race in rpciod_down (Jeff Layton ) [448754]\n- [nfs] sunrpc: fix hang due to eventd deadlock (Jeff Layton ) [448754]\n- [gfs2] d_doio stuck in readv waiting for pagelock (Bob Peterson ) [432057]\n- [fs] ext3: fix lock inversion in direct io (Josef Bacik ) [439194]\n- [fs] jbd: fix journal overflow issues (Josef Bacik ) [439193]\n- [fs] jbd: fix typo in recovery code (Josef Bacik ) [447742]\n- [openib] small ipoib packet can cause an oops (Doug Ledford ) [445731]\n- [sched] domain range turnable params for wakeup_idle (Kei Tokunaga ) [426971]\n- [edac] k8_edac: fix typo in user visible message (Aristeu Rozanski ) [446068]\n- [net] ipv6: dont handle default routes specially (Neil Horman ) [426895 243526]\n- [fs] ext3: unmount hang when quota-enabled goes error-RO (Eric Sandeen ) [429054]\n- [net] ipv6: no addrconf for bonding slaves (Andy Gospodarek ) [236750]\n- [misc] fix race in switch_uid and user signal accounting (Vince Worthington ) [441762 440830]\n- [misc] /proc/pid/limits : fix duplicate array entries (Neil Horman ) [443522]\n- [nfs] v4: fix ref count and signal for callback thread (Jeff Layton ) [423521]\n- [mm] do not limit locked memory when using RLIM_INFINITY (Larry Woodman ) [442426]\n- [xen] ia64: add srlz instruction to asm (Aron Griffis ) [440261]\n- [nfs] fix transposed deltas in nfs v3 (Jeff Layton ) [437544]\n- [x86_64] gettimeofday fixes for HPET, PMTimer, TSC (Prarit Bhargava ) [250708]\n- [ia64] remove assembler warnings on head.S (Luming Yu ) [438230]\n- [misc] allow hugepage allocation to use most of memory (Larry Woodman ) [438889]\n- [edac] k8_edac: add option to report GART errors (Aristeu Rozanski ) [390601]\n- [ia64] add TIF_RESTORE_SIGMASK and pselect/ppoll syscall (Luming Yu ) [206806]\n[2.6.18-97.el5]\n- [misc] signaling msgrvc() should not pass back error (Jiri Pirko ) [452533]\n- [ia64] properly unregister legacy interrupts (Prarit Bhargava ) [445886]\n- [s390] zfcp: status read locking race (Hans-Joachim Picht ) [451278]\n- [s390] fix race with stack local wait_queue_head_t. (Hans-Joachim Picht ) [451279]\n- [s390] cio: fix system hang with reserved DASD (Hans-Joachim Picht ) [451222]\n- [s390] cio: fix unusable zfcp device after vary off/on (Hans-Joachim Picht ) [451223]\n- [s390] cio: I/O error after cable pulls (Hans-Joachim Picht ) [451281]\n- [s390] tape: race condition in tape block device driver (Hans-Joachim Picht ) [451277]\n- [gfs2] cannot use fifo nodes (Steven Whitehouse ) [450276]\n- [gfs2] bad subtraction in while-loop can cause panic (Bob Peterson ) [452004]\n- [tux] crashes kernel under high load (Anton Arapov ) [448973]\n- [dlm] move plock code from gfs2 (David Teigland ) [450138]\n- [dlm] fix basts for granted CW waiting PR/CW (David Teigland ) [450137]\n- [dlm] check for null in device_write (David Teigland ) [450136]\n- [dlm] save master info after failed no-queue request (David Teigland ) [450135]\n- [dlm] keep cached master rsbs during recovery (David Teigland ) [450133]\n- [dlm] change error message to debug (David Teigland ) [450132]\n- [dlm] fix possible use-after-free (David Teigland ) [450132]\n- [dlm] limit dir lookup loop (David Teigland ) [450132]\n- [dlm] reject normal unlock when lock waits on lookup (David Teigland ) [450132]\n- [dlm] validate messages before processing (David Teigland ) [450132]\n- [dlm] reject messages from non-members (David Teigland ) [450132]\n- [dlm] call to confirm_master in receive_request_reply (David Teigland ) [450132]\n- [dlm] recover locks waiting for overlap replies (David Teigland ) [450132]\n- [dlm] clear ast_type when removing from astqueue (David Teigland ) [450132]\n- [dlm] use fixed errno values in messages (David Teigland ) [450130]\n- [dlm] swap bytes for rcom lock reply (David Teigland ) [450130]\n- [dlm] align midcomms message buffer (David Teigland ) [450130]\n- [dlm] use dlm prefix on alloc and free functions (David Teigland ) [450130]\n- [s390] zfcp: memory handling for GID_PN (Hans-Joachim Picht ) [447727]\n- [s390] zfcp: out-of-memory handling for status_read req (Hans-Joachim Picht ) [447726]\n- [s390] zfcp: deadlock in slave_destroy handler (Hans-Joachim Picht ) [447329]\n- [s390] dasd: fix timeout handling in interrupt handler (Hans-Joachim Picht ) [447316]\n- [s390] zfcp: fix check for handles in abort handler (Hans-Joachim Picht ) [447331]\n- [s390] aes_s390 decrypt may produce wrong results in CBC (Hans-Joachim Picht ) [446191]\n- [s390x] CPU Node Affinity (Hans-Joachim Picht ) [447379]\n- [gfs2] inode indirect buffer corruption (Bob Peterson ) [345401]\n- [s390] cio: avoid machine check vs. not operational race (Hans-Joachim Picht ) [444082]\n- [s390] qeth: avoid inconsistent lock state for inet6_dev (Hans-Joachim Picht ) [444077]\n- [s390] qdio: missed inb. traffic with online FCP devices (Hans-Joachim Picht ) [444146]\n- [s390] qeth: eddp skb buff problem running EDDP guestlan (Hans-Joachim Picht ) [444014]\n- [s390] cio: kernel panic in cm_enable processing (Hans-Joachim Picht ) [442032]\n- [fs] fix bad unlock_page in pip_to_file() error path (Larry Woodman ) [439917]\n- [s390] zfcp: Enhanced Trace Facility (Hans-Joachim Picht ) [439482]\n- [s390] dasd: add support for system information messages (Hans-Joachim Picht ) [439441]\n- [s390] zcrypt: add support for large random numbers (Hans-Joachim Picht ) [439440]\n- [s390] qeth: recovery problems with failing STARTLAN (Hans-Joachim Picht ) [440420]\n- [s390] qdio: change in timeout handling during establish (Hans-Joachim Picht ) [440421]\n- [s390] lcs: ccl-seq. numbers required for prot. 802.2 (Hans-Joachim Picht ) [440416]\n- [s390] dasd: diff z/VM minidisks need a unique UID (Hans-Joachim Picht ) [440402]\n- [s390] qeth: ccl-seq. numbers req for protocol 802.2 (Hans-Joachim Picht ) [440227]\n- [s390] sclp: prevent console lockup during SE warmstart (Hans-Joachim Picht ) [436967]\n- [s390] zcrypt: disable ap polling thread per default (Hans-Joachim Picht ) [435161]\n- [s390] zfcp: hold lock on port/unit handle for task cmd (Hans-Joachim Picht ) [434959]\n- [s390] zfcp: hold lock on port handle for ELS command (Hans-Joachim Picht ) [434955]\n- [s390] zfcp: hold lock on port/unit handle for FCP cmd (Hans-Joachim Picht ) [433537]\n- [s390] zfcp: hold lock when checking port/unit handle (Hans-Joachim Picht ) [434953]\n- [s390] zfcp: handling of boxed port after physical close (Hans-Joachim Picht ) [434801]\n- [s390] dasd: fix ifcc handling (Hans-Joachim Picht ) [431592]\n- [s390] cio: introduce timed recovery procedure (Hans-Joachim Picht ) [430593]\n- [s390] cio: sense id works with partial hw response (Hans-Joachim Picht ) [430787]\n- [s390] zfcp: fix use after free bug (Hans-Joachim Picht ) [412881]\n- [s390] cio: add missing reprobe loop end statement (Hans-Joachim Picht ) [412891]\n- [s390] zfcp: imbalance in erp_ready_sem usage (Hans-Joachim Picht ) [412831]\n- [s390] zfcp: zfcp_erp_action_dismiss will ignore actions (Hans-Joachim Picht ) [409091]\n- [s390] zfcp: Units are reported as BOXED (Hans-Joachim Picht ) [412851]\n- [s390] zfcp: Reduce flood on hba trace (Hans-Joachim Picht ) [415951]\n- [s390] zfcp: Deadlock when adding invalid LUN (Hans-Joachim Picht ) [412841]\n- [s390] pav alias disks not detected on lpar (Hans-Joachim Picht ) [416081]\n[2.6.18-96.el5]\n- [net] randomize udp port allocation (Eugene Teo ) [454572]\n- [tty] add NULL pointer checks (Aristeu Rozanski ) [453154]\n- [misc] ttyS1 lost interrupt, stops transmitting v2 (Brian Maly ) [451157]\n- [net] sctp: make sure sctp_addr does not overflow (David S. Miller ) [452483]\n- [sys] sys_setrlimit: prevent setting RLIMIT_CPU to 0 (Neil Horman ) [437122]\n- [net] sit: exploitable remote memory leak (Jiri Pirko ) [446039]\n- [x86_64] zero the output of string inst on exception (Jiri Pirko ) [451276] {CVE-2008-2729}\n- [net] dccp: sanity check feature length (Anton Arapov ) [447396] {CVE-2008-2358}\n- [misc] buffer overflow in ASN.1 parsing routines (Anton Arapov ) [444465] {CVE-2008-1673}\n- [x86_64] write system call vulnerability (Anton Arapov ) [433945] {CVE-2008-0598}\n[2.6.18-95.el5]\n- [net] Fixing bonding rtnl_lock screwups (Fabio Olive Leite ) [450219]\n- [x86_64]: extend MCE banks support for Dunnington, Nehalem (Prarit Bhargava ) [446673]\n- [nfs] address nfs rewrite performance regression in RHEL5 (Eric Sandeen ) [436004]\n- [mm] Make mmap() with PROT_WRITE on RHEL5 (Larry Woodman ) [448978]\n- [i386]: Add check for supported_cpus in powernow_k8 driver (Prarit Bhargava ) [443853]\n- [i386]: Add check for dmi_data in powernow_k8 driver (Prarit Bhargava ) [443853]\n- [sata] update sata_svw (John Feeney ) [441799]\n- [net] fix recv return zero (Thomas Graf ) [435657]\n- [misc] kernel crashes on futex (Anton Arapov ) [435178]\n[2.6.18-94.el5]\n- [misc] ttyS1 loses interrupt and stops transmitting (Simon McGrath ) [440121]\n[2.6.18-93.el5]\n- [x86] sanity checking for read_tsc on i386 (Brian Maly ) [443435]\n- [xen] netfront: send fake arp when link gets carrier (Herbert Xu ) [441716]\n- [net] fix xfrm reverse flow lookup for icmp6 (Neil Horman ) [446250]\n- [net] negotiate all algorithms when id bit mask zero (Neil Horman ) [442820]\n- [net] 32/64 bit compat MCAST_ sock options support (Neil Horman ) [444582]\n- [misc] add CPU hotplug support for relay functions (Kei Tokunaga ) [441523]", "cvss3": {}, "published": "2009-01-27T00:00:00", "type": "oraclelinux", "title": "Oracle Enterprise Linux 5.3 kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2007-6417", "CVE-2008-3272", "CVE-2008-5029", "CVE-2008-0598", "CVE-2008-3496", "CVE-2008-3831", "CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3527", "CVE-2008-5182", "CVE-2008-5079", "CVE-2006-5755", "CVE-2008-2729", "CVE-2008-4576", "CVE-2008-5300", "CVE-2008-3276", "CVE-2008-2358", "CVE-2008-4210", "CVE-2008-3275", "CVE-2008-1673"], "modified": "2009-01-27T00:00:00", "id": "ELSA-2009-0225", "href": "http://linux.oracle.com/errata/ELSA-2009-0225.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:42", "description": "[2.6.18-92.1.13.0.1.el5]\n- [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [orabug 6045759]\n- [splice] Fix bad unlock_page() in error case (Jens Axboe) [orabug 6263574]\n- [NET] fix netpoll race (Tina Yang) [orabugz 5791]\n[2.6.18-92.1.13.el5]\n- [md] fix crashes in iterate_rdev (Doug Ledford ) [460128 455471]\n- [sound] snd_seq_oss_synth_make_info info leak (Eugene Teo ) [458000 458001] {CVE-2008-3272}\n- [ipmi] control BMC device ordering (peterm@redhat.com ) [459071 430157]\n- [ia64] fix to check module_free parameter (Masami Hiramatsu ) [460639 457961]\n- [misc] NULL pointer dereference in kobject_get_path (Jiri Pirko ) [459776 455460]\n- [xen] ia64: SMP-unsafe with XENMEM_add_to_physmap on HVM (Tetsu Yamamoto ) [459780 457137]\n- [net] bridge: eliminate delay on carrier up (Herbert Xu ) [458783 453526]\n- [fs] dio: lock refcount operations (Jeff Moyer ) [459082 455750]\n- [misc] serial: fix break handling for i82571 over LAN (Aristeu Rozanski ) [460509 440018]\n- [fs] dio: use kzalloc to zero out struct dio (Jeff Moyer ) [461091 439918]\n- [fs] lockd: nlmsvc_lookup_host called with f_sema held (Jeff Layton ) [459083 453094]\n- [net] bnx2x: chip reset and port type fixes (Andy Gospodarek ) [441259 442026]\n[2.6.18-92.1.12.el5]\n- [mm] tmpfs: restore missing clear_highpage (Eugene Teo ) [426082 426083]{CVE-2007-6417}\n- [fs] vfs: fix lookup on deleted directory (Eugene Teo ) [457865 457866]{CVE-2008-3275}\n- [net] ixgbe: remove device ID for unsupported device (Andy Gospodarek ) [457484 454910]\n- [ppc] Event Queue overflow on eHCA adapters (Brad Peters ) [458779 446713]\n[2.6.18-92.1.11.el5]\n- [mm] xpmem: inhibit page swapping under heavy mem use (George Beshers ) [456946 456574]\n- [xen] HV: memory corruption with large number of cpus (Chris Lalancette ) [455768 449945]\n- [fs] missing check before setting mount propagation (Eugene Teo ) [454392 454393]\n- [openib] small ipoib packet can cause an oops (Doug Ledford ) [447913 445731]\n- [misc] fix race in switch_uid and user signal accounting (Vince Worthington ) [456235 441762 440830]", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2008-3272", "CVE-2008-2931", "CVE-2008-3275", "CVE-2007-6716"], "modified": "2008-09-24T00:00:00", "id": "ELSA-2008-0885", "href": "http://linux.oracle.com/errata/ELSA-2008-0885.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:11", "description": "[2.4.21-58.0.0.0.1.EL]\n- add directio support for qla drivers (herb) [ora 6346849]\n- support PT Quad card [ora 5751043]\n- io to nfs partition hangs [ora 5088963]\n- add entropy for bnx2 nic [ora 5931647]\n- avoid large allocation-fragmentation in MTU (zab)\n- fix clear highpage (wli)\n[2.4.21-58.EL]\n- copy_user doesn't zero tail bytes on page fault (Don Howard) [433941] {CVE-2008-2729}\n- Fix long symlink support (Fabio Olive Leite) [BZ 438758]\n- Fix possible buffer overflow in ASN.1 parsing routine (Don Howard) [444461] {CVE-2008-1673}\n- Fix exploitable remote memory leak in sit (Don Howard) [446034] {CVE-2008-2136}\n- Fix possible panic in mptctl_gettargetinfo (Don Howard) [451955]\n- Add add NULL pointer checks in tty drivers (Don Howard) [453158] {CVE-2008-2812}\n- Add a kernel parameter to disable lost tick accounting on x86_64 (Don Howard) [455921]\n- Fix possible isdn_net buffer overflows (Don Howard) [456361] {CVE-2007-6063}\n- Fix lookup on deleted directory (Eugene Teo) [457862] {CVE-2008-3275}\n- Add missing capability checks in sbni_ioctl (Eugene Teo) [460404] {CVE-2008-3525}\n- Remove suid/sgid bits on ftruncate (dhoward) [463684] {CVE-2008-4210}", "cvss3": {}, "published": "2008-12-18T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-3525", "CVE-2008-2729", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2008-12-18T00:00:00", "id": "ELSA-2008-0973", "href": "http://linux.oracle.com/errata/ELSA-2008-0973.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:49", "description": "[2.6.18-164.el5]\n- [misc] information leak in sigaltstack (Vitaly Mayatskikh ) [515396]\n- [misc] execve: must clear current->clear_child_tid (Oleg Nesterov ) [515429]\n- [net] igb: set lan id prior to configuring phy (Stefan Assmann ) [508870]\n- [net] udp: socket NULL ptr dereference (Vitaly Mayatskikh ) [518043] {CVE-2009-2698}\n[2.6.18-163.el5]\n- [net] make sock_sendpage use kernel_sendpage (Danny Feng ) [516955] {CVE-2009-2692}\n[2.6.18-162.el5]\n- [x86_64] Intel IOMMU: Pass Through Support (Don Dutile ) [504363]\n[2.6.18-161.el5]\n- [dlm] free socket in error exit path (David Teigland ) [508829]\n- [net] tg3: fix concurrent migration of VM clients (John Feeney ) [511918]\n- [scsi] mptfusion: revert to pci_map (Tomas Henzl ) [514049]\n- [scsi] bnx2i: fix conn disconnection bugs (mchristi@redhat.com ) [513802]\n- [scsi] qla2xxx: unable to destroy npiv HBA ports (Marcus Barrow ) [514352]\n- [scsi] ALUA: send STPG if explicit and implicit (mchristi@redhat.com ) [482737]\n- [scsi] megaraid: fix the tape drive issue (Tomas Henzl ) [510665]\n- [scsi] cxgb3i: fix skb allocation (mchristi@redhat.com ) [514073]\n- [fs] __bio_clone: dont calculate hw/phys segment counts (Milan Broz ) [512387]\n- [fs] ecryptfs: check tag 11 packet data buffer size (Eric Sandeen ) [512863] {CVE-2009-2406}\n- [fs] ecryptfs: check tag 3 packet encrypted key size (Eric Sandeen ) [512887] {CVE-2009-2407}\n- [xen] amd iommu: crash with pass-through on large memory (Bhavna Sarathy ) [514910]\n[2.6.18-160.el5]\n- [scsi] mptsas: fix max_id initialization (mchristi@redhat.com ) [455678]\n- [ata] ahci: add IDs for Ibex Peak ahci controllers (David Milburn ) [513067]\n- [scsi] lpfc: update to 8.2.0.48.2p, fix multiple panics (Rob Evers ) [512266]\n- [gfs2] remove dcache entries for remote deleted inodes (Benjamin Marzinski ) [505548]\n- [alsa] add native support for IbexPeak audio (Jaroslav Kysela ) [509526]\n- [alsa] IbexPeak related patches for codec auto-config (Jaroslav Kysela ) [509526]\n- [scsi] cciss: call bus_unregister in cciss_remove_one (Rob Evers ) [513070]\n- [scsi] cciss: add driver sysfs entries (Rob Evers ) [513070]\n- [net] e1000e/igb: make sure wol can be configured (Andy Gospodarek ) [513032]\n- [fs] xfs: only compile for x86_64 (Eric Sandeen ) [512827]\n- [ahci] add SATA GEN3 related messages (David Milburn ) [512086]\n- [net] tun/tap: open /dev/net/tun and then poll() it fix (Danny Feng ) [512286] {CVE-2009-1897}\n- [net] mlx4_en: problem with LRO that segfaults KVM host (Doug Ledford ) [510789]\n- [openib] mthca: fix over sized kmalloc usage (Doug Ledford ) [508902]\n- [s390] zcrypt: request gets timed out under high load (Hans-Joachim Picht ) [511289]\n[2.6.18-159.el5]\n- [scsi] cciss: fix sysfs broken symlink regression (Rob Evers ) [510178]\n- [kabi] add consume_skb (Jon Masters ) [479200]\n- [net] ipv6: fix incorrect disable_ipv6 behavior (jolsa@redhat.com ) [512258]\n- [net] ipv6: fix BUG when disabled module is unloaded (jolsa@redhat.com ) [512258]\n- [net] ipv6: add 'disable' module parameter support (jolsa@redhat.com ) [512258]\n- Revert: [mm] fix swap race in fork-gup patch group (Larry Woodman ) [508919]\n- [scsi] mptfusion: fix OOPS in failover path (Rob Evers ) [504835]\n- [scsi] stex: minimize DMA coherent allocation (David Milburn ) [486466]\n- [misc] personality handling: fix PER_CLEAR_ON_SETID (Vitaly Mayatskikh ) [508842]\n- [misc] build with -fno-delete-null-pointer-checks (Eugene Teo ) [511181]\n- [scsi] qla2xxx: provide reset capability for EEH (Marcus Barrow ) [511141]\n- [scsi] bnx2i: fix host setup and libiscsi abort locking (mchristi@redhat.com ) [511096]\n- [xen] ia64: fix rmmod of PCI devices (Chris Lalancette ) [507520]\n- [pci] kvm: PCI FLR support for device assignment (Don Dutile ) [510805]\n- [gfs2] dont put unlikely reclaim glocks on reclaim list (Benjamin Marzinski ) [504335]\n[2.6.18-158.el5]\n- [s390] add missing kernel option CONFIG_SHARED_KERNEL (Hans-Joachim Picht ) [506947]\n- [gfs2] fix incorrent statfs_slow consistency check (Benjamin Marzinski ) [505171]\n- [net] be2net: fix msix performance regression (Andy Gospodarek ) [510008]\n- [gfs2] umount.gfs2 hangs eating CPU (Abhijith Das ) [508876]\n- [block] protect the per-gendisk partition array with rcu (Jeff Moyer ) [495866]\n- [net] igb: fix panic when assigning device to guest (Andy Gospodarek ) [507173]\n- [ia64] xen: dom0 get/set_address_size (Chris Lalancette ) [510069]\n- [x86] fix suspend/resume issue on SB800 chipset (Bhavna Sarathy ) [498135]\n- [scsi] cciss: fix spinlock (Tomas Henzl ) [509818]\n- [scsi] qla2xxx: NPIV broken for PPC, endian fix (Marcus Barrow ) [510268]\n- [scsi] qla2xxx: prevent hangs in extended error handling (Marcus Barrow ) [470510]\n- [mm] prevent softlockups in copy_hugetlb_page_range (Larry Woodman ) [508919]\n- [scsi] cxgb3i: fix vlan support (mchristi@redhat.com ) [508409]\n- [net] bnx2i: RHEL-5.4 code cleanups (mchristi@redhat.com ) [504181]\n- [x86_64] import asm/svm.h and asm/vmx.h (Eduardo Habkost ) [507483]\n- [x86_64] import asm/virtext.h (Eduardo Habkost ) [507483]\n- [x86_64] add MSR_VM_* defines (Eduardo Habkost ) [507483]\n- [x86_64] disable VMX and SVM on machine_crash_shutdown (Eduardo Habkost ) [507483]\n- [x86_64] add EFER_SVME define (Eduardo Habkost ) [507483]\n- [x86_64] define X86_CR4_VMXE (Eduardo Habkost ) [507483]\n- [net] qlge: rhel-5.4 cleanups (Marcus Barrow ) [509647]\n- [scsi] lpfc: fix ctx_idx increase and update version (Rob Evers ) [509010]\n- [scsi] lpfc: move pointer ref. inside alloc check in (Rob Evers ) [509010]\n- [scsi] lpfc: update to version 8.2.0.48 (Rob Evers ) [509010]\n- [mm] fix re-read performance regression (Josef Bacik ) [506511]\n- [net] ipsec: add missing braces to fix policy querying (Herbert Xu ) [462731]\n- [net] tg3: 5785F and 50160M support (Andy Gospodarek ) [506205]\n- [pci] intel-iommu: fix iommu address space allocation (Chris Wright ) [509207]\n- [xen] virtio: do not statically allocate root device (Mark McLoughlin ) [501468]\n- [xen] virtio: add PCI device release function (Mark McLoughlin ) [501468]\n- [misc] driver core: add root_device_register (Mark McLoughlin ) [501468]\n- [block] blktrace: fix recursive block remap tracepoint (Jason Baron ) [502573]\n- [scsi] qla2xxx: rhel-5.4 fixes and cleanups (Marcus Barrow ) [507246]\n- [xen] HV: remove high latency spin_lock (Chris Lalancette ) [459410]\n- [xen] ia64: add get/set_address_size support (Chris Lalancette ) [510069]\n[2.6.18-157.el5]\n- [mm] readv: sometimes returns less than it should (Amerigo Wang ) [500693]\n- [net] be2net: fix races in napi and interrupt handling (Andy Gospodarek ) [508839]\n- [net] be2net: fix deadlock with bonding (Andy Gospodarek ) [508871]\n- [xen] quiet printk on FV guest shutdown (Don Dutile ) [501474]\n- [fs] fuse: enable building the subsystem (Josef Bacik ) [457975]\n- [gfs2] fix panic in glock memory shrinker (Benjamin Marzinski ) [508806]\n- [net] rt2x00: use mac80211-provided workqueue (John W. Linville ) [506845]\n- [pci] quirk: disable MSI on VIA VT3364 chipsets (Dean Nelson ) [501374]\n- [net] undo vlan promiscuity count when unregistered (Neil Horman ) [481283]\n- [net] be2net: crash on PPC with LRO and jumbo frames (Andy Gospodarek ) [508404]\n- [net] RTNL: assertion failed due to bonding notify (Stanislaw Gruszka ) [508297]\n- [scsi] ibmvfc: process async events before cmd responses (AMEET M. PARANJAPE ) [508127]\n- [scsi] ibmvfc: fix endless PRLI loop in discovery (AMEET M. PARANJAPE ) [508127]\n- [scsi] ibmvfc: improve LOGO/PRLO ELS handling (AMEET M. PARANJAPE ) [508127]\n- [net] iucv: provide second per-cpu cmd parameter block (Hans-Joachim Picht ) [503240]\n- [net] sky2: /proc/net/dev statistics are broken (Flavio Leitner ) [507932]\n- [scsi] qla2xxx: prevent I/O stoppage (Marcus Barrow ) [507620]\n- [scsi] qla2xxx: updates 24xx firmware to 4.04.09 (Marcus Barrow ) [507398]\n- [scsi] qla2xxx: updates 25xx firmware to 4.04.09 (Marcus Barrow ) [507398]\n- [scsi] qla4xxx: extended sense data errors, cleanups (Marcus Barrow ) [506981]\n- [char] tty: prevent an O_NDELAY writer from blocking (Mauro Carvalho Chehab ) [506806]\n- [xen] allow msi reconfigure for pt_bind_irq (ddugger@redhat.com ) [507970]\n[2.6.18-156.el5]\n- [misc] kdump: make mcp55 chips work (Neil Horman ) [462519]\n- [ide] enable VX800 to use UDMA mode (John Feeney ) [504121]\n- [misc] wacom: reset state when tool is not in proximity (Aristeu Rozanski ) [499870]\n- [scsi] lpfc: update to version 8.2.0.46 (Rob Evers ) [506792]\n- [mm] prevent panic in copy_hugetlb_page_range (Larry Woodman ) [507860]\n- [gfs2] keep statfs info in sync on grows (Benjamin Marzinski ) [494885]\n- [gfs2] always queue work after after setting GLF_LOCK (Benjamin Marzinski ) [506140]\n- [scsi] cxgb3i: use kref to track ddp, support page sizes (mchristi@redhat.com ) [506151]\n- [security] drop mmap_min_addr to 4096 (Eric Paris ) [507017]\n- [misc] hrtimer: fix a soft lockup (Amerigo Wang ) [418071] {CVE-2007-5966}\n- [net] backport net_rx_action tracepoint (Neil Horman ) [506138]\n- [gfs2] fix truncate buffered/direct I/O issue (Steven Whitehouse ) [504676]\n- [xen] x86: fix IRQ problem on legacy hardware (ddugger@redhat.com ) [505491]\n- [xen] disable 2MB support on PAE kernels (Bhavna Sarathy ) [503737]\n[2.6.18-155.el5]\n- [mm] fix swap race condition in fork-gup-race patch (Andrea Arcangeli ) [506684]\n- [net] e1000e: stop unnecessary polling when using msi-x (Andy Gospodarek ) [506841]\n[2.6.18-154.el5]\n- [kABI] add smp_send_reschedule and get_user_pages_fast (Jon Masters ) [504038]\n- [scsi] lpfc: update to version 8.2.0.45 (Rob Evers ) [505445]\n- [fs] ext4: fix prealloc vs truncate corruption (Eric Sandeen ) [505601]\n- [net] r8169: fix crash when large packets are received (Ivan Vecera ) [504732] {CVE-2009-1389}\n- [pci] fix pcie save restore patch (Don Dutile ) [505541]\n- [scsi] ibmvscsi: add 16 byte CDB support (AMEET M. PARANJAPE ) [502944]\n- [infiniband] iw_cxgb3: add final fixups for 1.4.1 (Doug Ledford ) [504906]\n- [infiniband] mlx4_en: hand remove XRC support (Doug Ledford ) [506097]\n- [infiniband] cxgb3: update firmware from 7.1 to 7.4 (Doug Ledford ) [504955]\n- [infiniband] ofed: backports from ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] RDS: Update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] mthca: update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [net] cxgb3: support two new phys and page mapping fix (Doug Ledford ) [504955]\n- [infiniband] ipoib/sdp: update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] OFED: back out XRC patch, not ready yet (Doug Ledford ) [506097]\n- [infiniband] mlx4_en: update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] iw_nes: update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] OFED: fix broken switch statement (Doug Ledford ) [506097]\n- [infiniband] OFED: removes this backport and all callers (Doug Ledford ) [506097]\n- [infiniband] iw_cxgb3: update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] mlx4_ib: update to ofed 1.4.1 final bits (Doug Ledford ) [506097]\n- [infiniband] remove duplicate definition (Doug Ledford ) [500368]\n- [net] be2net: add intial support (Andy Gospodarek ) [490074]\n- [net] ixgbe: backport fixups and bugfixes for 82599 (Andy Gospodarek ) [505653]\n- [md] increase pg_init_in_progress only if work is queued (Jesse Larrew ) [489582]\n- [x86_64] AMD IOMMU: fix GLX issue in bare metal (Bhavna Sarathy ) [504010]\n- [scsi] libsas: use the supplied address for SATA devices (David Milburn ) [494658]\n- [x86_64] amd iommu: fix kdump unknown partition table (Bhavna Sarathy ) [504751]\n- [char] TPM: get_event_name stack corruption (Dean Nelson ) [503905]\n- [net] e1000e: update to upstream version 1.0.2-k2 (Andy Gospodarek ) [480241]\n- [crypto] add continuous test to hw rng in FIPS mode (Neil Horman ) [504218]\n- [net] ehea: fix invalid pointer access (AMEET M. PARANJAPE ) [504679]\n- [x86_64] amd iommu: fix spinlock imbalance (Bhavna Sarathy ) [501571]\n- [x86_64] iommu: protect against broken IVRS ACPI table (Bhavna Sarathy ) [501571]\n- [x86_64] amd iommu: fix flag masks (Bhavna Sarathy ) [501571]\n- [x86_64] iommu: fix the handling of device aliases (Bhavna Sarathy ) [501571]\n- [x86_64] amd iommu: fix an off-by-one error (Bhavna Sarathy ) [501571]\n- [xen] x86: give dom0 access to machine e820 map (ddugger@redhat.com ) [503818]\n- [pci] fix sr-iov regression with PCI device class (ddugger@redhat.com ) [503826]\n- [scsi] qla4xxx: extended sense data errors (Marcus Barrow ) [489389]\n- [scsi] qla4xxx: remove some dead code (Marcus Barrow ) [459449]\n- [net] qla2xxx, ql8xxx : support for 10 GigE (Marcus Barrow ) [479288]\n[2.6.18-153.el5]\n- [s390x] zfcpdump: move zfcpdump kernel removal to %post (Don Zickus ) [499629]\n- [x86_64] kvm: fix libvirt based device assignment issue (Bhavna Sarathy ) [504165]\n- [gfs2] get gfs2meta superblock correctly (Benjamin Marzinski ) [504086]\n- [ptrace] fix do_coredump vs ptrace_start() deadlock (Oleg Nesterov ) [504157] {CVE-2009-1388}\n- [scsi] ipr: fix PCI permanent error handler (AMEET M. PARANJAPE ) [503960]\n- [scsi] IPR: adapter taken offline after first EEH error (AMEET M. PARANJAPE ) [504675]\n- [scsi] lpfc: update to version 8.2.0.44 (Rob Evers ) [503248]\n- [net] skb_seq_read: wrong offset/len for page frag data (mchristi@redhat.com ) [501308]\n- [xen] netback: change back to a flipping interface (Chris Lalancette ) [479754]\n- [fs] autofs4: remove hashed check in validate_wait (Ian Kent ) [490078]\n- [ppc64] resolves issues with pcie-save-restore-state (AMEET M. PARANJAPE ) [504198]\n- [net] gso: stop fraglists from escaping (Herbert Xu ) [499347]\n- [tun] use non-linear packets where possible (Herbert Xu ) [503309]\n- [net] skb_copy_datagram_from_iovec (Herbert Xu ) [503309]\n- [net] tun: only wake up writers (Herbert Xu ) [503191]\n- Re-apply: [net] tun: add packet accounting (Don Zickus ) [495863]\n- [sched] fix cond_resched_softirq() offset (Jesse Larrew ) [496935]\n- [ata] sata_sx4: fixup interrupt and exception handling (David Milburn ) [503827]\n- Revert: [net] avoid extra wakeups in wait_for_packet (Don Zickus ) [497897]\n- [net] e1000: fix skb_over_panic (Neil Horman ) [503441] {CVE-2009-1385}\n[2.6.18-152.el5]\n- [x86_64] kvm: export symbols to allow building (john cooper ) [504038]\n- [misc] s390 zfcpdump: check for another image on removal (Hans-Joachim Picht ) [499629]\n- [net] ixgbe: fix MSI-X allocation on 8+ core systems (Andy Gospodarek ) [500857]\n- [s390] dasd: add EMC ioctl to the driver (Christoph Hellwig ) [461288]\n- [net] ixgbe: fix polling saturates CPU (Andy Gospodarek ) [503559]\n- [misc] core dump: wrong thread info in core dump file (Amerigo Wang ) [503553]\n- [crypto] testmgr: check all test vector lengths (Jarod Wilson ) [503091]\n- [net] igb and igbvf: return from napi poll correctly (Andy Gospodarek ) [503215]\n- [crypto] testmgr: dynamically allocate xbuf and axbuf (Jarod Wilson ) [503091]\n- [fs] vfs: skip I_CLEAR state inodes in drop_pagecache_sb (Eric Sandeen ) [500164]\n- Revert: [net] tun: add packet accounting (Herbert Xu ) [495863]\n- [net] netxen: add GRO Support (Herbert Xu ) [499347]\n- [nfs] v4: 'r'/'w' perms for user do not work on client (Peter Staubach ) [502244]\n- [x86] nmi: add Intel cpu 0x6f4 to perfctr1 workaround (Prarit Bhargava ) [500892]\n- [dm] raid45 target: kernel oops in constructor (Heinz Mauelshagen ) [503070]\n- [net] sky2: fix sky2 stats (Neil Horman ) [503080]\n- [acpi] check _PSS frequency to prevent cpufreq crash (Prarit Bhargava ) [500311]\n- [scsi] mvsas: sync w/ appropriate upstream changes (Rob Evers ) [485126]\n- [scsi] mvsas: comment cleanup (Rob Evers ) [485126]\n- [scsi] mvsas: correct bit-map implementation (Rob Evers ) [485126]\n- [scsi] mvsas: initial patch submission (Rob Evers ) [485126]\n- [net] add broadcom cnic driver (mchristi@redhat.com ) [441979]\n- [scsi] add bnx2i iscsi driver (mchristi@redhat.com ) [441979]\n- [scsi] add netlink msg to iscsi IF to support offload (mchristi@redhat.com ) [441979]\n- [misc] add UIO framework from upstream (mchristi@redhat.com ) [441979]\n- [net] add cnic support to bnx2 (mchristi@redhat.com ) [441979]\n- [powerpc] pass the PDN to check_msix_entries (AMEET M. PARANJAPE ) [502906]\n- [fs] proc: avoid info leaks to non-privileged processes (Amerigo Wang ) [499541]\n- [net] ixgbe: add GRO suppport (Herbert Xu ) [499347]\n- [net] igb: add GRO suppport (Herbert Xu ) [499347]\n- [net] cxgb3: add GRO suppport (Herbert Xu ) [499347]\n- [net] vlan: add GRO interfaces (Herbert Xu ) [499347]\n- [net] tcp6: add GRO support (Herbert Xu ) [499347]\n- [net] ipv6: add GRO support (Herbert Xu ) [499347]\n- [net] ethtool: add GGRO and SGRO ops (Herbert Xu ) [499347]\n- [net] tcp: add GRO support (Herbert Xu ) [499347]\n- [net] add skb_gro_receive (Herbert Xu ) [499347]\n- [net] ipv4: add GRO infrastructure (Herbert Xu ) [499347]\n- [net] add Generic Receive Offload infrastructure (Herbert Xu ) [499347]\n- [net] add frag_list support to GSO (Herbert Xu ) [499347]\n- [net] add frag_list support to skb_segment (Herbert Xu ) [499347]\n- [net] skbuff: add skb_release_head_state (Herbert Xu ) [499347]\n- [net] skbuff: merge code copy_skb_header and skb_clone (Herbert Xu ) [499347]\n- [netfilter] nf_conntrack: add __nf_copy to copy members (Herbert Xu ) [499347]\n- [net] skbuff: add skb_cow_head (Herbert Xu ) [499347]\n- [net] netpoll: backport netpoll_rx_on (Herbert Xu ) [499347]\n- [net] gro: Optimise Ethernet header comparison (Herbert Xu ) [499347]\n- [net] backport csum_replace4/csum_replace2 (Herbert Xu ) [499347]\n- [net] backport csum_unfold without sparse annotations (Herbert Xu ) [499347]\n- [net] sky2: fix eeprom reads (Neil Horman ) [501050]\n- [nfs] v4: client handling of MAY_EXEC in nfs_permission (Peter Staubach ) [500302] {CVE-2009-1630}\n- [net] forcedeth: restore power up snippet (Ivan Vecera ) [479740]\n- [md] dm: I/O failures when running dm-over-md with xen (Mikulas Patocka ) [223947]\n- [selinux] warn on nfs mounts with same SB but diff opts (Eric Paris ) [466701]\n[2.6.18-151.el5]\n- [alsa] hda: improve init for ALC262_HP_BPC model (Jaroslav Kysela ) [473949]\n- [ppc] LPAR hang on multipath device with FCS v2 (AMEET M. PARANJAPE ) [498927]\n- [fs] nfsd: fix setting the nfsv4 acls (Steve Dickson ) [403021]\n- [scsi] fnic: compile on x86 too (mchristi@redhat.com ) [501112]\n- [net] avoid extra wakeups in wait_for_packet (Neil Horman ) [497897]\n- [x86] xen: fix local denial of service (Chris Lalancette ) [500951]\n- [scsi] ibmvfc: wait on adapter init before starting scan (AMEET M. PARANJAPE ) [501560]\n- [net] bnx2x: update to 1.48.105 (Stanislaw Gruszka ) [475481]\n- [xen] add Credit Scheduler Fairness and hard virt (Justin M. Forbes ) [432700]\n- [xen] deadlock between libvirt and xentop (Miroslav Rezanina ) [499013]\n- [xen] sched: remove printk introduced with hard virt (Justin M. Forbes ) [501475]\n[2.6.18-150.el5]\n- [kabi] add cmirror symbols to kABI (Jon Masters ) [500745]\n- Revert: [sched] accurate task runtime accounting (Linda Wang ) [297731] {CVE-2007-3719}\n- [alsa] hda: add missing comma in ad1884_slave_vols (Jeff Burke ) [500626]\n- [x86] remove xtime_lock from time_cpufreq_notifier (Prarit Bhargava ) [501178]\n- [fs] cifs: fix pointer and checks in cifs_follow_symlink (Jeff Layton ) [496577] {CVE-2009-1633}\n- [fs] ext4: corruption fixes (Eric Sandeen ) [501082]\n- [lockdep] dont omit lock_set_subclass (Aristeu Rozanski ) [462248]\n- [ppc] cell: make ptcal more reliable (AMEET M. PARANJAPE ) [501356]\n- [x86] include asm-x86_64 in i686-devel package (Don Zickus ) [491775]\n- [misc] compile: add -fwrapv to gcc CFLAGS (Don Zickus ) [491266]\n- [trace] mm: eliminate extra mm tracepoint overhead (Larry Woodman ) [501013]\n- [dlm] use more NOFS allocation (Abhijith Das ) [460218]\n- [dlm] connect to nodes earlier (Abhijith Das ) [460218]\n- [wireless] mac80211: freeze when ath5k IF brought down (Michal Schmidt ) [499999]\n- [audit] watch: fix removal of AUDIT_DIR rule on rmdir (Alexander Viro ) [501321]\n- [trace] sunrpc: adding trace points to status routines v2 (Steve Dickson ) [499008]\n- [misc] random: make get_random_int more random (Amerigo Wang ) [499776]\n- [md] retry immediate in 2 seconds (Jesse Larrew ) [489582]\n- [scsi] retry for NOT_READY condition (Jesse Larrew ) [489582]\n- [md] handle multiple paths in pg_init (Jesse Larrew ) [489582]\n- [scsi] fix compilation error (Jesse Larrew ) [489582]\n- [scsi] add LSI storage IDs (Jesse Larrew ) [489582]\n- [scsi] handle quiescence in progress (Jesse Larrew ) [489582]\n- [scsi] retry IO on unit attention (Jesse Larrew ) [489582]\n- [scsi] handle unit attention in mode select (Jesse Larrew ) [489582]\n- [scsi] make the path state active by default (Jesse Larrew ) [471426]\n- [scsi] Retry mode select in rdac device handler (Jesse Larrew ) [489582]\n[2.6.18-149.el5]\n- [acpi] updated dock driver for RHEL-5.4 (Matthew Garrett ) [485181]\n- [infiniband] ib_core: use weak ordering for user memory (AMEET M. PARANJAPE ) [501004]\n- [mm] fork-o_direct-race v3 (aarcange@redhat.com ) [471613]\n- [nfs] make nfsv4recoverydir proc file readable (Evan McNabb ) [499840]\n- [pci] remove pci-stub driver from -xen kernels (Don Dutile ) [500568]\n- [pci] IOMMU phys_addr cleanup (Don Dutile ) [500901]\n- [pci] missed fix to pci_find_upstream_pcie_bridge (Don Dutile ) [500901]\n- [misc] IOMMU MSI header cleanup (Don Dutile ) [500901]\n- [scsi] megaraid: update megasas to 4.08-RH1 (Tomas Henzl ) [475574]\n- [fs] nfs: fix an f_mode/f_flags confusion in write.c (Jeff Layton ) [490181]\n- [fs] cifs: renaming dont try to unlink negative dentry (Jeff Layton ) [500839]\n- [fs] cifs: fix error handling in parse_DFS_referrals (Jeff Layton ) [496577] {CVE-2009-1633}\n- [scsi] aacraid: update to 1.1.5-2461 (Rob Evers ) [475559]\n- [md] dm raid45: dont clear the suspend flag on recovery (Heinz Mauelshagen ) [499406]\n- [net] cxgb3: update driver for RHEL-5.4 (mchristi@redhat.com ) [439518]\n- [scsi] add cxgb3i iscsi driver (mchristi@redhat.com ) [439518]\n- [scsi] port upstream offload code to RHEL-5.4 (mchristi@redhat.com ) [439518]\n- [scsi] force retry of IO when port/session is changing (mchristi@redhat.com ) [498281]\n- [net] igbvf: new driver, support 82576 virtual functions (Andy Gospodarek ) [480524]\n- [net] ehea: fix circular locking problem (AMEET M. PARANJAPE ) [493359]\n- [s390] appldata: vtimer bug with cpu hotplug (Hans-Joachim Picht ) [497207]\n[2.6.18-148.el5]\n- Revert: [mm] fork vs fast gup race fix (Andrea Arcangeli ) [471613]\n[2.6.18-147.el5]\n- Revert: [scsi] marvell sas: initial patch submission (Rob Evers ) [485126]\n- Revert: [scsi] marvell sas: correct bit-map implementation (Rob Evers ) [485126]\n- Revert: [scsi] marvell sas: comment cleanup (Rob Evers ) [485126]\n- [misc] FIPS: create checksum for verification at bootup (Don Zickus ) [444632]\n- [md] dm: raid45 target oops on mapping table reload (Heinz Mauelshagen ) [500387]\n- [md] dm: raid45 target doesnt create parity as expected (Heinz Mauelshagen ) [499406]\n- [net] igb: correctly free multiqueue netdevs (Andy Gospodarek ) [500446]\n- [misc] lockdep: fix large lock subgraph traversal (Aristeu Rozanski ) [462248]\n- [crypto] make tcrypt stay loaded on success (Jarod Wilson ) [499646]\n- [crypto] block use of non-fips algs in fips mode (Jarod Wilson ) [499646]\n- [crypto] mark algs allowed in fips mode (Jarod Wilson ) [499646]\n- [x86_64] 32-bit ptrace emulation mishandles 6th arg (Jiri Olsa ) [495125]\n- [fs] cifs: buffer overruns when converting strings (Jeff Layton ) [496577]\n- [scsi] lpfc: update from version 8.2.0.41 to 8.2.0.43 (Rob Evers ) [498524]\n- [cpufreq] xen: powernow identifies wrong number of procs (Miroslav Rezanina ) [456437]\n- [scsi] MPT fusion: remove annoying debug message v2 (Tomas Henzl ) [475455]\n- [scsi] MPT fusion: make driver legacy I/O port free v2 (Tomas Henzl ) [475451]\n- [scsi] MPT fusion: update version 3.04.07rh v2 (Tomas Henzl ) [475455]\n- [ia64] fix regression in nanosleep syscall (Prarit Bhargava ) [499289]\n- [md] s390: I/O stall when performing random CHPID off/on (Mikulas Patocka ) [500729]\n- [crypto] add hmac and hmac(sha512) test vectors (Jarod Wilson ) [499463]\n- [sched] accurate task runtime accounting (Peter Zijlstra ) [297731] {CVE-2007-3719}\n- [sched] rq clock (Peter Zijlstra ) [297731] {CVE-2007-3719}\n- [x86] scale cyc_2_nsec according to CPU frequency (Peter Zijlstra ) [297731] {CVE-2007-3719}\n- [i386] untangle xtime_lock vs update_process_times (Peter Zijlstra ) [297731] {CVE-2007-3719}\n- [x86_64] clean up time.c (Peter Zijlstra ) [297731] {CVE-2007-3719}\n- [net] tun: add packet accounting (Herbert Xu ) [495863]\n- [kabi] add pcie_set_readrq (Jon Masters ) [479200]\n- [kabi] add Kernel Virtual Machine kABI symbols (Jon Masters ) [466961]\n- [crypto] add ctr test vectors (Jarod Wilson ) [497888]\n- [crypto] print self-test success notices in fips mode (Jarod Wilson ) [497885]\n- [mm] fork vs fast gup race fix (Andrea Arcangeli ) [471613]\n- [mm] support for lockless get_user_pages (aarcange@redhat.com ) [474913]\n- Revert: [mm] fork vs gup race fix (aarcange@redhat.com ) [471613]\n- [net] r8169: reset IntrStatus after chip reset (Ivan Vecera ) [500740]\n- Revert: [net] forcedeth: power down phy when IF is down (Ivan Vecera ) [479740]\n- [misc] add AMD IOMMU support to KVM (Bhavna Sarathy ) [481026]\n- [misc] VT-d: backport of Intel VT-d support to RHEL5 (Don Dutile ) [480411]\n- [misc] VT-d: add clflush_cache_range function (Don Dutile ) [480411]\n- [misc] VT-d: add DMAR-related timeout definition (Don Dutile ) [480411]\n- [misc] VT-d: add DMAR ACPI table support (Don Dutile ) [480411]\n- [misc] VT-d: add pci_find_upstream_pcie_bridge (Don Dutile ) [480411]\n- [misc] VT-d: move common MSI defines to msi.h (Don Dutile ) [480411]\n- [trace] blk tracepoints (Arnaldo Carvalho de Melo ) [493454]\n- [pci] enable CONFIG_PCI_IOV (ddugger@redhat.com ) [493152]\n- [pci] save and restore PCIe 2.0 registers (ddugger@redhat.com ) [493152]\n- [pci] restore PCI-E capability registers after PM event (ddugger@redhat.com ) [493152]\n- [pci] add SR-IOV API for Physical Function driver (ddugger@redhat.com ) [493152]\n- [pci] centralize device setup code (ddugger@redhat.com ) [493152]\n- [pci] reserve bus range for SR-IOV device (ddugger@redhat.com ) [493152]\n- [pci] restore saved SR-IOV state (ddugger@redhat.com ) [493152]\n- [pci] initialize and release SR-IOV capability (ddugger@redhat.com ) [493152]\n- [pci] add a new function to map BAR offsets (ddugger@redhat.com ) [493152]\n- [pci] allow pci_alloc_child_bus to handle a NULL bridge (ddugger@redhat.com ) [493152]\n- [pci] enhance pci_ari_enabled (ddugger@redhat.com ) [493152]\n- [pci] fix ARI code to be compatible with mixed systems (ddugger@redhat.com ) [493152]\n- [pci] support PCIe ARI capability (ddugger@redhat.com ) [493152]\n- [pci] export __pci_read_base (ddugger@redhat.com ) [493152]\n- [pci] fix 64-vbit prefetchable memory resource BARs (ddugger@redhat.com ) [493152]\n- [pci] handle 64-bit resources better on 32-bit machines (ddugger@redhat.com ) [493152]\n- [pci] rewrite PCI BAR reading code (ddugger@redhat.com ) [493152]\n- [xen] add Credit Scheduler Fairness and hard virt (Justin M. Forbes ) [432700]\n- [xen] x86_64: add 1GB page table support (Bhavna Sarathy ) [251982]\n[2.6.18-146.el5]\n- [fs] vfs freeze: use vma->v_file to get to superblock (Eric Sandeen ) [476148]\n- [net] tg3: allow 5785 to work when running at 10Mbps (Andy Gospodarek ) [469772]\n- [net] af_iucv: race when queuing incoming iucv messages (Hans-Joachim Picht ) [499626]\n- [trace] sunrpc: adding trace points to status routines (Steve Dickson ) [499008]\n- [gfs2] fix glock ref count issue (Steven Whitehouse ) [485098]\n- [kabi] add acpi_bus_register_driver (Jon Masters ) [462911]\n- [kabi] add nobh_truncate_page and kernel_read (Jon Masters ) [497276]\n- [usb] support Huaweis mode switch in kernel (Pete Zaitcev ) [485182]\n- [scsi] ibmvscsi: LPAR hang on a multipath device (AMEET M. PARANJAPE ) [498927]\n- [wireless] mac80211: scanning related fixes (John W. Linville ) [498719]\n- [fs] ecryptfs: remove ecryptfs_unlink_sigs warnings (Eric Sandeen ) [499171]\n- [fs] ext4: re-fix warning on x86 build (Eric Sandeen ) [499202]\n- [ppc64] adjust oprofile_cpu_type detail (AMEET M. PARANJAPE ) [496709]\n- [nfs] SELinux can copy off the top of the stack (Eric Paris ) [493144]\n- [xen] x86: explicitly zero CR[1] in getvcpucontext (Miroslav Rezanina ) [494876]\n- [xen] x86: fix overflow in the hpet code (Rik van Riel ) [449346]\n- [xen] x86: fixes to the 'no missed-tick accounting' code (Rik van Riel ) [449346]\n- [xen] introduce 'no missed-tick accounting' (Rik van Riel ) [449346]\n- [xen] x86: misc fixes to the timer code (Rik van Riel ) [449346]\n- [xen] x86: initialize vlapic->timer_last_update (Rik van Riel ) [449346]\n[2.6.18-145.el5]\n- [ia64] xen: switch from flipping to copying interface (Chris Lalancette ) [479754]\n- [scsi] fnic: init retry counter (Mike Christie ) [484438]\n- [misc] add some long-missing capabilities to CAP_FS_MASK (Eric Paris ) [499076 497272] {CVE-2009-1072}\n- [crypto] add ansi_cprng test vectors (Jarod Wilson ) [497891]\n- [crypto] add rng self-test infra (Jarod Wilson ) [497891]\n- [md] bitmap merge feature (Doug Ledford ) [481226]\n- [md] fix lockup on read error (Doug Ledford ) [465781]\n- [md] dm-raid45: corrupt data and premature end of synch (Heinz Mauelshagen ) [480733 479383]\n- [fs] generic freeze ioctl interface (Eric Sandeen ) [476148]\n- [scsi] add mpt2sas driver (Tomas Henzl ) [475665]\n- [misc] kprobes: fix deadlock issue (John Villalovos ) [210555]\n- [block] disable iostat collection in gendisk (Jerome Marchand ) [484158]\n- [block] fix request flags (Jerome Marchand ) [484158]\n- [misc] fix blktrace api breakage (Hans-Joachim Picht ) [475334]\n- [fs] fuse: update for RHEL-5.4 (Josef Bacik ) [457975]\n[2.6.18-144.el5]\n- Revert: [scsi] MPT Fusion: update to version 3.04.07rh (Tomas Henzl ) [475455]\n- Revert: [scsi] make fusion MPT driver legacy I/O port free (Tomas Henzl ) [475451]\n- Revert: [scsi] MPT fusion: remove annoying debug message (Tomas Henzl ) [475455]\n- [openib] ehca: fix performance during creation of QPs (AMEET M. PARANJAPE ) [498527]\n- [scsi] qla4xxx: fix driver fault recovery (Marcus Barrow ) [497478]\n- [misc] make bus_find_device more robust, match upstream (Don Dutile ) [492488]\n- [md] dm snapshot: refactor __find_pending_exception (Mikulas Patocka ) [496100]\n- [md] race conditions in snapshots (Mikulas Patocka ) [496100]\n- [md] dm-raid1: switch read_record from kmalloc to slab (Mikulas Patocka ) [496101]\n- [md] dm-raid1/mpath: partially completed request crash (Mikulas Patocka ) [496101]\n- [md] snapshot: store damage (Mikulas Patocka ) [496102]\n- [scsi] cciss: change in discovering memory bar (Tomas Henzl ) [474392]\n- [scsi] cciss: version change for RHEL-5.4 (Tomas Henzl ) [474392]\n- [scsi] cciss: thread to detect config changes on MSA2012 (Tomas Henzl ) [474392]\n- [scsi] cciss: changes in config functions (Tomas Henzl ) [474392]\n- [openib] update all the backports for the code refresh (Doug Ledford ) [476301]\n- [openib] add support for XRC queues (Doug Ledford ) [476301]\n- [openib] RDS: add the RDS protocol (Doug Ledford ) [477065]\n- [openib] IPoIB: update to OFED 1.4.1-rc3 (Doug Ledford ) [434779 466086]\n- [openib] SRP: update to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] SDP: update to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] qlgc_vnic: update to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] cxgb3: update driver to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] iw_nes: update NES iWARP to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] mthca: update driver to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] ipath: update driver to OFED 1.4.1-rc3 (Doug Ledford ) [230035 480696]\n- [openib] ehca: update driver for RHEL-5.4 (Doug Ledford ) [466086]\n- [openib] core: disable lock dep annotation (Don Zickus ) [476301]\n- [openib] core: update core code to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] rmda: update rdma headers to OFED 1.4.1-rc3 (Doug Ledford ) [476301]\n- [openib] mlx4: Update mlx4_ib and mlx4_core, add mlx4_en (Doug Ledford ) [456525 477065]\n- [openib] enable mlx4_en and rds, disable iw_c2 (Doug Ledford ) [476301]\n- [mm] add tracepoints (Larry Woodman ) [493444]\n[2.6.18-143.el5]\n- [net] bonding: ignore updelay param when no active slave (Jiri Pirko ) [495318]\n- [net] ipv6: fix incoming packet length check (Jiri Pirko ) [492972]\n- [misc] drivers fix dma_get_required_mask (Tomas Henzl ) [475455]\n- [gfs2] NFSv2 support (Steven Whitehouse ) [497954]\n- [ppc64] set error_state to pci_channel_io_normal (AMEET M. PARANJAPE ) [496872]\n- [mm] allow tuning of MAX_WRITEBACK_PAGES (Larry Woodman ) [479079]\n- [trace] add 'success' to sched_wakeup/sched_wakeup_new (Jason Baron ) [497414]\n- [scsi] update iscsi layer and drivers for RHEL-5.4 (mchristi@redhat.com ) [436791 484455]\n- [crypto] fips: panic box when module validation fails (Neil Horman ) [497228]\n- [scsi] st: option to use SILI in variable block reads (Tom Coughlan ) [457970]\n- [net] bonding: support for bonding of IPoIB interfaces (Andy Gospodarek ) [430758]\n- [net] bonding: update to upstream version 3.4.0 (Andy Gospodarek ) [462632]\n- [scsi] add md3000 and md3000i entries to rdac_dev_list (John Feeney ) [487293]\n- [trace] tracepoints for page cache (KII Keiichi ) [475719]\n- [trace] tracepoints for network socket (KII Keiichi ) [475719]\n- [scsi] stex: support promise 6Gb sas raid controller (David Milburn ) [492022]\n- [scsi] add ALUA scsi device handler (mchristi@redhat.com ) [482737]\n- [scsi] update fnic fcoe driver for RHEL-5.4 (mchristi@redhat.com ) [484438]\n- [scsi] update libfc/fcoe for RHEL-5.4 (mchristi@redhat.com ) [484438]\n- [video] efifb: driver update (Brian Maly ) [488820]\n- [fs] fix softlockup in posix_locks_deadlock (Josef Bacik ) [476659]\n- [fs] cifs: unicode alignment and buffer sizing problems (Jeff Layton ) [494280] {CVE-2009-1439}\n- [mm] vmscan: bail out of direct reclaim after max pages (Rik van Riel ) [495442]\n- [crypto] add self-tests for rfc4309 (Jarod Wilson ) [472386]\n- [crypto] handle ccm dec test vectors expected to fail (Jarod Wilson ) [472386]\n- [crypto] fix rfc4309 deadlocks (Jarod Wilson ) [472386]\n- [scsi] marvell sas: comment cleanup (Rob Evers ) [485126]\n- [scsi] marvell sas: correct bit-map implementation (Rob Evers ) [485126]\n- [scsi] marvell sas: initial patch submission (Rob Evers ) [485126]\n- [acpi] CPU P-state limits ignored by OS (Stanislaw Gruszka ) [494288]\n- [net] provide a generic SIOETHTOOL ETHTOOL_GPERMADDR (Flavio Leitner ) [462352]\n- [scsi] lpfc: update to version 8.2.0.41 (Rob Evers ) [476738]\n- [scsi] lpfc: update to version 8.2.0.40 (Rob Evers ) [476738]\n- [scsi] lpfc: update to version 8.2.0.39 (Rob Evers ) [476738]\n- [scsi] lpfc: update to version 8.2.0.38 (Rob Evers ) [476738]\n[2.6.18-142.el5]\n- [net] ipv4: remove uneeded bh_lock/unlock from udp_rcv (Neil Horman ) [484590]\n- [net] ixgbe: update to upstream version 2.0.8-k2 (Andy Gospodarek ) [472547]\n- [net] igb: update to upstream version 1.3.16-k2 (Andy Gospodarek ) [484102 474881]\n- [mm] vmalloc: dont pass __GFP_ZERO to slab (Jiri Olsa ) [491685]\n- [agp] zero pages before sending to userspace (Jiri Olsa ) [497026] {CVE-2009-1192}\n- [net] e1000: enable TSO6 via ethtool with correct hw (Andy Gospodarek ) [449175]\n- [net] tg3: update to version 3.96 (Andy Gospodarek ) [481715 469772]\n- [x86] apic: rollover in calibrate_APIC_clock (Brian Maly ) [456938]\n- [alsa] handle subdevice_mask in snd_pci_quirk_lookup (Jaroslav Kysela ) [473949 483594]\n- [ia64] altix: performance degradation in PCI mode (George Beshers ) [497136]\n- [misc] I/O AT: config file changes (John Feeney ) [436048]\n- [misc] I/O AT: new ioat*.c (John Feeney ) [436048]\n- [misc] I/O AT: new dmaengine_v3.c (John Feeney ) [436048]\n- [misc] I/O AT: new include files (John Feeney ) [436048]\n- [misc] I/O AT: add drivers/dca (John Feeney ) [436048]\n- [misc] I/O AT: update network changes (John Feeney ) [436048]\n- [misc] I/O AT: update existing files (John Feeney ) [436048]\n- [misc] I/O AT: update include files (John Feeney ) [436048]\n- [mm] tweak vm diry_ratio to prevent stalls on some DBs (Larry Woodman ) [295291]\n- [nfs] setacl not working over NFS (Peter Staubach ) [496903]\n- [fs] ext4: update config options (Eric Sandeen ) [485315]\n- [fs] ext4: post-2.6.29 fixes (Eric Sandeen ) [485315]\n- [fs] backport patch for 2.6.29 ext4 (Eric Sandeen ) [485315]\n- [fs] rebase ext4 and jbd2 to 2.6.29 codebase (Eric Sandeen ) [485315 487933 487940 487944 487947] {CVE-2009-0745 CVE-2009-0746 CVE-2009-0747 CVE-2009-0748}\n- [fs] update write_cache_pages (Eric Sandeen ) [485315]\n- [fs] export set_task_ioprio (Eric Sandeen ) [485315]\n- [scsi] qla2xxx : updates and fixes from upstream, part 4 (Marcus Barrow ) [496126]\n- [scsi] MPT fusion: remove annoying debug message (Tomas Henzl ) [475455]\n- [scsi] make fusion MPT driver legacy I/O port free (Tomas Henzl ) [475451]\n- [scsi] MPT Fusion: update to version 3.04.07rh (Tomas Henzl ) [475455]\n- [x86] add MAP_STACK mmap flag (Larry Woodman ) [459321]\n- [scsi] sym53c8xx_2: fix up hotplug support (mchristi@redhat.com ) [461006]\n- [scsi] qla2xxx : updates and fixes from upstream, part 3 (Marcus Barrow ) [495094]\n- [scsi] qla2xxx : updates and fixes from upstream, part 2 (Marcus Barrow ) [495092]\n- [scsi] qla2xxx : updates and fixes from upstream, part 1 (Marcus Barrow ) [480204]\n- [nfs] memory leak when reading files wth option 'noac' (Peter Staubach ) [493045]\n- [x86] powernow-k8: export module parameters via sysfs (Prarit Bhargava ) [492010]\n- [misc] IO accounting: tgid accounting (Jerome Marchand ) [461636]\n- [misc] IO accounting: read accounting nfs fix (Jerome Marchand ) [461636]\n- [misc] IO accounting: read accounting (Jerome Marchand ) [461636]\n- [misc] IO accounting: write cancel accounting (Jerome Marchand ) [461636]\n- [misc] IO accounting: report in procfs (Jerome Marchand ) [461636]\n- [misc] IO accounting: account for direct-io (Jerome Marchand ) [461636]\n- [misc] IO accounting: set CONFIG_TASK_IO_ACCOUNTING (Jerome Marchand ) [461636]\n- [misc] IO accounting: write accounting (Jerome Marchand ) [461636]\n- [misc] IO accounting: core statistics (Jerome Marchand ) [461636]\n- [misc] IO accounting: read accounting cifs fix (Jerome Marchand ) [461636]\n- [misc] auxiliary signal structure: signal_struct_aux (Jerome Marchand ) [461636]\n- [misc] auxiliary signal structure: preparation (Jerome Marchand ) [461636]\n- [xen] x86: fix MSI eoi handling for HVM passthru (Gerd Hoffmann ) [477261]\n[2.6.18-141.el5]\n- [x86_64] more cpu_khz to tsc_khz conversions (Prarit Bhargava ) [483300]\n- [gfs2] unaligned access in gfs2_bitfit (Abhijith Das ) [485226]\n- [gfs2] remove scand & glockd kernel processes (Benjamin Marzinski ) [273001]\n- [x86] fix tick divider with clocksource=pit (Chris Lalancette ) [427588]\n- [fs] autofs4: fix incorect return in autofs4_mount_busy (Ian Kent ) [496766]\n- [x86] fix cpuid.4 instrumentation (Brian Maly ) [454981]\n- [md] dm-mpath: propagate ioctl error codes (Benjamin Marzinski ) [461469]\n- [fs] aio: race in aio_complete leads to process hang (Jeff Moyer ) [475814]\n- [s390] enable raw devices (Jeff Moyer ) [452534]\n- [net] bnx2: update to latest upstream - 1.9.3 (Ivan Vecera ) [475567 476897 489519]\n- [net] forcedeth: update to upstream version 0.62 (Ivan Vecera ) [479740]\n- [net] r8169: dont update stats counters when IF is down (Ivan Vecera ) [490162]\n- [net] r8169: fix RxMissed register access (Ivan Vecera ) [474334]\n- [x86] prevent boosting kprobes on exception address (Masami Hiramatsu ) [493088]\n- [gfs2] add fiemap support (Steven Whitehouse ) [476626]\n- [net] e1000e: fix false link detection (Michal Schmidt ) [492270]\n- [ppc] pseries: set error_state to pci_channel_io_normal (AMEET M. PARANJAPE ) [496872]\n- [nfs] large writes rejected when sec=krb5i/p specified (Peter Staubach ) [486756]\n- [wireless] iwlwifi: problems switching b/w WPA and WEP (John W. Linville ) [474699]\n- [net] ipv6: assume loopback address in link-local scope (Jiri Pirko ) [487233]\n- [fs] keep eventpoll from locking up the box (Josef Bacik ) [487585]\n- [ppc64] adjust oprofile_cpu_type (AMEET M. PARANJAPE ) [496709]\n- [fs] jbd: properly dispose of unmapped data buffers (Josef Bacik ) [479296]\n- [fs] ext3: dir_index: error out on corrupt dx dirs (Josef Bacik ) [454942]\n- [fs] ext3: dont resize if no reserved gdt blocks left (Josef Bacik ) [443541]\n- [agp] add pci ids for new video cards (John Villalovos ) [474513]\n- [ata] sata_mv: fix chip type for RocketRaid 1740/1742 (David Milburn ) [496338]\n- [misc] exit_notify: kill the wrong capable check (Oleg Nesterov ) [494271] {CVE-2009-1337}\n- [ipmi] fix platform crash on suspend/resume (peterm@redhat.com ) [475536]\n- [ipmi] fix some signedness issues (peterm@redhat.com ) [475536]\n- [ipmi] hold ATTN until upper layer is ready (peterm@redhat.com ) [475536]\n- [ipmi] allow shared interrupts (peterm@redhat.com ) [475536]\n- [scsi] add missing SDEV_DEL state if slave_alloc fails (Tomas Henzl ) [430170]\n- [net] eHEA: mutex_unlock missing in eHEA error path (AMEET M. PARANJAPE ) [482796]\n- [misc] xen: change PVFB not to select abs. pointer (Markus Armbruster ) [492866]\n- [pci] pci-stub module to reserve pci device (Mark McLoughlin ) [491842]\n- [pci] add remove_id sysfs entry (Mark McLoughlin ) [491842]\n- [pci] use proper call to driver_create_file (Mark McLoughlin ) [491842]\n- [pci] fix __pci_register_driver error handling (Mark McLoughlin ) [491842]\n- [misc] add /sys/bus/*/driver_probe (Mark McLoughlin ) [491842]\n- [misc] backport new ramdisk driver (Don Howard ) [480663]\n- [x86] general pci_scan_bus fix for baremetal and xen (Prarit Bhargava ) [494114]\n- [misc] add HP xw460c to bf sort pci list (Prarit Bhargava ) [490068]\n- [mm] enable dumping of hugepages into core dumps (Dave Anderson ) [470411]\n- [misc] hrtimer: check relative timeouts for overflow (AMEET M. PARANJAPE ) [492230]\n- [acpi] add T-state notification support (Luming Yu ) [487567]\n- [x86_64] copy_user_c can zero more data than needed (Vitaly Mayatskikh ) [490938]\n- [misc] hpilo: backport bugfixes and updates for RHEL-5.4 (tcamuso@redhat.com ) [488964]\n- [pci] do not clear PREFETCH register (Prarit Bhargava ) [486185]\n- [misc] waitpid reports stopped process more than once (Vitaly Mayatskikh ) [481199]\n- [scsi] ipr: enhance driver to support MSI-X interrupt (AMEET M. PARANJAPE ) [475717]\n- [specfile] add ability to build only debug kernel (Jeff Layton ) [469707]\n- [xen] clear X86_FEATURE_APIC in cpuid when apic disabled (ddugger@redhat.com ) [496873]\n- [xen] enable systems without APIC (ddugger@redhat.com ) [496873]\n- [xen] vt-d: workaround for Mobile Series 4 Chipset (ddugger@redhat.com ) [496873]\n- [xen] pci: fix definition of PCI_PM_CTRL_NO_SOFT_RESET (ddugger@redhat.com ) [496873]\n- [xen] utilise the GUEST_PAT and HOST_PAT vmcs area (ddugger@redhat.com ) [496873]\n- [xen] VT-d: enhance MTRR/PAT virtualization (ddugger@redhat.com ) [496873]\n- [xen] fix interrupt remapping on AMD systems (Bhavna Sarathy ) [477261]\n- [xen] enable AMD IOMMU Xen driver (Bhavna Sarathy ) [477261]\n- [xen] add AMD IOMMU Xen driver (Bhavna Sarathy ) [477261]\n- [xen] live migration failure due to fragmented memory (Jiri Denemark ) [469130]\n[2.6.18-140.el5]\n- [fs] xfs: add fiemap support (Josef Bacik ) [296951]\n- [net] add DSCP netfilter target (Thomas Graf ) [481652]\n- [gfs2] blocked after recovery (Abhijith Das ) [483541]\n- [net] remove misleading skb_truesize_check (Thomas Graf ) [474883]\n- [mm] 100% time spent under NUMA when zone_reclaim_mode=1 (Larry Woodman ) [457264]\n- [mm] msync does not sync data for a long time (Larry Woodman ) [479079]\n- [md] dm: fix OOps in mempool_free when device removed (Milan Broz ) [495230]\n- [net] bonding: clean up resources upon removing a bond (Masahiro Matsuya ) [463244]\n- [fs] nfs: convert to new aops (Jeff Layton ) [476224]\n- [fs] cifs: update CIFS for RHEL5.4 (Jeff Layton ) [465143]\n- [misc] types: add fmode_t typedef (Jeff Layton ) [465143]\n- [misc] keys: key facility changes for AF_RXRPC (Jeff Layton ) [465143]\n- [misc] xen: bump max_phys_cpus to 256 (Chris Lalancette ) [477206]\n- [misc] fork: CLONE_PARENT && parent_exec_id interaction (Don Howard ) [479964]\n- [wireless] iwlagn: make swcrypto/swcrypto50=1 default (John W. Linville ) [474699]\n- [wireless] mac80211: avoid null deref (John W. Linville ) [482990]\n- [net] fix out of bound access to hook_entries (Thomas Graf ) [484036]\n- [net] sctp: allow sctp_getladdrs to work for IPv6 (Neil Horman ) [492633]\n- [x86] xen: fix interaction between dom0 and NTP (Rik van Riel ) [494879]\n- [ata] sata_mv: fix 8-port timeouts on 508x/6081 chips (David Milburn ) [493451]\n- [net] fixed tcp_ack to properly clear ->icsk_probes_out (Jiri Olsa ) [494427]\n- [x86] xen: crash when specifying mem= (Chris Lalancette ) [240429]\n- [scsi] qla2xxx: reduce DID_BUS_BUSY failover errors (Marcus Barrow ) [244967]\n- [ata] libata: ahci enclosure management bios workaround (David Milburn ) [488471]\n- [scsi] aic7xxx: increase max IO size (mchristi@redhat.com ) [493448]\n- [nfs] v4: client crash on file lookup with long names (Sachin S. Prabhu ) [493942]\n- [mm] fix prepare_hugepage_range to check offset (Larry Woodman ) [488260]\n- [misc] make sure fiemap.h is installed in headers pkg (Josef Bacik ) [296951]\n- [fs] generic block based fiemap (Josef Bacik ) [296951]\n- [fs] add fiemap interface (Josef Bacik ) [296951]\n- [trace] use unregister return value (Jason Baron ) [465543]\n- [trace] change rcu_read_sched -> rcu_read (Jason Baron ) [465543]\n- [trace] introduce noupdate apis (Jason Baron ) [465543]\n- [trace] simplify rcu usage (Jason Baron ) [465543]\n- [trace] fix null pointer dereference (Jason Baron ) [465543]\n- [trace] tracepoints fix reentrancy (Jason Baron ) [465543]\n- [trace] make tracepoints use rcu sched (Jason Baron ) [465543]\n- [trace] use TABLE_SIZE macro (Jason Baron ) [465543]\n- [trace] remove kernel-trace.c (Jason Baron ) [465543]\n- [trace] remove prototype from tracepoint name (Jason Baron ) [465543]\n- [x86] use CPU feature bits to skip tsc_unstable checks (Chris Lalancette ) [463573]\n- [x86] vmware: disable softlock processing on tsc systems (Chris Lalancette ) [463573]\n- [x86] vmware lazy timer emulation (Chris Lalancette ) [463573]\n- [x86] xen: improve KVM timekeeping (Chris Lalancette ) [463573]\n- [x86_64] xen: implement a minimal TSC based clocksource (Chris Lalancette ) [463573]\n- [x86] use cpu_khz for loops_per_jiffy calculation (Chris Lalancette ) [463573]\n- [x86] vmware: look for DMI string in product serial key (Chris Lalancette ) [463573]\n- [x86] VMware: Fix vmware_get_tsc code (Chris Lalancette ) [463573]\n- [x86] xen: add X86_FEATURE_HYPERVISOR feature bit (Chris Lalancette ) [463573]\n- [x86] xen: changes timebase calibration on Vmware (Chris Lalancette ) [463573]\n- [x86] add a synthetic TSC_RELIABLE feature bit (Chris Lalancette ) [463573]\n- [x86] hypervisor: detection and get tsc_freq (Chris Lalancette ) [463573]\n- [x86] fdiv bug detection fix (Chris Lalancette ) [463573]\n- [misc] printk: add KERN_CONT (Chris Lalancette ) [463573]\n- [s390] add additional card IDs to CEX2C and CEX2A (Hans-Joachim Picht ) [488496]\n- [gfs2] merge upstream uevent patches into RHEL 5.4 (Steven Whitehouse ) [476707]\n- [xen] x86: GDT: replace single page with one page/CPU (Chris Lalancette ) [477206]\n- [xen] x86: VPID: free resources (ddugger@redhat.com ) [464821]\n- [xen] x86: VPID: implement feature (ddugger@redhat.com ) [464821]\n- [xen] fix 32-on-64 PV oops in xen_set_pud (Chris Lalancette ) [467698]\n[2.6.18-139.el5]\n- [pci] xen dom0: hook PCI probe and remove callbacks (ddugger@redhat.com ) [484227]\n- [misc] xen dom0: add hypercall for add/remove PCI device (ddugger@redhat.com ) [484227]\n- [pci] xen: dom0/domU MSI support using PHSYDEV_map_irq (ddugger@redhat.com ) [484227]\n- [mm] mmu_notifier: kabi workaround support (john cooper ) [485718]\n- [mm] mmu_notifier: set CONFIG_MMU_NOTIFIER to y (john cooper ) [485718]\n- [mm] mmu-notifier: optimized ability to admin host pages (john cooper ) [485718]\n- [mm] mmu-notifiers: add mm_take_all_locks operation (john cooper ) [485718]\n- [misc] introduce list_del_init_rcu (john cooper ) [485718]\n- [ppc] spufs: fix incorrect buffer offset in regs write (AMEET M. PARANJAPE ) [493426]\n- [ppc] spufs: check offset before calculating write size (AMEET M. PARANJAPE ) [493426]\n- [net] add dropmonitor protocol (Neil Horman ) [470539]\n- [ppc] reject discontiguous MSI-X requests (AMEET M. PARANJAPE ) [492580]\n- [ppc] implement a quota system for MSIs (AMEET M. PARANJAPE ) [492580]\n- [ppc] return req#msi(-x) if request is larger (AMEET M. PARANJAPE ) [492580]\n- [ppc] msi: return the number of MSIs we could allocate (AMEET M. PARANJAPE ) [492580]\n- [ppc] check for MSI-X also in rtas_msi_pci_irq_fixup() (AMEET M. PARANJAPE ) [492580]\n- [ppc] add support for ibm,req#msi-x (AMEET M. PARANJAPE ) [492580]\n- [ppc] fix MSI-X interrupt querying (AMEET M. PARANJAPE ) [492580]\n- [ppc] msi: return the number of MSI-X available (AMEET M. PARANJAPE ) [492580]\n- [trace] add include/trace dir to -devel (Jason Baron ) [489096]\n- [mm] xen: 'ptwr_emulate' messages when booting PV guest (Chris Lalancette ) [490567]\n- [fs] lockd: reference count leaks in async locking case (Jeff Layton ) [471254]\n- [s390] kernel: cpcmd with vmalloc addresses (Hans-Joachim Picht ) [487697]\n- [s390] af_iucv: error handling in iucv_callback_txdone (Hans-Joachim Picht ) [487697]\n- [s390] af_iucv: broken send_skb_q result in endless loop (Hans-Joachim Picht ) [487697]\n- [s390] af_iucv: free iucv path/socket in path_pending cb (Hans-Joachim Picht ) [487697]\n- [s390] af_iucv: avoid left over IUCV connections (Hans-Joachim Picht ) [487697]\n- [s390] af_iucv: new error return codes for connect (Hans-Joachim Picht ) [487697]\n- [s390] af_iucv: hang if recvmsg is used with MSG_PEEK (Hans-Joachim Picht ) [487703]\n- [net] ixgbe: stop double counting frames and bytes (Andy Gospodarek ) [487213]\n- [net] netfilter: x_tables: add connlimit match (Jiri Pirko ) [483588]\n- [nfs] only set file_lock.fl_lmops if stateowner is found (Jeff Layton ) [479323]\n- [dlm] init file_lock before copying conflicting lock (Jeff Layton ) [479323]\n- [nfs] nfsd: ensure nfsv4 calls the fs on LOCKT (Jeff Layton ) [479323]\n- [net] allow for on demand emergency route cache flushing (Neil Horman ) [461655]\n- [xen] x86: update the earlier APERF/MPERF patch (Chris Lalancette ) [493557]\n- [xen] fix evtchn exhaustion with 32-bit HVM guest (Chris Lalancette ) [489274]\n- [xen] ia64: fix HVM guest kexec (Chris Lalancette ) [418591]\n- [xen] ia64: fix whitespace error in vmx.h (Chris Lalancette ) [477098]\n- [xen] add hypercall for adding and removing PCI devices (ddugger@redhat.com ) [484227]\n- [xen] HVM MSI passthrough support (ddugger@redhat.com ) [484227]\n- [xen] VT-d2: enable interrupt remapping for MSI/MSI-x (ddugger@redhat.com ) [484227]\n- [xen] MSI support interface (ddugger@redhat.com ) [484227]\n- [xen] MSI supprt internal functions (ddugger@redhat.com ) [484227]\n- [xen] convert pirq to per-domain (ddugger@redhat.com ) [484227]\n- [xen] rename evtchn_lock to event_lock (ddugger@redhat.com ) [484227]\n- [xen] sync VT-d2 code with xen-unstable (ddugger@redhat.com ) [484227]\n- [xen] VT-d2: support interrupt remapping (ddugger@redhat.com ) [484227]\n- [xen] VT-d2: support queue invalidation (ddugger@redhat.com ) [484227]\n- [xen] x86: emulate accesses to PCI window regs cf8/cfc (ddugger@redhat.com ) [484227]\n- [xen] vtd: avoid redundant context mapping (ddugger@redhat.com ) [484227]\n- [xen] x86: fix EPT for VT-d (ddugger@redhat.com ) [484227]\n- [xen] x86: add domctl interfaces for VT-d (ddugger@redhat.com ) [484227]\n- [xen] x86: memory changes for VT-d (ddugger@redhat.com ) [484227]\n- [xen] x86: intercept I/O for assigned device (ddugger@redhat.com ) [484227]\n- [xen] x86: IRQ injection changes for VT-d (ddugger@redhat.com ) [484227]\n- [xen] add VT-d specific files (ddugger@redhat.com ) [484227]\n- [xen] some system changes for VT-d (ddugger@redhat.com ) [484227]\n- [xen] add VT-d public header files (ddugger@redhat.com ) [484227]\n- [xen] ia64: add pci definitions and access functions (ddugger@redhat.com ) [484227]\n[2.6.18-138.el5]\n- [nfs] remove bogus lock-if-signalled case (Bryn M. Reeves ) [456288]\n- [gfs2] fix uninterruptible quotad sleeping (Steven Whitehouse ) [492943]\n- [net] iptables NAT port randomisation (Thomas Graf ) [459943]\n- [gfs2] tar off gfs2 broken - truncated symbolic links (Steven Whitehouse ) [492911]\n- [net] skip redirect msg if target addr is not link-local (Thomas Graf ) [481209]\n- [scsi] lpfc: remove duplicate pci* functions from driver (Prarit Bhargava ) [442007]\n- [net] igb: make driver ioport free (Prarit Bhargava ) [442007]\n- [net] e1000: make driver ioport free (Prarit Bhargava ) [442007]\n- [net] e1000e: make driver ioport free (Prarit Bhargava ) [442007]\n- [pci] add pci*_selected_region/pci_enable_device_io|mem (Prarit Bhargava ) [442007]\n- [x86] NONSTOP_TSC in tsc clocksource (Luming Yu ) [474091]\n- [ppc] keyboard not recognized on bare metal (Justin Payne ) [455232]\n- [fs] writeback: fix persistent inode->dirtied_when val (Jeff Layton ) [489359]\n- [fs] xfs: misc upstream fixes (Eric Sandeen ) [470845]\n- [fs] xfs: fix compat ioctls (Eric Sandeen ) [470845]\n- [fs] xfs: new aops interface (Eric Sandeen ) [470845]\n- [fs] xfs: backport to rhel5.4 kernel (Eric Sandeen ) [470845]\n- [fs] xfs: update to 2.6.28.6 codebase (Eric Sandeen ) [470845]\n- [fs] d_obtain_alias helper (Eric Sandeen ) [470845]\n- [fs] d_add_ci helper (Eric Sandeen ) [470845]\n- [misc] completion helpers (Eric Sandeen ) [470845]\n- [fs] block_page_mkwrite helper (Eric Sandeen ) [470845]\n- [mm] generic_segment_checks helper (Eric Sandeen ) [470845]\n- [i2c] add support for SB800 SMBus (Bhavna Sarathy ) [488746]\n- [i2c] i2c-piix4: support for the Broadcom HT1100 chipset (Flavio Leitner ) [474240]\n- [s390] hvc_iucv: z/VM IUCV hypervisor console support (Hans-Joachim Picht ) [475551]\n- [s390] hvc_console: upgrade version of hvc_console (Hans-Joachim Picht ) [475551]\n- [s390] iucv: locking free version of iucv_message_ (Hans-Joachim Picht ) [475551]\n- [s390] set default preferred console device 'ttyS' (Hans-Joachim Picht ) [475551]\n- [s390] kernel: shutdown action 'dump_reipl' (Hans-Joachim Picht ) [474688]\n- [s390] splice: handle try_to_release_page failure (Hans-Joachim Picht ) [475334]\n- [s390] blktrace: add ioctls to SCSI generic devices (Hans-Joachim Picht ) [475334]\n- [s390] add FCP performance data collection (Hans-Joachim Picht ) [475334]\n- [s390] extra kernel parameters via VMPARM (Hans-Joachim Picht ) [475530]\n- [s390] kernel: extra kernel parameters via VMPARM (Hans-Joachim Picht ) [475530]\n- [s390] z90crypt: add ap adapter interrupt support (Hans-Joachim Picht ) [474700]\n- [s390] add Call Home data (Hans-Joachim Picht ) [475820]\n- [s390] kernel: processor degredation support (Hans-Joachim Picht ) [475820]\n- [s390] kernel: Shutdown Actions Interface (Hans-Joachim Picht ) [475563]\n- [s390] provide service levels of HW & Hypervisor (Hans-Joachim Picht ) [475570]\n- [s390] qeth: ipv6 support for hiper socket layer 3 (Hans-Joachim Picht ) [475572]\n- [s390] kernel: NSS Support (Hans-Joachim Picht ) [474646]\n- [acpi] donot evaluate _PPC until _PSS has been evaluated (Matthew Garrett ) [469105]\n- [net] iwlwifi: enable LEDS Kconfig options (John W. Linville ) [486030]\n- [spec] devel pkg: own the directories they write too (Don Zickus ) [481808]\n- [crypto] bugfixes to ansi_cprng for fips compliance (Neil Horman ) [481175 469437]\n- [scsi] qla2xxx: production FCoE firmware (Marcus Barrow ) [471900]\n- [scsi] qla2xxx: production FCoE support (Marcus Barrow ) [471900]\n- [fs] add compat_sys_ustat (Eric Sandeen ) [472426]\n- [x86_64] panic if AMD cpu_khz is wrong (Prarit Bhargava ) [472523]\n- [x86] fix calls to pci_scan_bus (Prarit Bhargava ) [470202]\n[2.6.18-137.el5]\n- [fs] HFS: mount memory leak (Dave Anderson ) [488048]\n- [docs] document netdev_budget (Stanislaw Gruszka ) [463249]\n- [net] netfilter: nfmark IPV6 routing in OUTPUT (Anton Arapov ) [470059]\n- [gfs2] use ->page_mkwrite for mmap() (Benjamin Marzinski ) [315191]\n- [fs] ecryptfs: fix memory leak into crypto headers (Eric Sandeen ) [491256]\n- [x86] add nonstop_tsc flag in /proc/cpuinfo (Luming Yu ) [474091]\n- [alsa] HDA: update for RHEL-5.4 (Jaroslav Kysela ) [483594]\n- [fs] autofs4: fix lookup deadlock (Ian Kent ) [490078]\n- [fs] autofs4: make autofs type usage explicit (Ian Kent ) [452120]\n- [fs] autofs4: add miscelaneous device for ioctls (Ian Kent ) [452120]\n- [fs] autofs4: devicer node ioctl docoumentation (Ian Kent ) [452120]\n- [fs] autofs4: track uid and gid of last mount requester (Ian Kent ) [452120]\n- [nfs] memory corruption in nfs3_xdr_setaclargs (Sachin S. Prabhu ) [479432]\n- [misc] cpuset: attach_task fixes (KII Keiichi ) [471634]\n- [s390] dasd: fix race in dasd timer handling (Hans-Joachim Picht ) [490128]\n- [x86] use [ml]fence to synchronize rdtsc (Chris Lalancette ) [448588]\n- [xen] silence MMCONFIG warnings (Chris Lalancette ) [462572]\n- [xen] fix occasional deadlocks in Xen netfront (Chris Lalancette ) [480939]\n- [xen] fix crash when modprobe xen-vnif in a KVM guest (Chris Lalancette ) [487691]\n- [xen] xen reports bogus LowTotal (Chris Lalancette ) [428892]\n- [xen] wait 5 minutes for device connection (Chris Lalancette ) [396621]\n- [xen] only recover connected devices on resume (Chris Lalancette ) [396621]\n- [xen] ia64: fix bad mpa messages (Chris Lalancette ) [288511]\n- [net] handle non-linear packets in skb_checksum_setup (Herbert Xu ) [477012]\n- [fs] fix __page_symlink to be kabi friendly (Josef Bacik ) [445433]\n- [fs] ext3: convert to new aops (Josef Bacik ) [445433]\n- [mm] make new aops kABI friendly (Josef Bacik ) [445433]\n- [fs] fix symlink allocation context (Josef Bacik ) [445433]\n- [mm] iov_iter_advance fix, dont go off the end (Josef Bacik ) [445433]\n- [mm] fix infinite loop with iov_iter_advance (Josef Bacik ) [445433]\n- [mm] restore the KERNEL_DS optimisations (Josef Bacik ) [445433]\n- [gfs2] remove generic aops stuff (Josef Bacik ) [445433]\n- [fs] new cont helpers (Josef Bacik ) [445433]\n- [mm] introduce new aops, write_begin and write_end (Josef Bacik ) [445433]\n- [fs] splice: dont do readpage (Josef Bacik ) [445433]\n- [fs] splice: dont steal pages (Josef Bacik ) [445433]\n- [gfs2] remove static iov iter stuff (Josef Bacik ) [445433]\n- [mm] iov_iter helper functions (Josef Bacik ) [445433]\n- [mm] fix pagecache write deadlocks (Josef Bacik ) [445433]\n- [mm] write iovec cleanup (Josef Bacik ) [445433]\n- [mm] fix other users of __grab_cache_page (Josef Bacik ) [445433]\n- [mm] cleanup page caching stuff (Josef Bacik ) [445433]\n- [mm] cleanup error handling (Josef Bacik ) [445433]\n- [mm] clean up buffered write code (Josef Bacik ) [445433]\n- [mm] revert deadlock on vectored write fix (Josef Bacik ) [445433]\n- [mm] kill the zero-length iovec segments handling (Josef Bacik ) [445433]\n- [mm] revert KERNEL_DS buffered write optimisation (Josef Bacik ) [445433]\n- [mm] clean up pagecache allocation (Josef Bacik ) [445433]\n- [x86] move pci_video_fixup to later in boot (Prarit Bhargava ) [467785]\n- [usb] net: dm9601: upstream fixes for 5.4 (Ivan Vecera ) [471800]\n- [xen] ia64: fix FP emulation in a PV domain (Chris Lalancette ) [477098]\n- [xen] ia64: make sure guest pages dont change (Chris Lalancette ) [477098]\n- [xen] improve handle_fpu_swa (Chris Lalancette ) [477098]\n- [xen] ia64: fix windows 2003 BSOD (Chris Lalancette ) [479923]\n- [xen] x86: fix dom0 panic when using dom0_max_vcpus (Chris Lalancette ) [485119]\n- [xen] x86: silence WRMSR warnings (Chris Lalancette ) [470035]\n[2.6.18-136.el5]\n- Revert: [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [467942]\n- [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko ) [488002] {CVE-2009-0834}\n- [md] dm: check log bitmap will fit within the log device (Milan Broz ) [471565]\n- [nfs] add 'lookupcache' mount option for nfs shares (Sachin S. Prabhu ) [489285]\n- [nfs] add fine grain control for lookup cache in nfs (Sachin S. Prabhu ) [489285]\n- [net] tulip: MTU problems with 802.1q tagged frames (Ivan Vecera ) [484796]\n- [net] rtnetlink: fix sending message when replace route (Jiri Pirko ) [462725]\n- [s390] sclp: handle zero-length event buffers (Hans-Joachim Picht ) [487695]\n- [s390] dasd: DASDFMT not operating like CPFMTXA (Hans-Joachim Picht ) [484836]\n- [xen] fix blkfront bug with overflowing ring (Chris Lalancette ) [460693]\n- [net] ipv6: disallow IPPROTO_IPV6-level IPV6_CHECKSUM (Jiri Pirko ) [486204]\n- [ide] fix interrupt flood at startup w/ESB2 (James Paradis ) [438979]\n- [s390] cio: Properly disable not operational subchannel (Hans-Joachim Picht ) [487701]\n- [misc] kernel-headers: add serial_reg.h (Don Zickus ) [463538]\n[2.6.18-135.el5]\n- [s390] iucv: failing cpu hot remove for inactive iucv (Hans-Joachim Picht ) [485412]\n- [s390] dasd: fix waitqueue for sleep_on_immediatly (Hans-Joachim Picht ) [480161]\n- [ide] increase timeouts in wait_drive_not_busy (Stanislaw Gruszka ) [464039]\n- [x86_64] mce: do not clear an unrecoverable error status (Aristeu Rozanski ) [489692]\n- [wireless] iwlwifi: booting with RF-kill switch enabled (John W. Linville ) [482990]\n- [net] put_cmsg: may cause application memory overflow (Jiri Pirko ) [488367]\n- [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [467942]\n- [net] ipv6: check hop limit setting in ancillary data (Jiri Pirko ) [487406]\n- [net] ipv6: check outgoing interface in all cases (Jiri Pirko ) [486215]\n- [acpi] disable GPEs at the start of resume (Matthew Garrett ) [456302]\n- [crypto] include crypto headers in kernel-devel (Neil Horman ) [470929]\n- [net] netxen: rebase for RHEL-5.4 (tcamuso@redhat.com ) [485381]\n- [misc] signal: modify locking to handle large loads (AMEET M. PARANJAPE ) [487376]\n- [kexec] add ability to dump log from vmcore file (Neil Horman ) [485308]\n- [fs] ext3: handle collisions in htree dirs (Eric Sandeen ) [465626]\n- [acpi] use vmalloc in acpi_system_read_dsdt (Prarit Bhargava ) [480142]\n- [misc] make ioctl.h compatible with userland (Jiri Pirko ) [473947]\n- [nfs] sunrpc: add sv_maxconn field to svc_serv (Jeff Layton ) [468092]\n- [nfs] lockd: set svc_serv->sv_maxconn to a better value (Jeff Layton ) [468092]\n- [mm] decrement reclaim_in_progress after an OOM kill (Larry Woodman ) [488955]\n- [misc] sysrq-t: display backtrace for runnable processes (Anton Arapov ) [456588]\n[2.6.18-134.el5]\n- [dlm] fix length calculation in compat code (David Teigland ) [487672]\n- [net] ehea: remove adapter from list in error path (AMEET M. PARANJAPE ) [488254]\n- [x86] reserve low 64k of memory to avoid BIOS corruption (Matthew Garrett ) [471851]\n- [nfs] fix hung clients from deadlock in flush_workqueue (David Jeffery ) [483627]\n- [net] fix a few udp counters (Neil Horman ) [483266]\n- [ia64] use current_kernel_time/xtime in hrtimer_start() (Prarit Bhargava ) [485323]\n- [sata] libata: ahci withdraw IGN_SERR_INTERNAL for SB800 (David Milburn ) [474301]\n- [ata] libata: iterate padded atapi scatterlist (David Milburn ) [446086]\n- [x86] TSC keeps running in C3+ (Luming Yu ) [474091]\n- [acpi] fix C-states less efficient on certain machines (Luming Yu ) [484174]\n- [net] ipv6: fix getsockopt for sticky options (Jiri Pirko ) [484105 483790]\n- [ppc64] cell spufs: update to the upstream for RHEL-5.4 (AMEET M. PARANJAPE ) [475620]\n- [ppc64] cell: fix npc setting for NOSCHED contexts (AMEET M. PARANJAPE ) [467344]\n- [ppc64] handle null iommu dma-window property correctly (AMEET M. PARANJAPE ) [393241]\n- [net] e1000, bnx2: enable entropy generation (Ivan Vecera ) [439898]\n- Revert: [xen] console: make LUKS passphrase readable (Bill Burns ) [475986]\n- [gfs2] add UUID to gfs2 super block (Steven Whitehouse ) [242696]\n- [x86] consistent time options for x86_64 and i386 (Prarit Bhargava ) [475374]\n- [xen] allow > 4GB EPT guests on i386 (Chris Lalancette ) [478522]\n- [xen] clear screen to make LUKS passphrase visible (Bill Burns ) [475986]\n[2.6.18-133.el5]\n- [net] fix oops when using openswan (Neil Horman ) [484590]\n- [net] bonding: fix arp_validate=3 slaves behaviour (Jiri Pirko ) [484304]\n- [serial] 8250: fix boot hang when using with SOL port (Mauro Carvalho Chehab ) [467124]\n- [usb] sb600/sb700: workaround for hang (Pete Zaitcev ) [471972]\n- [gfs2] make quota mount option consistent with gfs (Bob Peterson ) [486168]\n- [xen] pv-block: remove anaconda workaround (Don Dutile ) [477005]\n- [ppc64] power7: fix /proc/cpuinfo cpus info (AMEET M. PARANJAPE ) [486649]\n- [net] skfp_ioctl inverted logic flaw (Eugene Teo ) [486540] {CVE-2009-0675}\n- [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo ) [486518] {CVE-2009-0676}\n- [net] enic: upstream update to version 1.0.0.933 (Andy Gospodarek ) [484824]\n- [mm] cow vs gup race fix (Andrea Arcangeli ) [471613]\n- [mm] fork vs gup race fix (Andrea Arcangeli ) [471613]\n- [gfs2] parsing of remount arguments incorrect (Bob Peterson ) [479401]\n- [ppc64] eeh: disable/enable LSI interrupts (AMEET M. PARANJAPE ) [475696]\n- [x86] limit max_cstate to use TSC on some platforms (Tony Camuso ) [470572]\n- [ptrace] correctly handle ptrace_update return value (Jerome Marchand ) [483814]\n- [dlm] fix plock notify callback to lockd (David Teigland ) [470074]\n- [input] wacom: 12x12 problem while using lens cursor (Aristeu Rozanski ) [484959]\n- [wireless] ath5k: update to F10 version (Michal Schmidt ) [479049]\n- [xen] disable suspend in kernel (Justin M. Forbes ) [430928]\n- [net] ipv6: update setsockopt to support RFC 3493 (Jiri Pirko ) [484971]\n- [net] ipv6: check length of userss optval in setsockopt (Jiri Pirko ) [484977]\n- [scsi] handle work queue and shost_data setup failures (mchristi@redhat.com ) [450862]\n- [net] skbuff: fix oops in skb_seq_read (mchristi@redhat.com ) [483285]\n- [net] sky2: update driver for RHEL-5.4 (Neil Horman ) [484712]\n- [net] ipv6: Hop-by-Hop options header returned bad value (Jiri Pirko ) [483793]\n- [pci] fix MSI descriptor leak during hot-unplug (James Paradis ) [484943]\n- [net] improve udp port randomization (Vitaly Mayatskikh ) [480951]\n- [misc] ia64, s390: add kernel version to panic output (Prarit Bhargava ) [484403]\n- [x86-64] fix int db_5.RHSA-2009-1243x80 -ENOSYS return (Vitaly Mayatskikh ) [481682]\n- [net] dont add NAT extension for confirmed conntracks (Herbert Xu ) [481076]\n- [xen] fbfront dirty race (Markus Armbruster ) [456893]\n- [net] ehea: improve behaviour in low mem conditions (AMEET M. PARANJAPE ) [483148]\n- [net] fix icmp_send and icmpv6_send host re-lookup code (Jiri Pirko ) [439670]\n- [scsi] ibmvscsi: N-Port-ID support on ppc64 (AMEET M. PARANJAPE ) [474701]\n- [xen] guest crash when host has >= 64G RAM (Rik van Riel ) [448115]\n- [ppc] cell: add support for power button on blades (AMEET M. PARANJAPE ) [475658]\n- [ppc64] serial_core: define FIXED_PORT flag (AMEET M. PARANJAPE ) [475621]\n- [s390] cio: I/O error after cable pulls 2 (Hans-Joachim Picht ) [479878]\n- [misc] ptrace, utrace: fix blocked signal injection (Jerome Marchand ) [451849]\n- [xen] irq: remove superfluous printk (Rik van Riel ) [456095]\n- [s390] qeth: print HiperSocket version on z9 and later (Hans-Joachim Picht ) [479881]\n- [s390] qeth: crash in case of layer mismatch for VSWITCH (Hans-Joachim Picht ) [476205]\n- [s390] qdio: only 1 buffer in INPUT_PROCESSING state (Hans-Joachim Picht ) [479867]\n- [s390] disable cpu topology support by default (Hans-Joachim Picht ) [475797]\n- [s390] qeth: unnecessary support ckeck in sysfs route6 (Hans-Joachim Picht ) [474469]\n- [s390] cio: ccwgroup online vs. ungroup race condition (Hans-Joachim Picht ) [479879]\n- [s390] dasd: dasd_device_from_cdev called from interrupt (Hans-Joachim Picht ) [474806]\n- [misc] minor signal handling vulnerability (Oleg Nesterov ) [479964] {CVE-2009-0028}\n[2.6.18-132.el5]\n- [firmware] dell_rbu: prevent oops (Don Howard ) [482942]\n- [fs] lockd: improve locking when exiting from a process (Peter Staubach ) [448929]\n- [misc] backport RUSAGE_THREAD support (Jerome Marchand ) [451063]\n- [gfs2] panic in debugfs_remove when unmounting (Abhijith Das ) [483617]\n- [nfs] memory corruption in nfs3_xdr_setaclargs (Sachin S. Prabhu ) [479432]\n- [nfs] fix hangs during heavy write workloads (Peter Staubach ) [469848]\n- [pci] msi: set 'En' bit for devices on HT-based platform (Andy Gospodarek ) [290701]\n- [net] ipt_REJECT: properly handle IP options (Ivan Vecera ) [473504]\n- [ppc] cell: fix GDB watchpoints (AMEET M. PARANJAPE ) [480239]\n- [edac] add i5400 driver (Mauro Carvalho Chehab ) [462895]\n- [xen] fix disappearing PCI devices from PV guests (Bill Burns ) [233801]\n- [net] s2io: flush statistics when changing the MTU (AMEET M. PARANJAPE ) [459514]\n- [scsi] no-sense msgs, data corruption, but no i/o errors (Rob Evers ) [468088]\n- [powerpc] wait for a panic_timeout > 0 before reboot (AMEET M. PARANJAPE ) [446120]\n- [ppc64] cell: axon-msi: Retry on missing interrupt (AMEET M. PARANJAPE ) [472405]\n- [ppc] MSI interrupts are unreliable on IBM QS21 and QS22 (AMEET M. PARANJAPE ) [472405]\n- [crypto] des3_ede: permit weak keys unless REQ_WEAK_KEY (Jarod Wilson ) [474394]\n- [ata] JMB361 only has one port (Prarit Bhargava ) [476206]\n- [net] r8169: disable the ability to change MAC address (Ivan Vecera ) [475867]\n- [misc] futex.h: remove kernel bits for userspace header (Anton Arapov ) [475790]\n- [fs] inotify: send IN_ATTRIB event on link count changes (Eric Paris ) [471893]\n- [misc] ppc64: large sends fail with unix domain sockets (Larry Woodman ) [461312]\n- [audit] misc kernel fixups (Alexander Viro ) [475330]\n- [audit] records for descr created by pipe and socketpair (Alexander Viro ) [475278]\n- [audit] control character detection is off-by-one (Alexander Viro ) [475150]\n- [audit] fix kstrdup error check (Alexander Viro ) [475149]\n- [audit] assorted audit_filter_task panics on ctx == NULL (Alexander Viro ) [475147]\n- [audit] increase AUDIT_MAX_KEY_LEN (Alexander Viro ) [475145]\n- [nfs] race with nfs_access_cache_shrinker() and umount (Peter Staubach ) [469225]\n- [nfs] lockd: handle long grace periods correctly (Peter Staubach ) [474590]\n- [crypto] ansi_cprng: fix inverted DT increment routine (Jarod Wilson ) [471281]\n- [crypto] ansi_cprng: extra call to _get_more_prng_bytes (Jarod Wilson ) [471281]\n- [fs] proc: Proportional Set Size calculation and display (Larry Woodman ) [471969]\n- [video] avoid writing outside shadow.bytes array (Mauro Carvalho Chehab ) [471844]\n- [fs] need locking when reading /proc/\n/oom_score (Larry Woodman ) [470459]\n- [x86] memmap=X does not yield new map (Prarit Bhargava ) [464500]\n- [s390] qeth: avoid problems after failing recovery (Hans-Joachim Picht ) [468019]\n- [s390] qeth: avoid skb_under_panic for bad inbound data (Hans-Joachim Picht ) [468075]\n- [s390] sclp: incorrect softirq disable/enable (Hans-Joachim Picht ) [468021]\n- [crypto] export DSA_verify as a gpl symbol (Jarod Wilson ) [470111]\n- [s390] lcs: output request completion with zero cpa val (Hans-Joachim Picht ) [463165]\n- [s390] dasd: oops when Hyper PAV alias is set online (Hans-Joachim Picht ) [458155]\n- [s390] ipl: file boot then boot from alt dev wont work (Hans-Joachim Picht ) [458115]\n- [s390] zfcp: remove messages flooding the kernel log (Hans-Joachim Picht ) [455260]\n- [snd] fix snd-sb16.ko compile (Prarit Bhargava ) [456698]\n[2.6.18-131.el5]\n- [scsi] libata: sas_ata fixup sas_sata_ops (David Milburn ) [483171]\n- [fs] ecryptfs: readlink flaw (Eric Sandeen ) [481607] {CVE-2009-0269}\n- [crypto] ccm: fix handling of null assoc data (Jarod Wilson ) [481031]\n- [misc] fix leap second hang (Prarit Bhargava ) [479765]\n- [qla2xxx] correct endianness during flash manipulation (Marcus Barrow ) [481691]\n- [net] gso: ensure that the packet is long enough (Jiri Pirko ) [479927]\n- [audit] remove bogus newlines in EXECVE audit records (Jiri Pirko ) [479412]\n- [ppc] dont reset affinity for secondary MPIC on boot (AMEET M. PARANJAPE ) [480801]\n- [nfs] knfsd: alloc readahead cache in individual chunks (Jeff Layton ) [459397]\n- [nfs] knfsd: read-ahead cache, export table corruption (Jeff Layton ) [459397]\n- [nfs] knfsd: replace kmalloc/memset with kcalloc (Jeff Layton ) [459397]\n- [nfs] knfsd: make readahead params cache SMP-friendly (Jeff Layton ) [459397]\n- [crypto] fix sha384 blocksize definition (Neil Horman ) [469167]\n[2.6.18-130.el5]\n- [security] keys: introduce missing kfree (Jiri Pirko ) [480598] {CVE-2009-0031}\n- [net] ixgbe: frame reception and ring parameter issues (Andy Gospodarek ) [475625]\n- [net] tcp-lp: prevent chance for oops (Ivan Vecera ) [478638]\n- [misc] fix memory leak during pipe failure (Benjamin Marzinski ) [478643]\n- [block] enforce a minimum SG_IO timeout (Eugene Teo ) [475406] {CVE-2008-5700}\n- [x86] pci domain: re-enable support on blacklisted boxes (Prarit Bhargava ) [474891]\n- [fs] link_path_walk sanity, stack usage optimization (Anton Arapov ) [470139]\n- [x86_64] incorrect cpu_khz calculation for AMD processor (Prarit Bhargava ) [467782]\n- [crypto] fips: panic kernel if we fail crypto self tests (Neil Horman ) [462909]\n- [genkey] increase signing key length to 1024 bits (Neil Horman ) [413241]\n- [x86] kdump: lockup when crashing with console_sem held (Neil Horman ) [456934]\n- [fs] ext[234]: directory corruption DoS (Eugene Teo ) [459604] {CVE-2008-3528}\n[2.6.18-129.el5]\n- [gfs2] mount attempt hangs if no more journals available (Bob Peterson ) [475312]\n- [sched] fix clock_gettime monotonicity (Peter Zijlstra ) [477763]\n- [nfs] create rpc clients with proper auth flavor (Jeff Layton ) [465456]\n- [nfs] handle attribute timeout and u32 jiffies wrap (Jeff Layton ) [460133]\n- [net] deadlock in Hierarchical token bucket scheduler (Neil Horman ) [474797]\n- [net] sctp: overflow with bad stream ID in FWD-TSN chunk (Eugene Teo ) [478805] {CVE-2009-0065}\n- [md] fix oops with device-mapper mirror target (Heinz Mauelshagen ) [472558]\n- [openib] restore traffic in connected mode on HCA (AMEET M. PARANJAPE ) [477000]\n- [net] add preemption point in qdisc_run (Jiri Pirko ) [471398] {CVE-2008-5713}\n- [wireless] iwl: fix BUG_ON in driver (Neil Horman ) [477671]\n- [x86_64] copy_user_c assembler can leave garbage in rsi (Larry Woodman ) [456682]\n- [misc] setpgid returns ESRCH in some situations (Oleg Nesterov ) [472433]\n- [s390] zfcp: fix hexdump data in s390dbf traces (Hans-Joachim Picht ) [470618]\n- [fs] hfsplus: fix buffer overflow with a corrupted image (Anton Arapov ) [469638] {CVE-2008-4933}\n- [fs] hfsplus: check read_mapping_page return value (Anton Arapov ) [469645] {CVE-2008-4934}\n- [fs] hfs: fix namelength memory corruption (Anton Arapov ) [470773] {CVE-2008-5025}\n- [net] netlink: fix overrun in attribute iteration (Eugene Teo ) [462283]", "cvss3": {}, "published": "2009-09-08T00:00:00", "type": "oraclelinux", "title": "Oracle Enterprise Linux 5.4 kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-2692", "CVE-2009-1385", "CVE-2008-5700", "CVE-2008-3528", "CVE-2008-5713", "CVE-2009-0675", "CVE-2009-0747", "CVE-2009-0746", "CVE-2009-2698", "CVE-2009-0028", "CVE-2009-1072", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5025", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-2407", "CVE-2008-4933", "CVE-2009-1337", "CVE-2007-5966", "CVE-2009-1388", "CVE-2009-0269", "CVE-2009-1389", "CVE-2009-0834", "CVE-2009-1633", "CVE-2009-0748", "CVE-2009-0031", "CVE-2009-2406", "CVE-2009-1439", "CVE-2009-2848", "CVE-2009-1897", "CVE-2007-3719", "CVE-2008-4934", "CVE-2009-1630", "CVE-2009-2847"], "modified": "2009-09-08T00:00:00", "id": "ELSA-2009-1243", "href": "http://linux.oracle.com/errata/ELSA-2009-1243.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T15:38:57", "description": "From Red Hat Security Advisory 2009:0014 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/67790", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0014 and \n# Oracle Linux Security Advisory ELSA-2009-0014 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67790);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0014 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000864.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0014\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:19", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2009-01-15T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/35381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0014. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35381);\n script_version(\"1.32\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:0014)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0014\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0014\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0014\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:44:30", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/43727", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0014 and \n# CentOS Errata and Security Advisory 2009:0014 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43727);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9713ddeb\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015557.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84bc83a7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:09", "description": "This update addresses the following security issues :\n\n - the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n (CVE-2008-5029, Important)\n\n - a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n - a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n - the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service.\n (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed.\n (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n - when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel&reg; CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n - mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n - attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n - after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n - writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n - on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n - a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n - a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n - the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n - the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nThis updated kernel-utils package adds an enhancement in the way of proper support for user-space frequency-scaling on multi-core systems.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090114_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60520", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60520);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - the sendmsg() function in the Linux kernel did not block\n during UNIX socket garbage collection. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5029, Important)\n\n - a deficiency was found in the Linux kernel virtual file\n system (VFS) implementation. This could allow a local,\n unprivileged user to make a series of file creations\n within deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\n - a buffer underflow flaw was found in the Linux kernel\n IB700 SBC watchdog timer driver. This deficiency could\n lead to a possible information leak. By default, the\n '/dev/watchdog' device is accessible only to the root\n user. (CVE-2008-5702, Low)\n\n - the hfs and hfsplus file systems code failed to properly\n handle corrupted data structures. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the hfsplus file system\n implementation. This could, potentially, lead to a local\n denial of service when write operations were performed.\n (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n - when running Red Hat Enterprise Linux 4.6 and 4.7 on\n some systems running Intel&reg; CPUs, the cpuspeed\n daemon did not run, preventing the CPU speed from being\n changed, such as not being reduced to an idle state when\n not in use.\n\n - mmap() could be used to gain access to beyond the first\n megabyte of RAM, due to insufficient checks in the Linux\n kernel code. Checks have been added to prevent this.\n\n - attempting to turn keyboard LEDs on and off rapidly on\n keyboards with slow keyboard controllers, may have\n caused key presses to fail.\n\n - after migrating a hypervisor guest, the MAC address\n table was not updated, causing packet loss and\n preventing network connections to the guest. Now, a\n gratuitous ARP request is sent after migration. This\n refreshes the ARP caches, minimizing network downtime.\n\n - writing crash dumps with diskdump may have caused a\n kernel panic on Non-Uniform Memory Access (NUMA) systems\n with certain memory configurations.\n\n - on big-endian systems, such as PowerPC, the getsockopt()\n function incorrectly returned 0 depending on the\n parameters passed to it when the time to live (TTL)\n value equaled 255, possibly causing memory corruption\n and application crashes.\n\n - a problem in the kernel packages provided by the\n RHSA-2008:0508 advisory caused the Linux kernel's\n built-in memory copy procedure to return the wrong error\n code after recovering from a page fault on AMD64 and\n Intel 64 systems. This may have caused other Linux\n kernel functions to return wrong error codes.\n\n - a divide-by-zero bug in the Linux kernel process\n scheduler, which may have caused kernel panics on\n certain systems, has been resolved.\n\n - the netconsole kernel module caused the Linux kernel to\n hang when slave interfaces of bonded network interfaces\n were started, resulting in a system hang or kernel panic\n when restarting the network.\n\n - the '/proc/xen/' directory existed even if systems were\n not running Red Hat Virtualization. This may have caused\n problems for third-party software that checks\n virtualization-ability based on the existence of\n '/proc/xen/'. Note: this update will remove the\n '/proc/xen/' directory on systems not running Red Hat\n Virtualization.\n\nThis updated kernel-utils package adds an enhancement in the way of\nproper support for user-space frequency-scaling on multi-core systems.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0901&L=scientific-linux-errata&T=0&P=1314\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?630aef0c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-utils-2.4-14.1.117.2.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:35", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nBuffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n(CVE-2008-4933)\n\nThe hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image. (CVE-2008-4934)\n\nThe __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\nAdditionaly, support for a broadcom bluetooth dongle was added to btusb driver, an eeepc shutdown hang caused by snd-hda-intel was fixed, a Realtek auto-mute bug was fixed, the pcspkr driver was reenabled, an acpi brightness setting issue on some laptops was fixed, sata_nv (NVidia) driver bugs were fixed, horizontal mousewheel scrolling with Logitech V150 mouse was fixed, and more. Check the changelog and related bugs for more details.\n\nThis kernel also fixes the driver for Intel G45/GM45 video chipsets, in a way requiring also an updated Xorg driver, which is also being provided in this update.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:234)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5029"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "p-cpe:/a:mandriva:linux:x11-driver-video-intel", "p-cpe:/a:mandriva:linux:x11-driver-video-intel-fast-i830", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2008-234.NASL", "href": "https://www.tenable.com/plugins/nessus/38027", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:234. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38027);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5029\");\n script_xref(name:\"MDVSA\", value:\"2008:234\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:234)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nBuffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows\nattackers to cause a denial of service (memory corruption or system\ncrash) via an hfsplus filesystem image with an invalid catalog\nnamelength field, related to the hfsplus_cat_build_key_uni function.\n(CVE-2008-4933)\n\nThe hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the\nLinux kernel before 2.6.28-rc1 does not check a certain return value\nfrom the read_mapping_page function before calling kmap, which allows\nattackers to cause a denial of service (system crash) via a crafted\nhfsplus filesystem image. (CVE-2008-4934)\n\nThe __scm_destroy function in net/core/scm.c in the Linux kernel\n2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself\nthrough calls to the fput function, which allows local users to cause\na denial of service (panic) via vectors related to sending an\nSCM_RIGHTS message through a UNIX domain socket and closing file\ndescriptors. (CVE-2008-5029)\n\nAdditionaly, support for a broadcom bluetooth dongle was added to\nbtusb driver, an eeepc shutdown hang caused by snd-hda-intel was\nfixed, a Realtek auto-mute bug was fixed, the pcspkr driver was\nreenabled, an acpi brightness setting issue on some laptops was fixed,\nsata_nv (NVidia) driver bugs were fixed, horizontal mousewheel\nscrolling with Logitech V150 mouse was fixed, and more. Check the\nchangelog and related bugs for more details.\n\nThis kernel also fixes the driver for Intel G45/GM45 video chipsets,\nin a way requiring also an updated Xorg driver, which is also being\nprovided in this update.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45618\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:x11-driver-video-intel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:x11-driver-video-intel-fast-i830\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.5-desktop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.5-desktop586-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.5-server-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081121.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081121.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081121.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.5-desktop-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.5-desktop586-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.5-server-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20081121.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081121.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20081121.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.5-desktop-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.5-desktop586-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.5-server-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.5-desktop-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.5-desktop586-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.5-server-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.5-desktop-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.5-desktop586-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.5-server-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.5-desktop-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.5-desktop586-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.5-server-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.5-desktop-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.5-desktop586-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.5-server-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.5-desktop-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.5-desktop586-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.5-server-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.5-desktop-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.5-desktop586-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.5-server-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.5-desktop-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.5-desktop586-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.5-server-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.5-desktop-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.5-desktop586-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.5-server-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20081121.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081121.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20081121.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.5-desktop-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.5-desktop586-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.5-server-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20081121.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20081121.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20081121.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.5-desktop-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.5-desktop586-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.5-server-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20081121.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20081121.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20081121.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.5-desktop-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.5-desktop586-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.5-server-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20081121.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20081121.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20081121.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.5-desktop-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.5-desktop586-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.5-server-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20081121.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20081121.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20081121.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.5-desktop-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.5-desktop586-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.5-server-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.5-desktop-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.5-desktop586-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.5-server-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.5-desktop-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.5-desktop586-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.5-server-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.5-desktop-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.5-desktop586-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.5-server-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.5-desktop-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.5-desktop586-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.5-server-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20081121.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20081121.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20081121.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.5-desktop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.5-desktop586-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.5-server-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20081121.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20081121.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20081121.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.5-desktop-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.5-desktop586-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.5-server-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.8-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.8-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.8-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.5-desktop-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.5-desktop586-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.5-server-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20081121.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20081121.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20081121.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.5-desktop-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.5-desktop586-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.5-server-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.5-desktop-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.5-desktop586-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.5-server-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.5-desktop-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.5-desktop586-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.5-server-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20081121.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081121.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20081121.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.5-desktop-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.5-desktop586-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.5-server-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20081121.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20081121.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20081121.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.5-desktop-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.5-desktop586-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.5-server-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.5-desktop-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.5-desktop586-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.5-server-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.5-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.5-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.5-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.5-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.5-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.5-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.5-desktop-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.5-desktop586-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.5-server-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20081121.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20081121.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20081121.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.5-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.5-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.5-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.5-desktop-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.5-desktop586-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.5-server-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"x11-driver-video-intel-2.4.2-7.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"x11-driver-video-intel-fast-i830-2.4.2-7.4mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:11", "description": "The openSUSE 10.3 kernel was updated to fix various security problems and bugs. Following security bugs were fixed :\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-5134: Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem allowed remote attackers to have an unknown impact via an 'invalid beacon/probe response.'\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.", "cvss3": {}, "published": "2009-01-22T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-5920)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_KERNEL-5920.NASL", "href": "https://www.tenable.com/plugins/nessus/35446", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5920.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35446);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5920)\");\n script_summary(english:\"Check for the kernel-5920 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 10.3 kernel was updated to fix various security problems\nand bugs. Following security bugs were fixed :\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-5134: Buffer overflow in the lbs_process_bss function in\ndrivers/net/wireless/libertas/scan.c in the libertas subsystem allowed\nremote attackers to have an unknown impact via an 'invalid\nbeacon/probe response.'\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:24", "description": "This update fixes various security issues and several bugs in the openSUSE 11.0 kernel. It was also updated to the stable version 2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a denial of service ('soft lockup' and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5700", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-090114.NASL", "href": "https://www.tenable.com/plugins/nessus/40011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-423.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40011);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-423)\");\n script_summary(english:\"Check for the kernel-423 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues and several bugs in the\nopenSUSE 11.0 kernel. It was also updated to the stable version\n2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests,\nwhich allows local users to cause a denial of service (Programmed I/O\nmode on drives) via multiple simultaneous invocations of an\nunspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a\ndenial of service ('soft lockup' and process loss) via a large number\nof sendmsg function calls, which does not block during AF_UNIX garbage\ncollection and triggers an OOM condition, a different vulnerability\nthan CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not\nrestrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager\n(DRM) master, which allows local users to cause a denial of service\n(memory corruption) via a crafted ioctl call, related to absence of\nthe DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not\nreject file descriptors that have the O_APPEND flag set, which allows\nlocal users to bypass append mode and make arbitrary changes to other\nlocations in the file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=362850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=371657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=399966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=405546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=419250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=429919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=445569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=446973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=450417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457898\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:53", "description": "The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix some security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/ *vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5924)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5924.NASL", "href": "https://www.tenable.com/plugins/nessus/41537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41537);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5924)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix\nsome security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users\n to cause a denial of service (kernel infinite loop) by\n making two calls to svc_listen for the same socket, and\n then reading a /proc/net/atm/ *vc file, related to\n corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes\n indirect recursive calls to itself through calls to the\n fput function, which allows local users to cause a\n denial of service (panic) via vectors related to sending\n an SCM_RIGHTS message through a UNIX domain socket and\n closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in\n fs/hfsplus/catalog.c allowed attackers to cause a denial\n of service (memory corruption or system crash) via an\n hfsplus filesystem image with an invalid catalog\n namelength field, related to the\n hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec\n function in fs/hfs/catalog.c allowed attackers to cause\n a denial of service (memory corruption or system crash)\n via an hfs filesystem image with an invalid catalog\n namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to\n gain privileges via unknown vectors related to race\n conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the\nRPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4933.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5182.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5924.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.34\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:08", "description": "The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix some security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/ *vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5927)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5927.NASL", "href": "https://www.tenable.com/plugins/nessus/59135", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59135);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5927)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix\nsome security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users\n to cause a denial of service (kernel infinite loop) by\n making two calls to svc_listen for the same socket, and\n then reading a /proc/net/atm/ *vc file, related to\n corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes\n indirect recursive calls to itself through calls to the\n fput function, which allows local users to cause a\n denial of service (panic) via vectors related to sending\n an SCM_RIGHTS message through a UNIX domain socket and\n closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in\n fs/hfsplus/catalog.c allowed attackers to cause a denial\n of service (memory corruption or system crash) via an\n hfsplus filesystem image with an invalid catalog\n namelength field, related to the\n hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec\n function in fs/hfs/catalog.c allowed attackers to cause\n a denial of service (memory corruption or system crash)\n via an hfs filesystem image with an invalid catalog\n namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to\n gain privileges via unknown vectors related to race\n conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the\nRPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4933.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5182.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5927.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:09", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-3527 Tavis Ormandy reported a local DoS and potential privilege escalation in the Virtual Dynamic Shared Objects (vDSO) implementation.\n\n - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop.\n\n - CVE-2008-4554 Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576 Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops.\n\n - CVE-2008-4933 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption.\n\n - CVE-2008-4934 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value.\n\n - CVE-2008-5025 Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029 Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic.\n\n - CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc.\n\n - CVE-2008-5182 Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges.\n\n - CVE-2008-5300 Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.", "cvss3": {}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "Debian DSA-1687-1 : linux-2.6 - denial of service/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3527", "CVE-2008-3528", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1687.NASL", "href": "https://www.tenable.com/plugins/nessus/35174", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1687. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35174);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3527\", \"CVE-2008-3528\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\");\n script_bugtraq_id(31634, 31903, 32093, 32154, 32289, 32676);\n script_xref(name:\"DSA\", value:\"1687\");\n\n script_name(english:\"Debian DSA-1687-1 : linux-2.6 - denial of service/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-3527\n Tavis Ormandy reported a local DoS and potential\n privilege escalation in the Virtual Dynamic Shared\n Objects (vDSO) implementation.\n\n - CVE-2008-3528\n Eugene Teo reported a local DoS issue in the ext2 and\n ext3 filesystems. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a corrupted filesystem that causes the kernel\n to output error messages in an infinite loop.\n\n - CVE-2008-4554\n Milos Szeredi reported that the usage of splice() on\n files opened with O_APPEND allows users to write to the\n file at arbitrary offsets, enabling a bypass of possible\n assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576\n Vlad Yasevich reported an issue in the SCTP subsystem\n that may allow remote users to cause a local DoS by\n triggering a kernel oops.\n\n - CVE-2008-4933\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that causes the\n kernel to overrun a buffer, resulting in a system oops\n or memory corruption.\n\n - CVE-2008-4934\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that results in a\n kernel oops due to an unchecked return value.\n\n - CVE-2008-5025\n Eric Sesterhenn reported a local DoS issue in the hfs\n filesystem. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a filesystem with a corrupted catalog name\n length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029\n Andrea Bittau reported a DoS issue in the unix socket\n subsystem that allows a local user to cause memory\n corruption, resulting in a kernel panic.\n\n - CVE-2008-5079\n Hugo Dias reported a DoS condition in the ATM subsystem\n that can be triggered by a local user by calling the\n svc_listen function twice on the same socket and reading\n /proc/net/atm/*vc.\n\n - CVE-2008-5182\n Al Viro reported race conditions in the inotify\n subsystem that may allow local users to acquire elevated\n privileges.\n\n - CVE-2008-5300\n Dann Frazier reported a DoS condition that allows local\n users to cause the out of memory handler to kill off\n privileged processes or trigger soft lockups due to a\n starvation issue in the unix socket subsystem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1687\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-23etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:00", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop.\n\n - CVE-2008-4554 Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576 Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops.\n\n - CVE-2008-4618 Wei Yongjun reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel panic.\n\n - CVE-2008-4933 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption.\n\n - CVE-2008-4934 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value.\n\n - CVE-2008-5025 Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029 Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic.\n\n - CVE-2008-5134 Johannes Berg reported a remote DoS issue in the libertas wireless driver, which can be triggered by a specially crafted beacon/probe response.\n\n - CVE-2008-5182 Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges.\n\n - CVE-2008-5300 Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.", "cvss3": {}, "published": "2008-12-05T00:00:00", "type": "nessus", "title": "Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4618", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1681.NASL", "href": "https://www.tenable.com/plugins/nessus/35036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1681. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35036);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_bugtraq_id(31634, 31903, 32093, 32154, 32289);\n script_xref(name:\"DSA\", value:\"1681\");\n\n script_name(english:\"Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-3528\n Eugene Teo reported a local DoS issue in the ext2 and\n ext3 filesystems. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a corrupted filesystem that causes the kernel\n to output error messages in an infinite loop.\n\n - CVE-2008-4554\n Milos Szeredi reported that the usage of splice() on\n files opened with O_APPEND allows users to write to the\n file at arbitrary offsets, enabling a bypass of possible\n assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576\n Vlad Yasevich reported an issue in the SCTP subsystem\n that may allow remote users to cause a local DoS by\n triggering a kernel oops.\n\n - CVE-2008-4618\n Wei Yongjun reported an issue in the SCTP subsystem that\n may allow remote users to cause a local DoS by\n triggering a kernel panic.\n\n - CVE-2008-4933\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that causes the\n kernel to overrun a buffer, resulting in a system oops\n or memory corruption.\n\n - CVE-2008-4934\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that results in a\n kernel oops due to an unchecked return value.\n\n - CVE-2008-5025\n Eric Sesterhenn reported a local DoS issue in the hfs\n filesystem. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a filesystem with a corrupted catalog name\n length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029\n Andrea Bittau reported a DoS issue in the unix socket\n subsystem that allows a local user to cause memory\n corruption, resulting in a kernel panic.\n\n - CVE-2008-5134\n Johannes Berg reported a remote DoS issue in the\n libertas wireless driver, which can be triggered by a\n specially crafted beacon/probe response.\n\n - CVE-2008-5182\n Al Viro reported race conditions in the inotify\n subsystem that may allow local users to acquire elevated\n privileges.\n\n - CVE-2008-5300\n Dann Frazier reported a DoS condition that allows local\n users to cause the out of memory handler to kill off\n privileged processes or trigger soft lockups due to a\n starvation issue in the unix socket subsystem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4618\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1681\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264, 287, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:50", "description": "From Red Hat Security Advisory 2009:0264 :\n\nUpdated kernel packages that resolve several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with many cores. An attacker who could send a large amount of network traffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write operations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics appeared seemingly at random. These panics were caused by a race condition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller timespec value than the result of previous clock_gettime() function execution, which resulted in a negative, and nonsensical, elapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was usually ignored and ended up unconditionally creating the RPC client with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the credentials needed to be refreshed. The credops did not match the authorization type, which resulted in the credops dereferencing an incorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the end of the user buffer and the kernel jumped to the exception table entry, the rsi register was not cleared. This resulted in exiting back to user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the data traced was incorrect and the SAN payload was read from a different place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was not possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times and, at some point, a thread forked a child and then attempted to call the setpgid() function, then this function failed and returned and ESRCH error value.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. Note: for this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2009-0264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5713", "CVE-2009-0031", "CVE-2009-0065"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0264.NASL", "href": "https://www.tenable.com/plugins/nessus/67800", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0264 and \n# Oracle Linux Security Advisory ELSA-2009-0264 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67800);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n script_bugtraq_id(32093, 32289, 33113);\n script_xref(name:\"RHSA\", value:\"2009:0264\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2009-0264)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0264 :\n\nUpdated kernel packages that resolve several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw\nto deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream\nControl Transmission Protocol (PR-SCTP) implementation. This could,\npotentially, lead to a denial of service if a Forward-TSN chunk is\nreceived with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with\nmany cores. An attacker who could send a large amount of network\ntraffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to\nproperly handle corrupted data structures. This could, potentially,\nlead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write\noperations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics\nappeared seemingly at random. These panics were caused by a race\ncondition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a\nsmaller timespec value than the result of previous clock_gettime()\nfunction execution, which resulted in a negative, and nonsensical,\nelapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was\nusually ignored and ended up unconditionally creating the RPC client\nwith an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when\nthe credentials needed to be refreshed. The credops did not match the\nauthorization type, which resulted in the credops dereferencing an\nincorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the\nend of the user buffer and the kernel jumped to the exception table\nentry, the rsi register was not cleared. This resulted in exiting back\nto user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the\ndata traced was incorrect and the SAN payload was read from a\ndifferent place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was\nnot possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times\nand, at some point, a thread forked a child and then attempted to call\nthe setpgid() function, then this function failed and returned and\nESRCH error value.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: for this update to\ntake effect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-February/000886.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0264\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:55", "description": "Updated kernel packages that resolve several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with many cores. An attacker who could send a large amount of network traffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write operations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics appeared seemingly at random. These panics were caused by a race condition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller timespec value than the result of previous clock_gettime() function execution, which resulted in a negative, and nonsensical, elapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was usually ignored and ended up unconditionally creating the RPC client with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the credentials needed to be refreshed. The credops did not match the authorization type, which resulted in the credops dereferencing an incorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the end of the user buffer and the kernel jumped to the exception table entry, the rsi register was not cleared. This resulted in exiting back to user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the data traced was incorrect and the SAN payload was read from a different place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was not possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times and, at some point, a thread forked a child and then attempted to call the setpgid() function, then this function failed and returned and ESRCH error value.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. Note: for this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2009-02-12T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5713", "CVE-2009-0031", "CVE-2009-0065"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0264.NASL", "href": "https://www.tenable.com/plugins/nessus/35645", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0264. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35645);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n script_bugtraq_id(32093, 32289, 33113);\n script_xref(name:\"RHSA\", value:\"2009:0264\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0264)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw\nto deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream\nControl Transmission Protocol (PR-SCTP) implementation. This could,\npotentially, lead to a denial of service if a Forward-TSN chunk is\nreceived with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with\nmany cores. An attacker who could send a large amount of network\ntraffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to\nproperly handle corrupted data structures. This could, potentially,\nlead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write\noperations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics\nappeared seemingly at random. These panics were caused by a race\ncondition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a\nsmaller timespec value than the result of previous clock_gettime()\nfunction execution, which resulted in a negative, and nonsensical,\nelapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was\nusually ignored and ended up unconditionally creating the RPC client\nwith an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when\nthe credentials needed to be refreshed. The credops did not match the\nauthorization type, which resulted in the credops dereferencing an\nincorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the\nend of the user buffer and the kernel jumped to the exception table\nentry, the rsi register was not cleared. This resulted in exiting back\nto user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the\ndata traced was incorrect and the SAN payload was read from a\ndifferent place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was\nnot possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times\nand, at some point, a thread forked a child and then attempted to call\nthe setpgid() function, then this function failed and returned and\nESRCH error value.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: for this update to\ntake effect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0264\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0264\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0264\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-128.1.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:32", "description": "This update addresses the following security issues :\n\n - a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service. (CVE-2009-0031, Important)\n\n - a buffer overflow in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n - a flaw when handling heavy network traffic on an SMP system with many cores. An attacker who could send a large amount of network traffic could create a denial of service. (CVE-2008-5713, Important)\n\n - the code for the HFS and HFS Plus (HFS+) file systems failed to properly handle corrupted data structures.\n This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the HFS Plus (HFS+) file system implementation. This could, potentially, lead to a local denial of service when write operations are performed.\n (CVE-2008-4934, Low)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use the flaw to listen on the same socket more than once, possibly causing a denial of service. (CVE-2008-5079, Important)\n\n - a race condition was found in the Linux kernel 'inotify' watch removal and umount implementation. This could allow a local, unprivileged user to cause a privilege escalation or a denial of service. (CVE-2008-5182, Important)\n\n** Bug fixes and enhancements are provided for :\n\n - support for specific NICs, including products from the following manufacturers: Broadcom Chelsio Cisco Intel Marvell NetXen Realtek Sun\n\n - Fiber Channel support, including support for Qlogic qla2xxx, qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.\n\n - support for various CPUs, including: AMD Opteron processors with 45 nm SOI ('Shanghai') AMD Turion Ultra processors Cell processors Intel Core i7 processors\n\n - Xen support, including issues specific to the IA64 platform, systems using AMD processors, and Dell Optiplex GX280 systems\n\n - ext3, ext4, GFS2, NFS, and SPUFS\n\n - Infiniband (including eHCA, eHEA, and IPoIB) support\n\n - common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support\n\n - the kernel distributed lock manager (DLM)\n\n - hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial connections, tape-drives, and USB\n\n - ACPI, some of a general nature and some related to specific hardware including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and certain machines based on Intel Centrino processor technology.\n\n - CIFS, including Kerberos support and a tech-preview of DFS support\n\n - networking support, including IPv6, PPPoE, and IPSec\n\n - support for Intel chipsets, including: Intel Cantiga chipsets Intel Eagle Lake chipsets Intel i915 chipsets Intel i965 chipsets Intel Ibex Peak chipsets Intel chipsets offering QuickPath Interconnects (QPI)\n\n - device mapping issues, including some in device mapper itself\n\n - various issues specific to IA64 and PPC\n\n - CCISS, including support for Compaq SMART Array controllers P711m and P712m and other new hardware\n\n - various issues affecting specific HP systems, including:\n DL785G5 XW4800 XW8600 XW8600 XW9400\n\n - IOMMU support, including specific issues with AMD and IBM Calgary hardware\n\n - the audit subsystem\n\n - DASD support\n\n - iSCSI support, including issues specific to Chelsio T3 adapters\n\n - LVM issues\n\n - SCTP management information base (MIB) support\n\n - issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace\n\n - platforms using Intel Enhanced Error Handling (EEH)\n\n - EDAC issues for AMD K8 and Intel i5000\n\n - ALSA, including support for new hardware\n\n - futex support\n\n - hugepage support\n\n - Intelligent Platform Management Interface (IPMI) support\n\n - issues affecting NEC/Stratus servers\n\n - OFED support\n\n - SELinux\n\n - various Virtio issues\n\n - when using the nfsd daemon in a clustered setup, kernel panics appeared seemingly at random. These panics were caused by a race condition in the device-mapper mirror target.\n\n - the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller timespec value than the result of previous clock_gettime() function execution, which resulted in a negative, and nonsensical, elapsed time value.\n\n - nfs_create_rpc_client was called with a 'flavor' parameter which was usually ignored and ended up unconditionally creating the RPC client with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the credentials needed to be refreshed. The credops did not match the authorization type, which resulted in the credops dereferencing an incorrect part of the AUTH_UNIX rpc_auth struct.\n\n - when copy_user_c terminated prematurely due to reading beyond the end of the user buffer and the kernel jumped to the exception table entry, the rsi register was not cleared. This resulted in exiting back to user code with garbage in the rsi register.\n\n - the hexdump data in s390dbf traces was incomplete. The length of the data traced was incorrect and the SAN payload was read from a different place then it was written to.\n\n - when using connected mode (CM) in IPoIB on ehca2 hardware, it was not possible to transmit any data.\n\n - when an application called fork() and pthread_create() many times and, at some point, a thread forked a child and then attempted to call the setpgid() function, then this function failed and returned and ESRCH error value.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5713", "CVE-2009-0031", "CVE-2009-0065"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090210_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60532);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - a memory leak in keyctl handling. A local user could use\n this flaw to deplete kernel memory, eventually leading\n to a denial of service. (CVE-2009-0031, Important)\n\n - a buffer overflow in the Linux kernel Partial Reliable\n Stream Control Transmission Protocol (PR-SCTP)\n implementation. This could, potentially, lead to a\n denial of service if a Forward-TSN chunk is received\n with a large stream ID. (CVE-2009-0065, Important)\n\n - a flaw when handling heavy network traffic on an SMP\n system with many cores. An attacker who could send a\n large amount of network traffic could create a denial of\n service. (CVE-2008-5713, Important)\n\n - the code for the HFS and HFS Plus (HFS+) file systems\n failed to properly handle corrupted data structures.\n This could, potentially, lead to a local denial of\n service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the HFS Plus (HFS+) file system\n implementation. This could, potentially, lead to a local\n denial of service when write operations are performed.\n (CVE-2008-4934, Low)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This could,\n potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - a flaw was found in the Asynchronous Transfer Mode (ATM)\n subsystem. A local, unprivileged user could use the flaw\n to listen on the same socket more than once, possibly\n causing a denial of service. (CVE-2008-5079, Important)\n\n - a race condition was found in the Linux kernel 'inotify'\n watch removal and umount implementation. This could\n allow a local, unprivileged user to cause a privilege\n escalation or a denial of service. (CVE-2008-5182,\n Important)\n\n** Bug fixes and enhancements are provided for :\n\n - support for specific NICs, including products from the\n following manufacturers: Broadcom Chelsio Cisco Intel\n Marvell NetXen Realtek Sun\n\n - Fiber Channel support, including support for Qlogic\n qla2xxx, qla4xxx, and qla84xx HBAs and the FCoE, FCP,\n and zFCP protocols.\n\n - support for various CPUs, including: AMD Opteron\n processors with 45 nm SOI ('Shanghai') AMD Turion Ultra\n processors Cell processors Intel Core i7 processors\n\n - Xen support, including issues specific to the IA64\n platform, systems using AMD processors, and Dell\n Optiplex GX280 systems\n\n - ext3, ext4, GFS2, NFS, and SPUFS\n\n - Infiniband (including eHCA, eHEA, and IPoIB) support\n\n - common I/O (CIO), direct I/O (DIO), and queued direct\n I/O (qdio) support\n\n - the kernel distributed lock manager (DLM)\n\n - hardware issues with: SCSI, IEEE 1394 (FireWire), RAID\n (including issues specific to Adaptec controllers), SATA\n (including NCQ), PCI, audio, serial connections,\n tape-drives, and USB\n\n - ACPI, some of a general nature and some related to\n specific hardware including: certain Lenovo Thinkpad\n notebooks, HP DC7700 systems, and certain machines based\n on Intel Centrino processor technology.\n\n - CIFS, including Kerberos support and a tech-preview of\n DFS support\n\n - networking support, including IPv6, PPPoE, and IPSec\n\n - support for Intel chipsets, including: Intel Cantiga\n chipsets Intel Eagle Lake chipsets Intel i915 chipsets\n Intel i965 chipsets Intel Ibex Peak chipsets Intel\n chipsets offering QuickPath Interconnects (QPI)\n\n - device mapping issues, including some in device mapper\n itself\n\n - various issues specific to IA64 and PPC\n\n - CCISS, including support for Compaq SMART Array\n controllers P711m and P712m and other new hardware\n\n - various issues affecting specific HP systems, including:\n DL785G5 XW4800 XW8600 XW8600 XW9400\n\n - IOMMU support, including specific issues with AMD and\n IBM Calgary hardware\n\n - the audit subsystem\n\n - DASD support\n\n - iSCSI support, including issues specific to Chelsio T3\n adapters\n\n - LVM issues\n\n - SCTP management information base (MIB) support\n\n - issues with: autofs, kdump, kobject_add, libata, lpar,\n ptrace, and utrace\n\n - platforms using Intel Enhanced Error Handling (EEH)\n\n - EDAC issues for AMD K8 and Intel i5000\n\n - ALSA, including support for new hardware\n\n - futex support\n\n - hugepage support\n\n - Intelligent Platform Management Interface (IPMI) support\n\n - issues affecting NEC/Stratus servers\n\n - OFED support\n\n - SELinux\n\n - various Virtio issues\n\n - when using the nfsd daemon in a clustered setup, kernel\n panics appeared seemingly at random. These panics were\n caused by a race condition in the device-mapper mirror\n target.\n\n - the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall\n returned a smaller timespec value than the result of\n previous clock_gettime() function execution, which\n resulted in a negative, and nonsensical, elapsed time\n value.\n\n - nfs_create_rpc_client was called with a 'flavor'\n parameter which was usually ignored and ended up\n unconditionally creating the RPC client with an\n AUTH_UNIX flavor. This caused problems on AUTH_GSS\n mounts when the credentials needed to be refreshed. The\n credops did not match the authorization type, which\n resulted in the credops dereferencing an incorrect part\n of the AUTH_UNIX rpc_auth struct.\n\n - when copy_user_c terminated prematurely due to reading\n beyond the end of the user buffer and the kernel jumped\n to the exception table entry, the rsi register was not\n cleared. This resulted in exiting back to user code with\n garbage in the rsi register.\n\n - the hexdump data in s390dbf traces was incomplete. The\n length of the data traced was incorrect and the SAN\n payload was read from a different place then it was\n written to.\n\n - when using connected mode (CM) in IPoIB on ehca2\n hardware, it was not possible to transmit any data.\n\n - when an application called fork() and pthread_create()\n many times and, at some point, a thread forked a child\n and then attempted to call the setpgid() function, then\n this function failed and returned and ESRCH error value.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0902&L=scientific-linux-errata&T=0&P=2076\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4528f07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-128.1.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:09", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.\n(CVE-2008-5033)\n\nStack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. (CVE-2008-5025)\n\nAdditionally, added enhancements for a newer revision of Nokia models 6300, XpressMusic 5200, 5610 and 7610, the support for the ub USB module was disabled, added fixes for the Wake On LAN feature of the r8169 module, added fixes for suspend and resume on the i915 module, added ALSA fixes for Intel HDA, added workaround for a bug on iwlagn, added the m5602 driver, fixed a crash on the ppscsi module, added fixes to the uvcvideo module.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5033"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest"], "id": "MANDRIVA_MDVSA-2008-246.NASL", "href": "https://www.tenable.com/plugins/nessus/37874", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:246. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37874);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5025\", \"CVE-2008-5033\");\n script_bugtraq_id(32094, 32289);\n script_xref(name:\"MDVSA\", value:\"2008:246\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:246)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe chip_command function in drivers/media/video/tvaudio.c in the\nLinux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and\n2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service\n(NULL function pointer dereference and OOPS) via unknown vectors.\n(CVE-2008-5033)\n\nStack-based buffer overflow in the hfs_cat_find_brec function in\nfs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows\nattackers to cause a denial of service (memory corruption or system\ncrash) via an hfs filesystem image with an invalid catalog namelength\nfield, a related issue to CVE-2008-4933. (CVE-2008-5025)\n\nAdditionally, added enhancements for a newer revision of Nokia models\n6300, XpressMusic 5200, 5610 and 7610, the support for the ub USB\nmodule was disabled, added fixes for the Wake On LAN feature of the\nr8169 module, added fixes for suspend and resume on the i915 module,\nadded ALSA fixes for Intel HDA, added workaround for a bug on iwlagn,\nadded the m5602 driver, fixed a crash on the ppscsi module, added\nfixes to the uvcvideo module.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/41782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45599\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.7-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.7-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.7-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081219.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081219.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081219.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.7-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.7-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.7-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20081219.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081219.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20081219.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.7-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.7-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.7-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.7-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.7-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.7-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.7-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.7-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.7-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.7-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.7-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.7-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.7-desktop-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.7-desktop586-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.7-server-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.7-desktop-1mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.7-desktop586-1mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.7-server-1mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.7-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.7-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.7-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.7-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.7-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.7-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.7-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.7-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.7-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20081219.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081219.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20081219.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.7-desktop-1mnb-0.8.3-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.7-desktop586-1mnb-0.8.3-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.7-server-1mnb-0.8.3-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.7-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.7-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.7-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20081219.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20081219.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20081219.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.7-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.7-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.7-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20081219.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20081219.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20081219.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.7-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.7-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.7-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20081219.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20081219.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20081219.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.7-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.7-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.7-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.7-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.7-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.7-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.7-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.7-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.7-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.7-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.7-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.7-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.7-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.7-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.7-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20081219.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20081219.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20081219.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.7-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.7-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.7-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20081219.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20081219.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20081219.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.7-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.7-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.7-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.7-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.7-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.7-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20081219.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20081219.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20081219.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.7-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.7-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.7-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.7-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.7-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.7-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.7-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.7-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.7-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20081219.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081219.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20081219.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.7-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.7-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.7-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20081219.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20081219.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20081219.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.7-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.7-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.7-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.7-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.7-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.7-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.7-desktop-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.7-desktop586-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.7-server-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.7-desktop-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.7-desktop586-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.7-server-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.7-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.7-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.7-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20081219.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20081219.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20081219.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.7-desktop-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.7-desktop586-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.7-server-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.7-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.7-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.7-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:54", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nnet/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\nLinux kernel 2.6.28 allows local users to cause a denial of service (soft lockup and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. (CVE-2008-5300)\n\nAdditionaly, wireless and hotkeys support for Asus EEE were fixed, systems with HDA sound needing MSI support were added to the quirks list to be autodetected, STAC92HD71Bx and STAC92HD75Bx based HDA support was enhanced and fixed, support for HDA sound on Acer Aspire 8930 was added, Dell Inspiron Mini 9 HDA sound support was added, CIFS filesystem should now work with Kerberos, and a few more things. Check the package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:032)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest"], "id": "MANDRIVA_MDVSA-2009-032.NASL", "href": "https://www.tenable.com/plugins/nessus/37078", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:032. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37078);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5300\");\n script_bugtraq_id(32676);\n script_xref(name:\"MDVSA\", value:\"2009:032\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:032)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nnet/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and\nearlier allows local users to cause a denial of service (kernel\ninfinite loop) by making two calls to svc_listen for the same socket,\nand then reading a /proc/net/atm/*vc file, related to corruption of\nthe vcc table. (CVE-2008-5079)\n\nLinux kernel 2.6.28 allows local users to cause a denial of service\n(soft lockup and process loss) via a large number of sendmsg function\ncalls, which does not block during AF_UNIX garbage collection and\ntriggers an OOM condition, a different vulnerability than\nCVE-2008-5029. (CVE-2008-5300)\n\nAdditionaly, wireless and hotkeys support for Asus EEE were fixed,\nsystems with HDA sound needing MSI support were added to the quirks\nlist to be autodetected, STAC92HD71Bx and STAC92HD75Bx based HDA\nsupport was enhanced and fixed, support for HDA sound on Acer Aspire\n8930 was added, Dell Inspiron Mini 9 HDA sound support was added, CIFS\nfilesystem should now work with Kerberos, and a few more things. Check\nthe package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/43332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44855\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/46164\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.10-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090130.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090130.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090130.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.10-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.10-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.10-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20090130.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20090130.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20090130.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.10-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.10-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.10-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.10-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.10-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.10-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.10-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.10-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.10-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.10-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.10-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.10-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.10-desktop-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.10-server-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.10-desktop-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.10-desktop586-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.10-server-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090130.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20090130.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20090130.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.10-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.10-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.10-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.10-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.10-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.10-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.10-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.10-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.10-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090130.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090130.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090130.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.10-desktop-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.10-desktop586-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.10-server-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20090130.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20090130.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20090130.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.10-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.10-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.10-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090130.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090130.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20090130.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.10-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.10-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.10-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090130.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090130.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090130.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.10-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.10-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.10-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20090130.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20090130.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20090130.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.10-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.10-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.10-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.10-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.10-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.10-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.10-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.10-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.10-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.10-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.10-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.10-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.10-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.10-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.10-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20090130.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20090130.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20090130.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.10-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.10-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.10-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090130.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090130.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090130.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.10-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.10-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.10-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.10-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20090130.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20090130.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20090130.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.10-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.10-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.10-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.10-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.10-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.10-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.10-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.10-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.10-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20090130.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20090130.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20090130.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.10-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.10-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.10-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090130.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090130.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090130.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.10-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.10-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.10-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.10-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.10-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.10-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.10-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.10-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.10-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.10-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.10-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.10-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.10-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.10-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20090130.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20090130.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20090130.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.10-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.10-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.10-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.10-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.10-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.10-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:05", "description": "It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10. (CVE-2007-5498)\n\nIt was discovered the the i915 video driver did not correctly validate memory addresses. A local attacker could exploit this to remap memory that could cause a system crash, leading to a denial of service. This issue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu 7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as well. (CVE-2008-3831)\n\nDavid Watson discovered that the kernel did not correctly strip permissions when creating files in setgid directories. A local user could exploit this to gain additional group privileges. This issue only affected Ubuntu 6.06. (CVE-2008-4210)\n\nOlaf Kirch and Miklos Szeredi discovered that the Linux kernel did not correctly reject the 'append' flag when handling file splice requests.\nA local attacker could bypass append mode and make changes to arbitrary locations in a file. This issue only affected Ubuntu 7.10 and 8.04. (CVE-2008-4554)\n\nIt was discovered that the SCTP stack did not correctly handle INIT-ACK. A remote user could exploit this by sending specially crafted SCTP traffic which would trigger a crash in the system, leading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4576)\n\nIt was discovered that the SCTP stack did not correctly handle bad packet lengths. A remote user could exploit this by sending specially crafted SCTP traffic which would trigger a crash in the system, leading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4618)\n\nEric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a local user or automated system were tricked into mounting a malicious HFS+ filesystem, the system could crash, leading to a denial of service. (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n\nIt was discovered that the Unix Socket handler did not correctly process the SCM_RIGHTS message. A local attacker could make a malicious socket request that would crash the system, leading to a denial of service. (CVE-2008-5029)\n\nIt was discovered that the driver for simple i2c audio interfaces did not correctly validate certain function pointers. A local user could exploit this to gain root privileges or crash the system, leading to a denial of service. (CVE-2008-5033).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5498", "CVE-2008-3831", "CVE-2008-4210", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4618", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5033"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-53", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.22-16", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.24-22", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:fglrx-amdcccle", "p-cpe:/a:canonical:ubuntu_linux:fglrx-control", "p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-679-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37683", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-679-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37683);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n script_bugtraq_id(31368, 31634, 31792, 31903, 32093, 32094, 32154, 32289);\n script_xref(name:\"USN\", value:\"679-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Xen hypervisor block driver did not\ncorrectly validate requests. A user with root privileges in a guest OS\ncould make a malicious IO request with a large number of blocks that\nwould crash the host OS, leading to a denial of service. This only\naffected Ubuntu 7.10. (CVE-2007-5498)\n\nIt was discovered the the i915 video driver did not correctly validate\nmemory addresses. A local attacker could exploit this to remap memory\nthat could cause a system crash, leading to a denial of service. This\nissue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu\n7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as\nwell. (CVE-2008-3831)\n\nDavid Watson discovered that the kernel did not correctly strip\npermissions when creating files in setgid directories. A local user\ncould exploit this to gain additional group privileges. This issue\nonly affected Ubuntu 6.06. (CVE-2008-4210)\n\nOlaf Kirch and Miklos Szeredi discovered that the Linux kernel did not\ncorrectly reject the 'append' flag when handling file splice requests.\nA local attacker could bypass append mode and make changes to\narbitrary locations in a file. This issue only affected Ubuntu 7.10\nand 8.04. (CVE-2008-4554)\n\nIt was discovered that the SCTP stack did not correctly handle\nINIT-ACK. A remote user could exploit this by sending specially\ncrafted SCTP traffic which would trigger a crash in the system,\nleading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4576)\n\nIt was discovered that the SCTP stack did not correctly handle bad\npacket lengths. A remote user could exploit this by sending specially\ncrafted SCTP traffic which would trigger a crash in the system,\nleading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4618)\n\nEric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a\nlocal user or automated system were tricked into mounting a malicious\nHFS+ filesystem, the system could crash, leading to a denial of\nservice. (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n\nIt was discovered that the Unix Socket handler did not correctly\nprocess the SCM_RIGHTS message. A local attacker could make a\nmalicious socket request that would crash the system, leading to a\ndenial of service. (CVE-2008-5029)\n\nIt was discovered that the driver for simple i2c audio interfaces did\nnot correctly validate certain function pointers. A local user could\nexploit this to gain root privileges or crash the system, leading to a\ndenial of service. (CVE-2008-5033).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/679-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.22-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.24-22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-amdcccle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-679-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware-2.6.15-53\", pkgver:\"3.11+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-control\", pkgver:\"8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-386\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-686\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-server\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-386\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-686\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-386\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-686\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-386\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-686\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-generic\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-k8\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.0.0-8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.0.0-8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"avm-fritz-firmware-2.6.22-16\", pkgver:\"3.11+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"fglrx-control\", pkgver:\"8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-386\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-generic\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-rt\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-server\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-ume\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-xen\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-386\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-generic\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-rt\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-xen\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-386\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-generic\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-rt\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-server\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-ume\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-virtual\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-xen\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-new\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"avm-fritz-firmware-2.6.24-22\", pkgver:\"3.11+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-amdcccle\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-control\", pkgver:\"8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-kernel-source\", pkgver:\"8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-386\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-generic\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-openvz\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-rt\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-server\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-virtual\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-xen\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-openvz\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-rt\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-xen\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-386\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-generic\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-openvz\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-rt\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-server\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-virtual\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-xen\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-386\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-generic\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-openvz\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-rt\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-server\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-virtual\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-xen\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-lpia\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-lpiacompat\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-openvz\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-rt\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-xen\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-386\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-generic\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-openvz\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-rt\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-server\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-xen\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-386\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-generic\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-openvz\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-rt\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-server\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-virtual\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-xen\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-dev\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-legacy\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-new\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-kernel-source\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-backports-modules-2.6.27-9-generic\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-backports-modules-2.6.27-9-server\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9-generic\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9-server\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-lbm-2.6.27-9-generic\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-lbm-2.6.27-9-server\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-generic\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-server\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-virtual\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-2.6.27-9-generic\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-2.6.27-9-server\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-9.19\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avm-fritz-firmware-2.6.15-53 / avm-fritz-firmware-2.6.22-16 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:34", "description": "Updated kernel packages that resolve several security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update includes backported fixes for four security issues. These issues only affected users of Red Hat Enterprise Linux 5.2 Extended Update Support as they have already been addressed for users of Red Hat Enterprise Linux 5 in the 5.3 update, RHSA-2009:0225.\n\nIn accordance with the support policy, future security updates to Red Hat Enterprise Linux 5.2 Extended Update Support will only include issues of critical security impact.\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same socket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch removal and umount implementation. This could allow a local, unprivileged user to cause a privilege escalation or a denial of service. (CVE-2008-5182, Important)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. Note: for this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2009-0021.NASL", "href": "https://www.tenable.com/plugins/nessus/63871", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0021. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63871);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_xref(name:\"RHSA\", value:\"2009:0021\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0021)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues are now\navailable for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update includes backported fixes for four security issues. These\nissues only affected users of Red Hat Enterprise Linux 5.2 Extended\nUpdate Support as they have already been addressed for users of Red\nHat Enterprise Linux 5 in the 5.3 update, RHSA-2009:0225.\n\nIn accordance with the support policy, future security updates to Red\nHat Enterprise Linux 5.2 Extended Update Support will only include\nissues of critical security impact.\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same\nsocket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch\nremoval and umount implementation. This could allow a local,\nunprivileged user to cause a privilege escalation or a denial of\nservice. (CVE-2008-5182, Important)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: for this update to\ntake effect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5182.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-0021.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"kernel-doc-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.24.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:31", "description": "Updated kernel packages that fix three security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the third regular update.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe Linux kernel (the core of the Linux operating system)\n\nThese updated packages contain 730 bug fixes and enhancements for the Linux kernel. Space precludes a detailed description of each of these changes in this advisory and users are therefore directed to the release notes for Red Hat Enterprise Linux 5.3 for information on 97 of the most significant of these changes.\n\nDetails of three security-related bug fixes are set out below, along with notes on other broad categories of change not covered in the release notes. For more detailed information on specific bug fixes or enhancements, please consult the Bugzilla numbers listed in this advisory.\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same socket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch removal and umount implementation. This could allow a local, unprivileged user to cause a privilege escalation or a denial of service. (CVE-2008-5182, Important)\n\n* Bug fixes and enhancements are provided for :\n\n* support for specific NICs, including products from the following manufacturers: Broadcom Chelsio Cisco Intel Marvell NetXen Realtek Sun\n\n* Fiber Channel support, including support for Qlogic qla2xxx, qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.\n\n* support for various CPUs, including: AMD Opteron processors with 45 nm SOI ('Shanghai') AMD Turion Ultra processors Cell processors Intel Core i7 processors\n\n* Xen support, including issues specific to the IA64 platform, systems using AMD processors, and Dell Optiplex GX280 systems\n\n* ext3, ext4, GFS2, NFS, and SPUFS\n\n* Infiniband (including eHCA, eHEA, and IPoIB) support\n\n* common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support\n\n* the kernel distributed lock manager (DLM)\n\n* hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial connections, tape-drives, and USB\n\n* ACPI, some of a general nature and some related to specific hardware including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and certain machines based on Intel Centrino processor technology.\n\n* CIFS, including Kerberos support and a tech-preview of DFS support\n\n* networking support, including IPv6, PPPoE, and IPSec\n\n* support for Intel chipsets, including: Intel Cantiga chipsets Intel Eagle Lake chipsets Intel i915 chipsets Intel i965 chipsets Intel Ibex Peak chipsets Intel chipsets offering QuickPath Interconnects (QPI)\n\n* device mapping issues, including some in device mapper itself\n\n* various issues specific to IA64 and PPC\n\n* CCISS, including support for Compaq SMART Array controllers P711m and P712m and other new hardware\n\n* various issues affecting specific HP systems, including: DL785G5 XW4800 XW8600 XW8600 XW9400\n\n* IOMMU support, including specific issues with AMD and IBM Calgary hardware\n\n* the audit subsystem\n\n* DASD support\n\n* iSCSI support, including issues specific to Chelsio T3 adapters\n\n* LVM issues\n\n* SCTP management information base (MIB) support\n\n* issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace\n\n* IBM Power platforms using Enhanced I/O Error Handling (EEH)\n\n* EDAC issues for AMD K8 and Intel i5000\n\n* ALSA, including support for new hardware\n\n* futex support\n\n* hugepage support\n\n* Intelligent Platform Management Interface (IPMI) support\n\n* issues affecting NEC/Stratus servers\n\n* OFED support\n\n* SELinux\n\n* various Virtio issues\n\nAll users are advised to upgrade to these updated packages, which resolve these issues and add these enhancements.", "cvss3": {}, "published": "2009-01-21T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0225)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2009-0225.NASL", "href": "https://www.tenable.com/plugins/nessus/35434", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0225. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35434);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_bugtraq_id(32154, 32676, 33503);\n script_xref(name:\"RHSA\", value:\"2009:0225\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0225)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues, address\nseveral hundred bugs and add numerous enhancements are now available\nas part of the ongoing support and maintenance of Red Hat Enterprise\nLinux version 5. This is the third regular update.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Linux kernel (the core of the Linux operating system)\n\nThese updated packages contain 730 bug fixes and enhancements for the\nLinux kernel. Space precludes a detailed description of each of these\nchanges in this advisory and users are therefore directed to the\nrelease notes for Red Hat Enterprise Linux 5.3 for information on 97\nof the most significant of these changes.\n\nDetails of three security-related bug fixes are set out below, along\nwith notes on other broad categories of change not covered in the\nrelease notes. For more detailed information on specific bug fixes or\nenhancements, please consult the Bugzilla numbers listed in this\nadvisory.\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same\nsocket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch\nremoval and umount implementation. This could allow a local,\nunprivileged user to cause a privilege escalation or a denial of\nservice. (CVE-2008-5182, Important)\n\n* Bug fixes and enhancements are provided for :\n\n* support for specific NICs, including products from the following\nmanufacturers: Broadcom Chelsio Cisco Intel Marvell NetXen Realtek Sun\n\n* Fiber Channel support, including support for Qlogic qla2xxx,\nqla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.\n\n* support for various CPUs, including: AMD Opteron processors with 45\nnm SOI ('Shanghai') AMD Turion Ultra processors Cell processors Intel\nCore i7 processors\n\n* Xen support, including issues specific to the IA64 platform, systems\nusing AMD processors, and Dell Optiplex GX280 systems\n\n* ext3, ext4, GFS2, NFS, and SPUFS\n\n* Infiniband (including eHCA, eHEA, and IPoIB) support\n\n* common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio)\nsupport\n\n* the kernel distributed lock manager (DLM)\n\n* hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including\nissues specific to Adaptec controllers), SATA (including NCQ), PCI,\naudio, serial connections, tape-drives, and USB\n\n* ACPI, some of a general nature and some related to specific hardware\nincluding: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and\ncertain machines based on Intel Centrino processor technology.\n\n* CIFS, including Kerberos support and a tech-preview of DFS support\n\n* networking support, including IPv6, PPPoE, and IPSec\n\n* support for Intel chipsets, including: Intel Cantiga chipsets Intel\nEagle Lake chipsets Intel i915 chipsets Intel i965 chipsets Intel Ibex\nPeak chipsets Intel chipsets offering QuickPath Interconnects (QPI)\n\n* device mapping issues, including some in device mapper itself\n\n* various issues specific to IA64 and PPC\n\n* CCISS, including support for Compaq SMART Array controllers P711m\nand P712m and other new hardware\n\n* various issues affecting specific HP systems, including: DL785G5\nXW4800 XW8600 XW8600 XW9400\n\n* IOMMU support, including specific issues with AMD and IBM Calgary\nhardware\n\n* the audit subsystem\n\n* DASD support\n\n* iSCSI support, including issues specific to Chelsio T3 adapters\n\n* LVM issues\n\n* SCTP management information base (MIB) support\n\n* issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and\nutrace\n\n* IBM Power platforms using Enhanced I/O Error Handling (EEH)\n\n* EDAC issues for AMD K8 and Intel i5000\n\n* ALSA, including support for new hardware\n\n* futex support\n\n* hugepage support\n\n* Intelligent Platform Management Interface (IPMI) support\n\n* issues affecting NEC/Stratus servers\n\n* OFED support\n\n* SELinux\n\n* various Virtio issues\n\nAll users are advised to upgrade to these updated packages, which\nresolve these issues and add these enhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0225\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0225\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0225\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-128.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:07", "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled correctly. A local attacker could exploit this to crash the system, leading do a denial of service. This did not affect official Ubuntu kernels, but was fixed in the source for anyone performing HPPA kernel builds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 8.10 : linux vulnerabilities (USN-715-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5702"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-715-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36279", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-715-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36279);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n script_bugtraq_id(32676, 33503);\n script_xref(name:\"USN\", value:\"715-1\");\n\n script_name(english:\"Ubuntu 8.10 : linux vulnerabilities (USN-715-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a\ndenial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled\ncorrectly. A local attacker could exploit this to crash the system,\nleading do a denial of service. This did not affect official Ubuntu\nkernels, but was fixed in the source for anyone performing HPPA kernel\nbuilds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set\ntimeouts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly\ncheck buffer sizes. A local attacker could send a specially crafted\nioctl to the device to cause a system crash, leading to a denial of\nservice. (CVE-2008-5702).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/715-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-715-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-generic\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-server\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-generic\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-server\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-virtual\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-11.27\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.27 / linux-headers-2.6 / linux-headers-2.6-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:14:15", "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affected.\n(CVE-2008-5713).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux-source-2.6.15/22, linux vulnerabilities (USN-714-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5700", "CVE-2008-5702", "CVE-2008-5713"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-714-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-714-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36454);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2008-5713\");\n script_bugtraq_id(32676);\n script_xref(name:\"USN\", value:\"714-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux-source-2.6.15/22, linux vulnerabilities (USN-714-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly\nhandle beacon and probe responses. A physically near-by attacker could\ngenerate specially crafted wireless network traffic and cause a denial\nof service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a\ndenial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set\ntimeouts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly\ncheck buffer sizes. A local attacker could send a specially crafted\nioctl to the device to cause a system crash, leading to a denial of\nservice. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did\nnot correctly handle very large levels of traffic. A local attacker\ncould produce a high volume of UDP traffic resulting in a system hang,\nleading to a denial of service. Ubuntu 8.04 was not affected.\n(CVE-2008-5713).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/714-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2008-5713\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-714-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-386\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-686\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-386\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-686\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-openvz\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-rt\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-xen\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpia\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpiacompat\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-openvz\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-rt\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-xen\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-23.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.22 / linux-doc-2.6.24 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:17", "description": "CVE-2008-5029 kernel: Unix sockets kernel panic\n\nCVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector\n\nCVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL) check\n\nCVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service\n\nCVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID\n\nCVE-2009-2848 kernel: execve: must clear current->clear_child_tid\n\nCVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks 520300 - kernel: ipv4: make ip_append_data() handle NULL routing table [rhel-3]\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could,potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n - the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n (CVE-2009-1895, Important)\n\n - it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important)\n\n - missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space.\n These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n - a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n - this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642)\n\n - a bridge reference count problem in IPv6 has been fixed.\n (BZ#457010)\n\n - enforce null-termination of user-supplied arguments to setsockopt(). (BZ#505514)\n\n - the gcc flag '-fno-delete-null-pointer-checks' was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure.\n (BZ#511185)\n\n - a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL3.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2848", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091103_KERNEL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60688);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3547\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2008-5029 kernel: Unix sockets kernel panic\n\nCVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket\ngarbage collector\n\nCVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL)\ncheck\n\nCVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service\n\nCVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID\n\nCVE-2009-2848 kernel: execve: must clear current->clear_child_tid\n\nCVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks\n520300 - kernel: ipv4: make ip_append_data() handle NULL routing table\n[rhel-3]\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This\n could,potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - the sendmsg() function in the Linux kernel did not block\n during UNIX socket garbage collection. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - the exit_notify() function in the Linux kernel did not\n properly reset the exit signal if a process executed a\n set user ID (setuid) application before exiting. This\n could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the Intel PRO/1000 network driver in\n the Linux kernel. Frames with sizes near the MTU of an\n interface may be split across multiple hardware receive\n descriptors. Receipt of such a frame could leak through\n a validation check, leading to a corruption of the\n length check. A remote attacker could use this flaw to\n send a specially crafted packet that would cause a\n denial of service or code execution. (CVE-2009-1385,\n Important)\n\n - the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not\n cleared when a setuid or setgid program was executed. A\n local, unprivileged user could use this flaw to bypass\n the mmap_min_addr protection mechanism and perform a\n NULL pointer dereference attack, or bypass the Address\n Space Layout Randomization (ASLR) security feature.\n (CVE-2009-1895, Important)\n\n - it was discovered that, when executing a new process,\n the clear_child_tid pointer in the Linux kernel is not\n cleared. If this pointer points to a writable portion of\n the memory of the new program, the kernel could corrupt\n four bytes of memory, possibly leading to a local denial\n of service or privilege escalation. (CVE-2009-2848,\n Important)\n\n - missing initialization flaws were found in getname()\n implementations in the IrDA sockets, AppleTalk DDP\n protocol, NET/ROM protocol, and ROSE protocol\n implementations in the Linux kernel. Certain data\n structures in these getname() implementations were not\n initialized properly before being copied to user-space.\n These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n - a NULL pointer dereference flaw was found in each of the\n following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the\n i_pipe pointer could be released by other processes\n before it is used to update the pipe's reader and writer\n counters. This could lead to a local denial of service\n or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n - this update adds the mmap_min_addr tunable and\n restriction checks to help prevent unprivileged users\n from creating new memory mappings below the minimum\n address. This can help prevent the exploitation of NULL\n pointer dereference bugs. Note that mmap_min_addr is set\n to zero (disabled) by default for backwards\n compatibility. (BZ#512642)\n\n - a bridge reference count problem in IPv6 has been fixed.\n (BZ#457010)\n\n - enforce null-termination of user-supplied arguments to\n setsockopt(). (BZ#505514)\n\n - the gcc flag '-fno-delete-null-pointer-checks' was added\n to the kernel build options. This prevents gcc from\n optimizing out NULL pointer checks after the first use\n of a pointer. NULL pointer bugs are often exploited by\n attackers. Keeping these checks is a safety measure.\n (BZ#511185)\n\n - a check has been added to the IPv4 code to make sure\n that rt is not NULL, to help prevent future bugs in\n functions that call ip_append_data() from being\n exploitable. (BZ#520300)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520300\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0911&L=scientific-linux-errata&T=0&P=599\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f8d1106\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"kernel-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-doc-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-source-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-unsupported-2.4.21-63.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:15:38", "description": "Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also includes three critical fixes scheduled for 2.6.27.10 Update applesmc driver to latest upstream version. (Adds module autoloading.) Update ALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for details.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in 2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Fedora 10 : kernel-2.6.27.9-159.fc10 (2008-11593)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2008-11593.NASL", "href": "https://www.tenable.com/plugins/nessus/37568", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11593.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37568);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_xref(name:\"FEDORA\", value:\"2008-11593\");\n\n script_name(english:\"Fedora 10 : kernel-2.6.27.9-159.fc10 (2008-11593)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also\nincludes three critical fixes scheduled for 2.6.27.10 Update applesmc\ndriver to latest upstream version. (Adds module autoloading.) Update\nALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for\ndetails.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in\n2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f8e56b1\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7612a49a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473696\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/018236.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?83188a85\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kernel-2.6.27.9-159.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:03", "description": "Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also includes three critical fixes scheduled for 2.6.27.10 Update applesmc driver to latest upstream version. (Adds module autoloading.) Update ALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for details.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in 2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-12-26T00:00:00", "type": "nessus", "title": "Fedora 9 : kernel-2.6.27.9-73.fc9 (2008-11618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-11618.NASL", "href": "https://www.tenable.com/plugins/nessus/35264", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11618.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35264);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_bugtraq_id(32676);\n script_xref(name:\"FEDORA\", value:\"2008-11618\");\n\n script_name(english:\"Fedora 9 : kernel-2.6.27.9-73.fc9 (2008-11618)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also\nincludes three critical fixes scheduled for 2.6.27.10 Update applesmc\ndriver to latest upstream version. (Adds module autoloading.) Update\nALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for\ndetails.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in\n2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f8e56b1\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7612a49a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473696\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/018268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4addf118\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif