DATABASE RESOURCES PRICING ABOUT US

{"id": "OSV:DLA-360-1", "bulletinFamily": "software", "title": "linux-2.6 - security update", "description": "\nThis update fixes the CVEs described below.\n\n\n* [CVE-2013-7446](https://security-tracker.debian.org/tracker/CVE-2013-7446)\nDmitry Vyukov discovered that a particular sequence of valid\n operations on local (AF\\_UNIX) sockets can result in a\n use-after-free. This may be used to cause a denial of service\n (crash) or possibly for privilege escalation.\n* [CVE-2015-7799](https://security-tracker.debian.org/tracker/CVE-2015-7799)\n\u00e9\u0083\u00ad\u0107\u00b0\u00b8\u013a\u0088\u009a discovered that a user granted access to /dev/ppp can cause\n a denial of service (crash) by passing invalid parameters to the\n PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.\n* [CVE-2015-7833](https://security-tracker.debian.org/tracker/CVE-2015-7833)\nSergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\n flaw in the processing of certain USB device descriptors in the\n usbvision driver. An attacker with physical access to the system can\n use this flaw to crash the system.\n* [CVE-2015-7990](https://security-tracker.debian.org/tracker/CVE-2015-7990)\nIt was discovered that the fix for [CVE-2015-6937](https://security-tracker.debian.org/tracker/CVE-2015-6937) was incomplete. A\n race condition when sending a message on unbound socket can still\n cause a NULL pointer dereference. A remote attacker might be able to\n cause a denial of service (crash) by sending a crafted packet.\n* [CVE-2015-8324](https://security-tracker.debian.org/tracker/CVE-2015-8324)\nValintinr reported that an attempt to mount a corrupted ext4\n filesystem may result in a kernel panic. A user permitted to\n mount filesystems could use this flaw to crash the system.\n\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze17. We recommend that you upgrade your\nlinux-2.6 packages.\n\n\nFor the oldstable (wheezy) and stable (jessie) distributions,\n[CVE-2015-7833](https://security-tracker.debian.org/tracker/CVE-2015-7833), [CVE-2015-7990](https://security-tracker.debian.org/tracker/CVE-2015-7990) and [CVE-2015-8324](https://security-tracker.debian.org/tracker/CVE-2015-8324) have been fixed and the\nother issues will be fixed soon.\n\n\n", "published": "2015-12-08T00:00:00", "modified": "2022-08-05T05:19:26", "cvss": {"score": 5.9, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 8.5, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM"}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 4.7}, "href": "https://osv.dev/vulnerability/DLA-360-1", "reporter": "Google", "references": ["https://www.debian.org/lts/security/2015/dla-360"], "cvelist": ["CVE-2015-8324", "CVE-2015-7990", "CVE-2015-7833", "CVE-2015-7799", "CVE-2013-7446", "CVE-2015-6937"], "immutableFields": [], "type": "osv", "lastseen": "2022-08-05T05:19:28", "edition": 1, "viewCount": 10, "enchantments": {"dependencies": {"references": [{"idList": ["ANDROID:2016-09-01"], "type": "androidsecurity"}, {"idList": ["MGASA-2016-0005", "MGASA-2016-0225", "MGASA-2016-0233", "MGASA-2016-0015", "MGASA-2016-0232", "MGASA-2016-0014"], "type": "mageia"}, {"idList": ["FEDORA:9D2976087C32", "FEDORA:C7C84604E909", "FEDORA:AA4AD60600CD", "FEDORA:BAFAB6087824", "FEDORA:E328560486E4", "FEDORA:9AEA46074A7D", "FEDORA:14809606180F", "FEDORA:DDD4D6087E4D", "FEDORA:52C43604E44B", "FEDORA:581F9608B7DF"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-3396-1:D48F1", "DEBIAN:DSA-3426-1:AC984", "DEBIAN:DLA-360-1:6C323", "DEBIAN:DSA-3426-1:7C23A", "DEBIAN:DSA-3364-1:5D544", "DEBIAN:DSA-3396-1:605FF", "DEBIAN:DLA-310-1:EAC5D", "DEBIAN:DSA-3364-1:B19FA"], "type": "debian"}, {"idList": ["LENOVO:PS500321-NOSID"], "type": "lenovo"}, {"idList": ["OSV:DSA-3426-1", "OSV:DSA-3364-1", "OSV:DSA-3396-1", "OSV:DLA-310-1"], "type": "osv"}, {"idList": ["UB:CVE-2015-7833", "UB:CVE-2015-7990", "UB:CVE-2015-7799", "UB:CVE-2015-6937", "UB:CVE-2015-8324", "UB:CVE-2013-7446"], "type": "ubuntucve"}, {"idList": ["DEBIANCVE:CVE-2015-7799", "DEBIANCVE:CVE-2015-8324", "DEBIANCVE:CVE-2015-7833", "DEBIANCVE:CVE-2013-7446", "DEBIANCVE:CVE-2015-7990", "DEBIANCVE:CVE-2015-6937"], "type": "debiancve"}, {"idList": ["CESA-2016:0855"], "type": "centos"}, {"idList": ["CFOUNDRY:DBE2857E4A4B43C72E03FDC8B6460BBB", "CFOUNDRY:1E92DA1FCC786D8CF92EF17F4A659881", "CFOUNDRY:C4D044657909D168617F0C63F623467E"], "type": "cloudfoundry"}, {"idList": ["SUSE-SU-2016:2003-1", "SUSE-SU-2016:0354-1", "SUSE-SU-2016:0757-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:0380-1", "SUSE-SU-2016:0745-1", "SUSE-SU-2016:0434-1", "SUSE-SU-2016:2011-1", "OPENSUSE-SU-2016:2144-1", "SUSE-SU-2016:0752-1", "SUSE-SU-2016:2245-1", "OPENSUSE-SU-2016:1008-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2016:0751-1", "SUSE-SU-2016:2014-1", "SUSE-SU-2016:0750-1", "OPENSUSE-SU-2016:2649-1", "SUSE-SU-2016:1961-1", "SUSE-SU-2016:0753-1", "SUSE-SU-2015:2108-1", "SUSE-SU-2016:2006-1", "SUSE-SU-2016:0785-1", "SUSE-SU-2015:2350-1", "SUSE-SU-2015:2339-1", "SUSE-SU-2016:0754-1", "SUSE-SU-2015:1727-1", "SUSE-SU-2016:0746-1", "SUSE-SU-2016:2007-1", "SUSE-SU-2016:0749-1", "SUSE-SU-2016:0335-1", "SUSE-SU-2016:0755-1", "SUSE-SU-2016:0384-1", "SUSE-SU-2016:0386-1", "SUSE-SU-2016:0756-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:0337-1", "SUSE-SU-2016:1995-1", "SUSE-SU-2016:0381-1", "SUSE-SU-2016:2005-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0747-1", "OPENSUSE-SU-2016:0318-1", "SUSE-SU-2016:2002-1", "SUSE-SU-2016:0383-1", "SUSE-SU-2016:1985-1", "SUSE-SU-2016:2105-1", "SUSE-SU-2016:2010-1", "OPENSUSE-SU-2016:1641-1", "SUSE-SU-2015:2194-1", "SUSE-SU-2016:2000-1", "OPENSUSE-SU-2016:2184-1", "SUSE-SU-2016:2001-1", "SUSE-SU-2016:1994-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:0387-1", "SUSE-SU-2015:2292-1", "OPENSUSE-SU-2016:0301-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:2009-1"], "type": "suse"}, {"idList": ["SECURITYVULNS:DOC:32513", "SECURITYVULNS:VULN:14579"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310842690", "OPENVAS:1361412562310842692", "OPENVAS:1361412562310842686", "OPENVAS:1361412562310842741", "OPENVAS:1361412562310842494", "OPENVAS:1361412562310842622", "OPENVAS:1361412562310851386", "OPENVAS:703364", "OPENVAS:1361412562310842708", "OPENVAS:1361412562310850904", "OPENVAS:1361412562310842569", "OPENVAS:1361412562311220191477", "OPENVAS:1361412562311220191488", "OPENVAS:1361412562310842628", "OPENVAS:1361412562311220191533", "OPENVAS:1361412562310842496", "OPENVAS:1361412562310869982", "OPENVAS:1361412562311220191474", "OPENVAS:1361412562311220191536", "OPENVAS:1361412562310842572", "OPENVAS:1361412562310842627", "OPENVAS:1361412562310842573", "OPENVAS:703426", "OPENVAS:1361412562310842568", "OPENVAS:1361412562310869986", "OPENVAS:1361412562310842498", "OPENVAS:1361412562310703364", "OPENVAS:1361412562310842574", "OPENVAS:1361412562310842565", "OPENVAS:1361412562310851197", "OPENVAS:1361412562310842713", "OPENVAS:1361412562310851349", "OPENVAS:1361412562310131182", "OPENVAS:703396", "OPENVAS:1361412562310842575", "OPENVAS:1361412562310842624", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310131175", "OPENVAS:1361412562310851242", "OPENVAS:1361412562310842621", "OPENVAS:1361412562310851388", "OPENVAS:1361412562310122732", "OPENVAS:1361412562310842735", "OPENVAS:1361412562311220191505", "OPENVAS:1361412562310842623", "OPENVAS:1361412562310842631", "OPENVAS:1361412562310842500", "OPENVAS:1361412562310851273", "OPENVAS:1361412562310842499", "OPENVAS:1361412562310871611", "OPENVAS:1361412562310842493", "OPENVAS:1361412562310842629", "OPENVAS:1361412562310842712", "OPENVAS:1361412562310842710", "OPENVAS:1361412562310851138", "OPENVAS:1361412562310842492", "OPENVAS:1361412562310703396", "OPENVAS:1361412562310842625", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310842571", "OPENVAS:1361412562310703426", "OPENVAS:1361412562310842632", "OPENVAS:1361412562311220192531"], "type": "openvas"}, {"idList": ["USN-2886-2", "USN-2842-2", "USN-2773-1", "USN-2886-1", "USN-2776-1", "USN-2947-1", "USN-2890-2", "USN-2967-1", "USN-2775-1", "USN-2779-1", "USN-2929-1", "USN-2889-1", "USN-2948-2", "USN-2841-2", "USN-2887-1", "USN-2887-2", "USN-2843-1", "USN-2947-2", "USN-2948-1", "USN-2932-1", "USN-2777-1", "USN-2842-1", "USN-2778-1", "USN-2888-1", "USN-2929-2", "USN-2841-1", "USN-2889-2", "USN-2774-1", "USN-2844-1", "USN-2843-2", "USN-2947-3", "USN-2843-3", "USN-2890-3", "USN-2890-1", "USN-2967-2"], "type": "ubuntu"}, {"idList": ["RHSA-2016:0855"], "type": "redhat"}, {"idList": ["UBUNTU_USN-2776-1.NASL", "SL_20160510_KERNEL_ON_SL6_X.NASL", "UBUNTU_USN-2932-1.NASL", "DEBIAN_DLA-310.NASL", "SUSE_SU-2016-2001-1.NASL", "UBUNTU_USN-2775-1.NASL", "DEBIAN_DLA-360.NASL", "SUSE_SU-2015-2108-1.NASL", "SUSE_SU-2016-0585-1.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "UBUNTU_USN-2967-1.NASL", "ORACLEVM_OVMSA-2016-0100.NASL", "UBUNTU_USN-2842-1.NASL", "UBUNTU_USN-2841-1.NASL", "UBUNTU_USN-2887-2.NASL", "EULEROS_SA-2021-2857.NASL", "SUSE_SU-2016-2014-1.NASL", "CENTOS_RHSA-2016-0855.NASL", "UBUNTU_USN-2841-2.NASL", "UBUNTU_USN-2842-2.NASL", "FEDORA_2015-115C302856.NASL", "ORACLELINUX_ELSA-2017-3516.NASL", "UBUNTU_USN-2843-1.NASL", "UBUNTU_USN-2778-1.NASL", "UBUNTU_USN-2886-1.NASL", "UBUNTU_USN-2890-3.NASL", "DEBIAN_DSA-3426-1.NASL", "OPENSUSE-2015-879.NASL", "UBUNTU_USN-2843-3.NASL", "FEDORA_2015-C1C2F5E168.NASL", "SUSE_SU-2015-2292-1.NASL", "SUSE_SU-2016-2006-1.NASL", "OPENSUSE-2016-124.NASL", "SUSE_SU-2016-2002-1.NASL", "UBUNTU_USN-2887-1.NASL", "SUSE_SU-2016-2245-1.NASL", "FEDORA_2015-C4ED00A68F.NASL", "UBUNTU_USN-2890-1.NASL", "OPENSUSE-2016-753.NASL", "ORACLEVM_OVMSA-2015-0147.NASL", "EULEROS_SA-2019-1533.NASL", "ORACLEVM_OVMSA-2017-0041.NASL", "UBUNTU_USN-2947-2.NASL", "ORACLELINUX_ELSA-2015-3098.NASL", "ORACLELINUX_ELSA-2016-0855.NASL", "SUSE_SU-2016-2105-1.NASL", "UBUNTU_USN-2844-1.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "OPENSUSE-2016-1015.NASL", "DEBIAN_DSA-3396.NASL", "ORACLELINUX_ELSA-2016-3596.NASL", "EULEROS_SA-2019-2531.NASL", "UBUNTU_USN-2948-1.NASL", "DEBIAN_DSA-3364.NASL", "OPENSUSE-2016-445.NASL", "FEDORA_2015-CD94AD8D7C.NASL", "F5_BIGIP_SOL20022580.NASL", "FEDORA_2015-16417.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-2773-1.NASL", "EULEROS_SA-2019-1505.NASL", "FEDORA_2015-16440.NASL", "FEDORA_2015-C59710B05D.NASL", "ORACLELINUX_ELSA-2017-3515.NASL", "SOLARIS_OCT2018_SRU11_4_1_4_0.NASL", "UBUNTU_USN-2890-2.NASL", "UBUNTU_USN-2948-2.NASL", "UBUNTU_USN-2889-2.NASL", "FEDORA_2015-F2C534BC12.NASL", "UBUNTU_USN-2929-1.NASL", "UBUNTU_USN-2777-1.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "REDHAT-RHSA-2016-0855.NASL", "FEDORA_2015-16441.NASL", "UBUNTU_USN-2779-1.NASL", "UBUNTU_USN-2947-1.NASL", "SUSE_SU-2016-1203-1.NASL", "UBUNTU_USN-2929-2.NASL", "UBUNTU_USN-2888-1.NASL", "OPENSUSE-2016-136.NASL", "SUSE_SU-2016-2010-1.NASL", "ORACLELINUX_ELSA-2016-3567.NASL", "ORACLELINUX_ELSA-2017-3534.NASL", "UBUNTU_USN-2843-2.NASL", "SUSE_SU-2016-1995-1.NASL", "SUSE_SU-2015-2194-1.NASL", "SUSE_SU-2016-2005-1.NASL", "F5_BIGIP_SOL98102572.NASL", "EULEROS_SA-2019-1477.NASL", "SUSE_SU-2016-0785-1.NASL", "EULEROS_SA-2019-1536.NASL", "OPENSUSE-2016-1029.NASL", "SUSE_SU-2015-2339-1.NASL", "FEDORA_2015-AC9A19888E.NASL", "SUSE_SU-2015-1727-1.NASL", "ORACLEVM_OVMSA-2017-0040.NASL", "UBUNTU_USN-2947-3.NASL", "SUSE_SU-2017-0333-1.NASL", "EULEROS_SA-2019-1474.NASL", "EULEROS_SA-2019-1488.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-0911-1.NASL"], "type": "nessus"}, {"idList": ["SOL20022580", "F5:K98102572", "F5:K20022580", "SOL98102572"], "type": "f5"}, {"idList": ["CVE-2015-8324", "CVE-2015-7990", "CVE-2015-7833", "CVE-2015-7799", "CVE-2013-7446", "CVE-2015-6937"], "type": "cve"}, {"idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"], "type": "oracle"}, {"idList": ["ELSA-2017-3515", "ELSA-2016-0855", "ELSA-2015-3098", "ELSA-2017-3516", "ELSA-2017-3567", "ELSA-2016-3567", "ELSA-2017-3534"], "type": "oraclelinux"}, {"idList": ["ANDROID:CVE-2013-7446"], "type": "android"}]}, "score": {"value": 1.2, "vector": "NONE"}, "epss": [{"cve": "CVE-2015-8324", "epss": "0.002410000", "percentile": "0.602920000", "modified": "2023-03-20"}, {"cve": "CVE-2015-7990", "epss": "0.000440000", "percentile": "0.081790000", "modified": "2023-03-20"}, {"cve": "CVE-2015-7833", "epss": "0.001950000", "percentile": "0.555960000", "modified": "2023-03-20"}, {"cve": "CVE-2015-7799", "epss": "0.000440000", "percentile": "0.081790000", "modified": "2023-03-20"}, {"cve": "CVE-2013-7446", "epss": "0.000460000", "percentile": "0.139520000", "modified": "2023-03-20"}, {"cve": "CVE-2015-6937", "epss": "0.000440000", "percentile": "0.081790000", "modified": "2023-03-20"}], "vulnersScore": 1.2}, "_state": {"dependencies": 1659994789, "score": 1684016453, "affected_software_major_version": 1666703109, "epss": 1679338714}, "_internal": {"score_hash": "82eac8550a3e2b38923e57ad85d5144a"}, "affectedSoftware": [{"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze16"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-30"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze10"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-39"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-32"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-41squeeze2"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-41"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-43"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze13"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-44"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-36"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze14"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze4"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-38"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-47"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-40"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze5"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze11"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-46"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze9"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-34"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-35squeeze1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-45"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-35"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-46squeeze1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-39squeeze1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze3"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-35~bpo50+1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze6"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-34squeeze1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-35squeeze2"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-31~bpo50+1"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-31"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-37"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-33"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze7"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze8"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-48squeeze12"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-30+m68k.5"}, {"name": "linux-2.6", "operator": "eq", "version": "2.6.32-42"}]}

{"debian": [{"lastseen": "2022-12-18T00:49:11", "description": "Package\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0: linux-2.6\nVersion\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0: 2.6.32-48squeeze17\nCVE ID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0: CVE-2013-7446 CVE-2015-7799 CVE-2015-7833 CVE-2015-7990 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0CVE-2015-8324\n\nThis update fixes the CVEs described below.\n\nCVE-2013-7446\n\n\u00a0\u00a0\u00a0\u00a0Dmitry Vyukov discovered that a particular sequence of valid\n\u00a0\u00a0\u00a0\u00a0operations on local (AF_UNIX) sockets can result in a\n\u00a0\u00a0\u00a0\u00a0use-after-free.\u00a0\u00a0This may be used to cause a denial of service\n\u00a0\u00a0\u00a0\u00a0(crash) or possibly for privilege escalation.\n\nCVE-2015-7799\n\n\u00a0\u00a0\u00a0\u00a0\u90ed\u6c38\u521a discovered that a user granted access to /dev/ppp can cause\n\u00a0\u00a0\u00a0\u00a0a denial of service (crash) by passing invalid parameters to the\n\u00a0\u00a0\u00a0\u00a0PPPIOCSMAXCID ioctl.\u00a0\u00a0This also applies to ISDN PPP device nodes.\n\nCVE-2015-7833\n\n\u00a0\u00a0\u00a0\u00a0Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\n\u00a0\u00a0\u00a0\u00a0flaw in the processing of certain USB device descriptors in the\n\u00a0\u00a0\u00a0\u00a0usbvision driver. An attacker with physical access to the system can\n\u00a0\u00a0\u00a0\u00a0use this flaw to crash the system.\n\nCVE-2015-7990\n\n\u00a0\u00a0\u00a0\u00a0It was discovered that the fix for CVE-2015-6937 was incomplete. A\n\u00a0\u00a0\u00a0\u00a0race condition when sending a message on unbound socket can still\n\u00a0\u00a0\u00a0\u00a0cause a NULL pointer dereference. A remote attacker might be able to\n\u00a0\u00a0\u00a0\u00a0cause a denial of service (crash) by sending a crafted packet.\n\nCVE-2015-8324\n\n\u00a0\u00a0\u00a0\u00a0&quot;Valintinr&quot; reported that an attempt to mount a corrupted ext4\n\u00a0\u00a0\u00a0\u00a0filesystem may result in a kernel panic.\u00a0\u00a0A user permitted to\n\u00a0\u00a0\u00a0\u00a0mount filesystems could use this flaw to crash the system.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze17.\u00a0\u00a0We recommend that you upgrade your\nlinux-2.6 packages.\n\nFor the oldstable (wheezy) and stable (jessie) distributions,\nCVE-2015-7833, CVE-2015-7990 and CVE-2015-8324 have been fixed and the\nother issues will be fixed soon.\n\n-- \nBen Hutchings - Debian developer, member of Linux kernel and LTS teams\n\n\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.8, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-12-08T14:08:00", "type": "debian", "title": "[SECURITY] [DLA 360-1] linux-2.6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7446", "CVE-2015-6937", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-7990", "CVE-2015-8324"], "modified": "2015-12-08T14:08:00", "id": "DEBIAN:DLA-360-1:6C323", "href": "https://lists.debian.org/debian-lts-announce/2015/12/msg00002.html", "cvss": {"score": 5.9, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-05-02T16:29:44", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3396-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nNovember 10, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-5307 CVE-2015-7833 CVE-2015-7872 CVE-2015-7990\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service.\n\nCVE-2015-5307\n\n Ben Serebrin from Google discovered a guest to host denial of\n service flaw affecting the KVM hypervisor. A malicious guest can\n trigger an infinite stream of &quot;alignment check&quot; (#AC) exceptions\n causing the processor microcode to enter an infinite loop where the\n core never receives another interrupt. This leads to a panic of the\n host kernel.\n\nCVE-2015-7833\n\n Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\n flaw in the processing of certain USB device descriptors in the\n usbvision driver. An attacker with physical access to the system can\n use this flaw to crash the system.\n\nCVE-2015-7872\n\n Dmitry Vyukov discovered a vulnerability in the keyrings garbage\n collector allowing a local user to trigger a kernel panic.\n\nCVE-2015-7990\n\n It was discovered that the fix for CVE-2015-6937 was incomplete. A\n race condition when sending a message on unbound socket can still\n cause a NULL pointer dereference. A remote attacker might be able to\n cause a denial of service (crash) by sending a crafted packet.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.68-1+deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt11-1+deb8u6.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.8, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-11-10T08:08:51", "type": "debian", "title": "[SECURITY] [DSA 3396-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7833", "CVE-2015-7872", "CVE-2015-7990"], "modified": "2015-11-10T08:08:51", "id": "DEBIAN:DSA-3396-1:D48F1", "href": "https://lists.debian.org/debian-security-announce/2015/msg00299.html", "cvss": {"score": 5.9, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2021-10-21T22:42:39", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3396-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nNovember 10, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-5307 CVE-2015-7833 CVE-2015-7872 CVE-2015-7990\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service.\n\nCVE-2015-5307\n\n Ben Serebrin from Google discovered a guest to host denial of\n service flaw affecting the KVM hypervisor. A malicious guest can\n trigger an infinite stream of &quot;alignment check&quot; (#AC) exceptions\n causing the processor microcode to enter an infinite loop where the\n core never receives another interrupt. This leads to a panic of the\n host kernel.\n\nCVE-2015-7833\n\n Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\n flaw in the processing of certain USB device descriptors in the\n usbvision driver. An attacker with physical access to the system can\n use this flaw to crash the system.\n\nCVE-2015-7872\n\n Dmitry Vyukov discovered a vulnerability in the keyrings garbage\n collector allowing a local user to trigger a kernel panic.\n\nCVE-2015-7990\n\n It was discovered that the fix for CVE-2015-6937 was incomplete. A\n race condition when sending a message on unbound socket can still\n cause a NULL pointer dereference. A remote attacker might be able to\n cause a denial of service (crash) by sending a crafted packet.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.68-1+deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt11-1+deb8u6.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 5.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.7}, "published": "2015-11-10T08:08:51", "type": "debian", "title": "[SECURITY] [DSA 3396-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7833", "CVE-2015-7872", "CVE-2015-7990"], "modified": "2015-11-10T08:08:51", "id": "DEBIAN:DSA-3396-1:605FF", "href": "https://lists.debian.org/debian-security-announce/2015/msg00299.html", "cvss": {"score": 5.9, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-05-02T16:28:22", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3426-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 17, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2013-7446 CVE-2015-7799 CVE-2015-7833 CVE-2015-8104\n CVE-2015-8374 CVE-2015-8543\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, information leak\nor data loss.\n\nCVE-2013-7446\n\n Dmitry Vyukov discovered that a particular sequence of valid\n operations on local (AF_UNIX) sockets can result in a\n use-after-free. This may be used to cause a denial of service\n (crash) or possibly for privilege escalation.\n\nCVE-2015-7799\n\n It was discovered that a user granted access to /dev/ppp can cause a\n denial of service (crash) by passing invalid parameters to the\n PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.\n\nCVE-2015-7833\n\n Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\n flaw in the processing of certain USB device descriptors in the\n usbvision driver. An attacker with physical access to the system can\n use this flaw to crash the system. This was partly fixed by the\n changes listed in DSA 3396-1.\n\nCVE-2015-8104\n\n Jan Beulich reported a guest to host denial-of-service flaw\n affecting the KVM hypervisor running on AMD processors. A malicious\n guest can trigger an infinite stream of &quot;debug&quot; (#DB) exceptions\n causing the processor microcode to enter an infinite loop where the\n core never receives another interrupt. This leads to a panic of the\n host kernel.\n\nCVE-2015-8374\n\n It was discovered that Btrfs did not correctly implement truncation\n of compressed inline extents. This could lead to an information\n leak, if a file is truncated and later made readable by other users.\n Additionally, it could cause data loss. This has been fixed for the\n stable distribution (jessie) only.\n\nCVE-2015-8543\n\n It was discovered that a local user permitted to create raw sockets\n could cause a denial-of-service by specifying an invalid protocol\n number for the socket. The attacker must have the CAP_NET_RAW\n capability in their user namespace. This has been fixed for the\n stable distribution (jessie) only.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.73-2+deb7u1. In addition, this update contains several\nchanges originally targeted for the upcoming Wheezy point release.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt20-1+deb8u1. In addition, this update contains several\nchanges originally targeted for the upcoming Jessie point release.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-17T22:39:14", "type": "debian", "title": "[SECURITY] [DSA 3426-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7446", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-8104", "CVE-2015-8374", "CVE-2015-8543"], "modified": "2015-12-17T22:39:14", "id": "DEBIAN:DSA-3426-1:AC984", "href": "https://lists.debian.org/debian-security-announce/2015/msg00333.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T22:39:43", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3426-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 17, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2013-7446 CVE-2015-7799 CVE-2015-7833 CVE-2015-8104\n CVE-2015-8374 CVE-2015-8543\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, information leak\nor data loss.\n\nCVE-2013-7446\n\n Dmitry Vyukov discovered that a particular sequence of valid\n operations on local (AF_UNIX) sockets can result in a\n use-after-free. This may be used to cause a denial of service\n (crash) or possibly for privilege escalation.\n\nCVE-2015-7799\n\n It was discovered that a user granted access to /dev/ppp can cause a\n denial of service (crash) by passing invalid parameters to the\n PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.\n\nCVE-2015-7833\n\n Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\n flaw in the processing of certain USB device descriptors in the\n usbvision driver. An attacker with physical access to the system can\n use this flaw to crash the system. This was partly fixed by the\n changes listed in DSA 3396-1.\n\nCVE-2015-8104\n\n Jan Beulich reported a guest to host denial-of-service flaw\n affecting the KVM hypervisor running on AMD processors. A malicious\n guest can trigger an infinite stream of &quot;debug&quot; (#DB) exceptions\n causing the processor microcode to enter an infinite loop where the\n core never receives another interrupt. This leads to a panic of the\n host kernel.\n\nCVE-2015-8374\n\n It was discovered that Btrfs did not correctly implement truncation\n of compressed inline extents. This could lead to an information\n leak, if a file is truncated and later made readable by other users.\n Additionally, it could cause data loss. This has been fixed for the\n stable distribution (jessie) only.\n\nCVE-2015-8543\n\n It was discovered that a local user permitted to create raw sockets\n could cause a denial-of-service by specifying an invalid protocol\n number for the socket. The attacker must have the CAP_NET_RAW\n capability in their user namespace. This has been fixed for the\n stable distribution (jessie) only.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.73-2+deb7u1. In addition, this update contains several\nchanges originally targeted for the upcoming Wheezy point release.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt20-1+deb8u1. In addition, this update contains several\nchanges originally targeted for the upcoming Jessie point release.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2015-12-17T22:39:14", "type": "debian", "title": "[SECURITY] [DSA 3426-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7446", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-8104", "CVE-2015-8374", "CVE-2015-8543"], "modified": "2015-12-17T22:39:14", "id": "DEBIAN:DSA-3426-1:7C23A", "href": "https://lists.debian.org/debian-security-announce/2015/msg00333.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T22:44:22", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3364-1 security@debian.org\nhttps://www.debian.org/security/ Ben Hutchings\nSeptember 21, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-0272 CVE-2015-2925 CVE-2015-5156 CVE-2015-6252 \n CVE-2015-6937\nDebian Bug : 796036\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial of service.\n\nCVE-2015-0272\n\n It was discovered that NetworkManager would set IPv6 MTUs based on\n the values received in IPv6 RAs (Router Advertisements), without\n sufficiently validating these values. A remote attacker could\n exploit this attack to disable IPv6 connectivity. This has been\n mitigated by adding validation in the kernel.\n\nCVE-2015-2925\n\n Jann Horn discovered that when a subdirectory of a filesystem is\n bind-mounted into a container that has its own user and mount\n namespaces, a process with CAP_SYS_ADMIN capability in the user\n namespace can access files outside of the subdirectory. The\n default Debian configuration mitigated this as it does not allow\n unprivileged users to create new user namespaces.\n\nCVE-2015-5156\n\n Jason Wang discovered that when a virtio_net device is connected\n to a bridge in the same VM, a series of TCP packets forwarded\n through the bridge may cause a heap buffer overflow. A remote\n attacker could use this to cause a denial of service (crash) or\n possibly for privilege escalation.\n\nCVE-2015-6252\n\n Michael S. Tsirkin of Red Hat Engineering found that the vhost\n driver leaked file descriptors passed to it with the\n VHOST_SET_LOG_FD ioctl command. A privileged local user with access\n to the /dev/vhost-net file, either directly or via libvirt, could\n use this to cause a denial of service (hang or crash).\n\nCVE-2015-6937\n\n It was found that the Reliable Datagram Sockets (RDS) protocol\n implementation did not verify that an underlying transport exists\n when creating a connection. Depending on how a local RDS\n application initialised its sockets, a remote attacker might be\n able to cause a denial of service (crash) by sending a crafted\n packet.\n\n#796036\n\n Xavier Chantry discovered that the patch provided by the aufs\n project to correct behaviour of memory-mapped files from an aufs\n mount introduced a race condition in the msync() system call.\n Ben Hutchings found that it also introduced a similar bug in the\n madvise_remove() function. A local attacker could use this to\n cause a denial of service or possibly for privilege escalation.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.68-1+deb7u4. CVE-2015-2925 and #796036 do not affect the\nwheezy distribution.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt11-1+deb8u4.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-09-21T18:43:25", "type": "debian", "title": "[SECURITY] [DSA 3364-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0272", "CVE-2015-2925", "CVE-2015-5156", "CVE-2015-6252", "CVE-2015-6937"], "modified": "2015-09-21T18:43:25", "id": "DEBIAN:DSA-3364-1:5D544", "href": "https://lists.debian.org/debian-security-announce/2015/msg00263.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-02T16:31:19", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3364-1 security@debian.org\nhttps://www.debian.org/security/ Ben Hutchings\nSeptember 21, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2015-0272 CVE-2015-2925 CVE-2015-5156 CVE-2015-6252 \n CVE-2015-6937\nDebian Bug : 796036\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial of service.\n\nCVE-2015-0272\n\n It was discovered that NetworkManager would set IPv6 MTUs based on\n the values received in IPv6 RAs (Router Advertisements), without\n sufficiently validating these values. A remote attacker could\n exploit this attack to disable IPv6 connectivity. This has been\n mitigated by adding validation in the kernel.\n\nCVE-2015-2925\n\n Jann Horn discovered that when a subdirectory of a filesystem is\n bind-mounted into a container that has its own user and mount\n namespaces, a process with CAP_SYS_ADMIN capability in the user\n namespace can access files outside of the subdirectory. The\n default Debian configuration mitigated this as it does not allow\n unprivileged users to create new user namespaces.\n\nCVE-2015-5156\n\n Jason Wang discovered that when a virtio_net device is connected\n to a bridge in the same VM, a series of TCP packets forwarded\n through the bridge may cause a heap buffer overflow. A remote\n attacker could use this to cause a denial of service (crash) or\n possibly for privilege escalation.\n\nCVE-2015-6252\n\n Michael S. Tsirkin of Red Hat Engineering found that the vhost\n driver leaked file descriptors passed to it with the\n VHOST_SET_LOG_FD ioctl command. A privileged local user with access\n to the /dev/vhost-net file, either directly or via libvirt, could\n use this to cause a denial of service (hang or crash).\n\nCVE-2015-6937\n\n It was found that the Reliable Datagram Sockets (RDS) protocol\n implementation did not verify that an underlying transport exists\n when creating a connection. Depending on how a local RDS\n application initialised its sockets, a remote attacker might be\n able to cause a denial of service (crash) by sending a crafted\n packet.\n\n#796036\n\n Xavier Chantry discovered that the patch provided by the aufs\n project to correct behaviour of memory-mapped files from an aufs\n mount introduced a race condition in the msync() system call.\n Ben Hutchings found that it also introduced a similar bug in the\n madvise_remove() function. A local attacker could use this to\n cause a denial of service or possibly for privilege escalation.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.2.68-1+deb7u4. CVE-2015-2925 and #796036 do not affect the\nwheezy distribution.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.7-ckt11-1+deb8u4.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-09-21T18:43:25", "type": "debian", "title": "[SECURITY] [DSA 3364-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0272", "CVE-2015-2925", "CVE-2015-5156", "CVE-2015-6252", "CVE-2015-6937"], "modified": "2015-09-21T18:43:25", "id": "DEBIAN:DSA-3364-1:B19FA", "href": "https://lists.debian.org/debian-security-announce/2015/msg00263.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:18:05", "description": "This update fixes the CVEs described below.\n\nCVE-2013-7446\n\nDmitry Vyukov discovered that a particular sequence of valid operations on local (AF_UNIX) sockets can result in a use-after-free.\nThis may be used to cause a denial of service (crash) or possibly for privilege escalation.\n\nCVE-2015-7799\n\n&#x90ED;&#x6C38;&#x521A; discovered that a user granted access to /dev/ppp can cause a denial of service (crash) by passing invalid parameters to the PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.\n\nCVE-2015-7833\n\nSergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a flaw in the processing of certain USB device descriptors in the usbvision driver. An attacker with physical access to the system can use this flaw to crash the system.\n\nCVE-2015-7990\n\nIt was discovered that the fix for CVE-2015-6937 was incomplete. A race condition when sending a message on unbound socket can still cause a NULL pointer dereference. A remote attacker might be able to cause a denial of service (crash) by sending a crafted packet.\n\nCVE-2015-8324\n\n'Valintinr' reported that an attempt to mount a corrupted ext4 filesystem may result in a kernel panic. A user permitted to mount filesystems could use this flaw to crash the system.\n\nFor the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze17. We recommend that you upgrade your linux-2.6 packages.\n\nFor the oldstable (wheezy) and stable (jessie) distributions, CVE-2015-7833, CVE-2015-7990 and CVE-2015-8324 have been fixed and the other issues will be fixed soon.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-09T00:00:00", "type": "nessus", "title": "Debian DLA-360-1 : linux-2.6 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-6937", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-7990", "CVE-2015-8324"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firmware-linux-free", "p-cpe:/a:debian:debian_linux:linux-base", "p-cpe:/a:debian:debian_linux:linux-doc-2.6.32", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-2.6.32", "p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32", "p-cpe:/a:debian:debian_linux:linux-source-2.6.32", "p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5", "p-cpe:/a:debian:debian_linux:linux-tools-2.6.32", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-360.NASL", "href": "https://www.tenable.com/plugins/nessus/87265", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-360-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87265);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7799\", \"CVE-2015-7833\", \"CVE-2015-7990\", \"CVE-2015-8324\");\n\n script_name(english:\"Debian DLA-360-1 : linux-2.6 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the CVEs described below.\n\nCVE-2013-7446\n\nDmitry Vyukov discovered that a particular sequence of valid\noperations on local (AF_UNIX) sockets can result in a use-after-free.\nThis may be used to cause a denial of service (crash) or possibly for\nprivilege escalation.\n\nCVE-2015-7799\n\n&#x90ED;&#x6C38;&#x521A; discovered that a user granted access to\n/dev/ppp can cause a denial of service (crash) by passing invalid\nparameters to the PPPIOCSMAXCID ioctl. This also applies to ISDN PPP\ndevice nodes.\n\nCVE-2015-7833\n\nSergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a\nflaw in the processing of certain USB device descriptors in the\nusbvision driver. An attacker with physical access to the system can\nuse this flaw to crash the system.\n\nCVE-2015-7990\n\nIt was discovered that the fix for CVE-2015-6937 was incomplete. A\nrace condition when sending a message on unbound socket can still\ncause a NULL pointer dereference. A remote attacker might be able to\ncause a denial of service (crash) by sending a crafted packet.\n\nCVE-2015-8324\n\n'Valintinr' reported that an attempt to mount a corrupted ext4\nfilesystem may result in a kernel panic. A user permitted to mount\nfilesystems could use this flaw to crash the system.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze17. We recommend that you upgrade\nyour linux-2.6 packages.\n\nFor the oldstable (wheezy) and stable (jessie) distributions,\nCVE-2015-7833, CVE-2015-7990 and CVE-2015-8324 have been fixed and the\nother issues will be fixed soon.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/12/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/linux-2.6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firmware-linux-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-tools-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"firmware-linux-free\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-base\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-doc-2.6.32\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-486\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-i386\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-openvz\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-vserver\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-xen\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-486\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64-dbg\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-libc-dev\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-manual-2.6.32\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-patch-debian-2.6.32\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-source-2.6.32\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-support-2.6.32-5\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-tools-2.6.32\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:44", "description": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. (CVE-2015-7990)", "cvss3": {}, "published": "2017-07-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K98102572)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6937", "CVE-2015-7990"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL98102572.NASL", "href": "https://www.tenable.com/plugins/nessus/101324", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K98102572.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101324);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2015-6937\", \"CVE-2015-7990\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K98102572)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the\nLinux kernel before 4.3.3 allows local users to cause a denial of\nservice (NULL pointer dereference and system crash) or possibly have\nunspecified other impact by using a socket that was not properly\nbound. NOTE: this vulnerability exists because of an incomplete fix\nfor CVE-2015-6937. (CVE-2015-7990)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K98102572\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K98102572.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K98102572\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:18", "description": "The Linux Kernel was updated to 4.1.13 and fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.\n\n - CVE-2015-7990: A local denial of service due to an incomplete fix of CVE-2015-6937 could lead to crashes (local denial of service).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.\n\nBugs fixed :\n\n - alsa: hda - apply hp headphone fixups more generically (boo#954876).\n\n - alsa: hda - add fixup for acer aspire one cloudbook 14 (boo#954876).\n\n - alsa: hda - fix headphone noise after dell xps 13 resume back from S3 (boo#954876).\n\n - alsa: hda - fix noise on dell latitude e6440 (boo#954876).\n\n - alsa: hda/hdmi - apply skylake fix-ups to broxton display codec (boo#954647).\n\n - alsa: hda - add codec id for broxton display audio codec (boo#954647).\n\n - alsa: hda/realtek - dell xps one alc3260 speaker no sound after resume back (boo#954647).\n\n - alsa: hda - yet another fix for dell headset mic with alc3266 (boo#954647).\n\n - alsa: hda - fix dell laptop for internal mic/headset mic (boo#954647).\n\n - alsa: hda - remove no physical connection pins from pin_quirk table (boo#954647).\n\n - alsa: hda - add pin quirk for the headset mic jack detection on Dell laptop (boo#954647).\n\n - alsa: hda - fix the headset mic that will not work on dell desktop machine (boo#954647).\n\n - alsa: hda - remove one pin from alc292_standard_pins (boo#954647).\n\n - alsa: hda - add dock support for thinkpad w541 (17aa:2211) (boo#954647).\n\n - alsa: hda/realtek: enable hp amp and mute led on hp folio 9480m [v3] (boo#954647).\n\n - alsa: hda/realtek - support dell headset mode for alc298 (boo#954647).\n\n - alsa: hda/realtek - support headset mode for alc298 (boo#954647).\n\n - x86/evtchn: make use of physdevop_map_pirq.\n\n - blktap: also call blkif_disconnect() when frontend switched to closed (boo#952976).\n\n - blktap: refine mm tracking (boo#952976).\n\n - update xen patches to linux 4.1.13.\n\n - Backport arm64 patches from sle12-sp1-arm.\n\n - Backport pci-ea patches\n\n - Enable drm_ast driver\n\n - Fix thunderx edac store function\n\n - Update arm64 config files. Align arm64 vanilla configuration with default.\n\n - rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).\n\n - ethernet/atheros/alx: add killer e2400 device id (boo#955363).\n\n - drm/i915: don't override output type for ddi hdmi (boo#955190).\n\n - drm/i915: set best_encoder field of connector_state also when disabling (boo#955190).\n\n - drm/i915: add hotplug activation period to hotplug update mask (boo#955365).\n\n - drm/i915: avoid race of intel_crt_detect_hotplug() with hpd interrupt, v2 (boo#955365).\n\n - drm/i915: shut up gen8+ sde irq dmesg noise (boo#954757).\n\n - ipv6: fix tunnel error handling (boo#952579).\n\n - Update config files (boo#951533).\n\n - iwlwifi: add new pci ids for the 8260 series (boo#954421).\n\n - iwlwifi: edit the 3165 series and 8000 series pci ids (boo#954421).\n\n - x86/efi-bgrt: switch pr_err() to pr_debug() for invalid bgrt (boo#953559).\n\n - x86/tsc: let high latency pit fail fast in quick_pit_calibrate() (boo#953717).\n\n - Backport arm64 patches from sle12-sp1-arm branch Backports to fix Seattle xgbe driver. Fix EL2 page table for systems with high amount of memory. Needed for KVM to work. Convert WARN_ON in numa implementation to pr_warn.\n\n - input: elantech - add fujitsu lifebook u745 to force crc_enabled (boo#883192).", "cvss3": {}, "published": "2015-12-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-obs-qa-xen", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-pv", "p-cpe:/a:novell:opensuse:kernel-pv-base", "p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-pv-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pv-debugsource", "p-cpe:/a:novell:opensuse:kernel-pv-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2015-879.NASL", "href": "https://www.tenable.com/plugins/nessus/87391", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-879.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87391);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-6937\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)\");\n script_summary(english:\"Check for the openSUSE-2015-879 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux Kernel was updated to 4.1.13 and fixes the following \nissues :\n\nSecurity issues fixed :\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #DB (aka\n Debug) exceptions, related to svm.c.\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #AC (aka\n Alignment Check) exceptions, related to svm.c and vmx.c.\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound.\n\n - CVE-2015-7990: A local denial of service due to an\n incomplete fix of CVE-2015-6937 could lead to crashes\n (local denial of service).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call.\n\nBugs fixed :\n\n - alsa: hda - apply hp headphone fixups more generically\n (boo#954876).\n\n - alsa: hda - add fixup for acer aspire one cloudbook 14\n (boo#954876).\n\n - alsa: hda - fix headphone noise after dell xps 13 resume\n back from S3 (boo#954876).\n\n - alsa: hda - fix noise on dell latitude e6440\n (boo#954876).\n\n - alsa: hda/hdmi - apply skylake fix-ups to broxton\n display codec (boo#954647).\n\n - alsa: hda - add codec id for broxton display audio codec\n (boo#954647).\n\n - alsa: hda/realtek - dell xps one alc3260 speaker no\n sound after resume back (boo#954647).\n\n - alsa: hda - yet another fix for dell headset mic with\n alc3266 (boo#954647).\n\n - alsa: hda - fix dell laptop for internal mic/headset mic\n (boo#954647).\n\n - alsa: hda - remove no physical connection pins from\n pin_quirk table (boo#954647).\n\n - alsa: hda - add pin quirk for the headset mic jack\n detection on Dell laptop (boo#954647).\n\n - alsa: hda - fix the headset mic that will not work on\n dell desktop machine (boo#954647).\n\n - alsa: hda - remove one pin from alc292_standard_pins\n (boo#954647).\n\n - alsa: hda - add dock support for thinkpad w541\n (17aa:2211) (boo#954647).\n\n - alsa: hda/realtek: enable hp amp and mute led on hp\n folio 9480m [v3] (boo#954647).\n\n - alsa: hda/realtek - support dell headset mode for alc298\n (boo#954647).\n\n - alsa: hda/realtek - support headset mode for alc298\n (boo#954647).\n\n - x86/evtchn: make use of physdevop_map_pirq.\n\n - blktap: also call blkif_disconnect() when frontend\n switched to closed (boo#952976).\n\n - blktap: refine mm tracking (boo#952976).\n\n - update xen patches to linux 4.1.13.\n\n - Backport arm64 patches from sle12-sp1-arm.\n\n - Backport pci-ea patches\n\n - Enable drm_ast driver\n\n - Fix thunderx edac store function\n\n - Update arm64 config files. Align arm64 vanilla\n configuration with default.\n\n - rtlwifi: rtl8821ae: fix lockups on boot (boo#944978).\n\n - ethernet/atheros/alx: add killer e2400 device id\n (boo#955363).\n\n - drm/i915: don't override output type for ddi hdmi\n (boo#955190).\n\n - drm/i915: set best_encoder field of connector_state also\n when disabling (boo#955190).\n\n - drm/i915: add hotplug activation period to hotplug\n update mask (boo#955365).\n\n - drm/i915: avoid race of intel_crt_detect_hotplug() with\n hpd interrupt, v2 (boo#955365).\n\n - drm/i915: shut up gen8+ sde irq dmesg noise\n (boo#954757).\n\n - ipv6: fix tunnel error handling (boo#952579).\n\n - Update config files (boo#951533).\n\n - iwlwifi: add new pci ids for the 8260 series\n (boo#954421).\n\n - iwlwifi: edit the 3165 series and 8000 series pci ids\n (boo#954421).\n\n - x86/efi-bgrt: switch pr_err() to pr_debug() for invalid\n bgrt (boo#953559).\n\n - x86/tsc: let high latency pit fail fast in\n quick_pit_calibrate() (boo#953717).\n\n - Backport arm64 patches from sle12-sp1-arm branch\n Backports to fix Seattle xgbe driver. Fix EL2 page table\n for systems with high amount of memory. Needed for KVM\n to work. Convert WARN_ON in numa implementation to\n pr_warn.\n\n - input: elantech - add fujitsu lifebook u745 to force\n crc_enabled (boo#883192).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=883192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=944978\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=948758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956856\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pv-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-default-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-docs-html-4.1.13-5.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-docs-pdf-4.1.13-5.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-macros-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-build-4.1.13-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-build-debugsource-4.1.13-5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-qa-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-obs-qa-xen-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-source-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-source-vanilla-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kernel-syms-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-ec2-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pae-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-pv-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-vanilla-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"i686\", reference:\"kernel-xen-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pae-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-pv-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-4.1.13-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-4.1.13-5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:57", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.\n\n - CVE-2015-5307 Ben Serebrin from Google discovered a guest to host denial of service flaw affecting the KVM hypervisor. A malicious guest can trigger an infinite stream of 'alignment check' (#AC) exceptions causing the processor microcode to enter an infinite loop where the core never receives another interrupt. This leads to a panic of the host kernel.\n\n - CVE-2015-7833 Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a flaw in the processing of certain USB device descriptors in the usbvision driver. An attacker with physical access to the system can use this flaw to crash the system.\n\n - CVE-2015-7872 Dmitry Vyukov discovered a vulnerability in the keyrings garbage collector allowing a local user to trigger a kernel panic.\n\n - CVE-2015-7990 It was discovered that the fix for CVE-2015-6937 was incomplete. A race condition when sending a message on unbound socket can still cause a NULL pointer dereference. A remote attacker might be able to cause a denial of service (crash) by sending a crafted packet.", "cvss3": {}, "published": "2015-11-11T00:00:00", "type": "nessus", "title": "Debian DSA-3396-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7833", "CVE-2015-7872", "CVE-2015-7990"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3396.NASL", "href": "https://www.tenable.com/plugins/nessus/86832", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3396. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86832);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7833\", \"CVE-2015-7872\", \"CVE-2015-7990\");\n script_xref(name:\"DSA\", value:\"3396\");\n\n script_name(english:\"Debian DSA-3396-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service.\n\n - CVE-2015-5307\n Ben Serebrin from Google discovered a guest to host\n denial of service flaw affecting the KVM hypervisor. A\n malicious guest can trigger an infinite stream of\n 'alignment check' (#AC) exceptions causing the processor\n microcode to enter an infinite loop where the core never\n receives another interrupt. This leads to a panic of the\n host kernel.\n\n - CVE-2015-7833\n Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg\n discovered a flaw in the processing of certain USB\n device descriptors in the usbvision driver. An attacker\n with physical access to the system can use this flaw to\n crash the system.\n\n - CVE-2015-7872\n Dmitry Vyukov discovered a vulnerability in the keyrings\n garbage collector allowing a local user to trigger a\n kernel panic.\n\n - CVE-2015-7990\n It was discovered that the fix for CVE-2015-6937 was\n incomplete. A race condition when sending a message on\n unbound socket can still cause a NULL pointer\n dereference. A remote attacker might be able to cause a\n denial of service (crash) by sending a crafted packet.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-5307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-6937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3396\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 3.2.68-1+deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt11-1+deb8u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.68-1+deb7u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:37:16", "description": "The remote Debian host is running a version of the Linux kernel prior to 3.2.73-2+deb7u1 on Debian 7 or is running a version of the Linux kernel prior to 3.16.7-ckt20-1+deb8u1 on Debian 8. It is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free error exists in the unix_dgram_poll() function within file net/unix/af_unix.c. A local attacker can exploit this, via specially crafted epoll_ctl calls, to cause a denial of service condition or bypass AF_UNIX socket permissions. (CVE-2013-7446)\n\n - A NULL pointer dereference flaw exists in the slhc_init() function within file drivers/net/slip/slhc.c due to improper validation of slot numbers. A local attacker can exploit this, via specially crafted PPPIOCSMAXCID IOCTL calls, to cause a denial of service condition. (CVE-2015-7799)\n\n - A flaw exists in the usbvision driver that allows a local attacker, via a nonzero bInterfaceNumber value in a USB device descriptor, to cause a kernel panic, resulting in a denial of service condition.\n (CVE-2015-7833)\n\n - An infinite loop condition exists in the KVM subsystem on some unspecified CPU chipsets. A local attacker who has sufficient privileges within a virtual guest OS can exploit this issue, by triggering many debug exceptions, to cause a denial of service condition. (CVE-2015-8104)\n\n - A flaw exists in the truncate_space_check() function within file /fs/btrfs/inode.c due to improper handling of compressed file extents. A local attacker can exploit this, via a clone action, to disclose sensitive pre-truncation information from a file. (CVE-2015-8374)\n\n - A NULL pointer dereference flaw exists in the inet_autobind() function within file net/ipv4/af_inet.c when handling connection attempts via IPv6. A local attacker can exploit this, via a specially crafted SOCK_RAW application that makes use of CLONE_NEWUSER support, to cause a denial of service condition or possibly gain elevated privileges. (CVE-2015-8543)", "cvss3": {}, "published": "2016-08-02T00:00:00", "type": "nessus", "title": "Debian DSA-3426-1 : Linux Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-8104", "CVE-2015-8374", "CVE-2015-8543"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3426-1.NASL", "href": "https://www.tenable.com/plugins/nessus/92679", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were\n# extracted from Debian Security Advisory DSA-3426-1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92679);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2013-7446\",\n \"CVE-2015-7799\",\n \"CVE-2015-7833\",\n \"CVE-2015-8104\",\n \"CVE-2015-8374\",\n \"CVE-2015-8543\"\n );\n script_bugtraq_id(\n 77030,\n 77033,\n 77524,\n 77638,\n 78219,\n 79698\n );\n script_xref(name:\"DSA\", value:\"3426\");\n\n script_name(english:\"Debian DSA-3426-1 : Linux Security Update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian host is running a version of the Linux kernel prior\nto 3.2.73-2+deb7u1 on Debian 7 or is running a version of the Linux\nkernel prior to 3.16.7-ckt20-1+deb8u1 on Debian 8. It is, therefore,\naffected by the following vulnerabilities :\n\n - A use-after-free error exists in the unix_dgram_poll()\n function within file net/unix/af_unix.c. A local\n attacker can exploit this, via specially crafted\n epoll_ctl calls, to cause a denial of service condition\n or bypass AF_UNIX socket permissions. (CVE-2013-7446)\n\n - A NULL pointer dereference flaw exists in the\n slhc_init() function within file drivers/net/slip/slhc.c\n due to improper validation of slot numbers. A local\n attacker can exploit this, via specially crafted\n PPPIOCSMAXCID IOCTL calls, to cause a denial of service\n condition. (CVE-2015-7799)\n\n - A flaw exists in the usbvision driver that allows a\n local attacker, via a nonzero bInterfaceNumber value in\n a USB device descriptor, to cause a kernel panic,\n resulting in a denial of service condition.\n (CVE-2015-7833)\n\n - An infinite loop condition exists in the KVM subsystem\n on some unspecified CPU chipsets. A local attacker who\n has sufficient privileges within a virtual guest OS can\n exploit this issue, by triggering many debug exceptions,\n to cause a denial of service condition. (CVE-2015-8104)\n\n - A flaw exists in the truncate_space_check() function\n within file /fs/btrfs/inode.c due to improper handling\n of compressed file extents. A local attacker can exploit\n this, via a clone action, to disclose sensitive\n pre-truncation information from a file. (CVE-2015-8374)\n\n - A NULL pointer dereference flaw exists in the\n inet_autobind() function within file net/ipv4/af_inet.c\n when handling connection attempts via IPv6. A local\n attacker can exploit this, via a specially crafted\n SOCK_RAW application that makes use of CLONE_NEWUSER\n support, to cause a denial of service condition or\n possibly gain elevated privileges. (CVE-2015-8543)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-7446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-7799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-7833\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.debian.org/security/2015/dsa-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the Linux packages.\n\nFor the oldstable distribution (wheezy), these issues have been fixed\nin version 3.2.73-2+deb7u1. In addition, this update contains several\nchanges originally targeted for the Wheezy point release.\n\nFor the stable distribution (jessie), these issues have been fixed in\nversion 3.16.7-ckt20-1+deb8u1. In addition, this update contains\nseveral changes originally targeted for the Jessie point release.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux-doc-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-486\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-4kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-5kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armel\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armhf\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-i386\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-ia64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mips\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mipsel\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-sparc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common-rt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-iop32x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-itanium\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-ixp4xx\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-kirkwood\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-loongson-2f\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mckinley\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mv78xx0\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mx5\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-octeon\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-omap\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-orion5x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r4k-ip22\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-cobalt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-ip32\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-versatile\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-vexpress\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-486\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-4kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-5kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-iop32x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-itanium\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-ixp4xx\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-kirkwood\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-loongson-2f\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mckinley\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mv78xx0\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mx5\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-octeon\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-omap\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-orion5x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r4k-ip22\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-cobalt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-ip32\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-tape\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-versatile\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-vexpress\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-libc-dev\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-manual-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-source-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-support-3.2.0-4\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"dasd-extra-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"dasd-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fancontrol-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fancontrol-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hypervisor-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hypervisor-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ipv6-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jffs2-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"leds-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-s390\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-4kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-586\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-5kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-686-pae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-armel\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-i386\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-mips\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-mipsel\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-ppc64el\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-armmp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-common\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-2e\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-2f\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-3\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-octeon\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-orion5x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc-smp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc64le\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-r4k-ip22\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-r5k-ip32\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-sb1-bcm91250a\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-versatile\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-4kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-586\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-5kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-686-pae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-arm64-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-armmp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-2e\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-2f\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-3\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-octeon\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-orion5x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc-smp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc64le\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-r4k-ip22\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-r5k-ip32\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-s390x-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-sb1-bcm91250a\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-versatile\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-4\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mtd-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rtc-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rtc-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:46", "description": "kernel-4.1.13-100.fc21 - Linux v4.1.13 - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-F2C534BC12.NASL", "href": "https://www.tenable.com/plugins/nessus/89459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-f2c534bc12.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89459);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_xref(name:\"FEDORA\", value:\"2015-f2c534bc12\");\n\n script_name(english:\"Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"kernel-4.1.13-100.fc21 - Linux v4.1.13 - CVE-2015-8104 kvm: DoS\ninfinite loop in microcode DB exception (rhbz 1278496 1279691) -\nCVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz\n1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1271134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1278496\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172185.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e3663e6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-4.1.13-100.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:21", "description": "The 4.2.6 stable update contains a number of important fixes across the tree. kernel-4.2.6-300.fc23 - Fix incorrect size calculations in megaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-115C302856.NASL", "href": "https://www.tenable.com/plugins/nessus/89149", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-115c302856.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89149);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_xref(name:\"FEDORA\", value:\"2015-115c302856\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.6 stable update contains a number of important fixes across\nthe tree. kernel-4.2.6-300.fc23 - Fix incorrect size calculations in\nmegaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS\ninfinite loop in microcode DB exception (rhbz 1278496 1279691) -\nCVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz\n1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1271134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1278496\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172022.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ae1eb12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.6-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:26", "description": "The 4.2.6 stable update contains a number of important fixes across the tree. kernel-4.2.6-200.fc22 - Fix incorrect size calculations in megaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception (rhbz 1278496 1279691) - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz 1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-CD94AD8D7C.NASL", "href": "https://www.tenable.com/plugins/nessus/89412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-cd94ad8d7c.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89412);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_xref(name:\"FEDORA\", value:\"2015-cd94ad8d7c\");\n\n script_name(english:\"Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.6 stable update contains a number of important fixes across\nthe tree. kernel-4.2.6-200.fc22 - Fix incorrect size calculations in\nmegaraid with 64K pages (rhbz 1269300) - CVE-2015-8104 kvm: DoS\ninfinite loop in microcode DB exception (rhbz 1278496 1279691) -\nCVE-2015-5307 kvm: DoS infinite loop in microcode AC exception (rhbz\n1277172 1279688)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1271134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1277172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1278496\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172100.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b03393c1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.2.6-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:11", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2887-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7990", "CVE-2015-8374"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2887-2.NASL", "href": "https://www.tenable.com/plugins/nessus/88520", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2887-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88520);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\");\n script_xref(name:\"USN\", value:\"2887-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2887-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2887-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2887-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-77-generic\", pkgver:\"3.13.0-77.121~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-77-generic-lpae\", pkgver:\"3.13.0-77.121~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:22", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2887-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7990", "CVE-2015-8374"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2887-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88519", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2887-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88519);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\");\n script_xref(name:\"USN\", value:\"2887-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2887-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2887-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2887-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-77-generic\", pkgver:\"3.13.0-77.121\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-77-generic-lpae\", pkgver:\"3.13.0-77.121\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-77-lowlatency\", pkgver:\"3.13.0-77.121\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:27", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nIt was discovered that the netfilter Network Address Translation (NAT) implementation did not ensure that data structures were initialized when handling IPv4 addresses. An attacker could use this to cause a denial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 15.04 : linux vulnerabilities (USN-2889-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8787"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2889-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88522", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2889-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88522);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2889-1\");\n\n script_name(english:\"Ubuntu 15.04 : linux vulnerabilities (USN-2889-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2889-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2889-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-49-generic\", pkgver:\"3.19.0-49.55\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-49-generic-lpae\", pkgver:\"3.19.0-49.55\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-49-lowlatency\", pkgver:\"3.19.0-49.55\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:20", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nIt was discovered that the netfilter Network Address Translation (NAT) implementation did not ensure that data structures were initialized when handling IPv4 addresses. An attacker could use this to cause a denial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2889-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8787"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2889-2.NASL", "href": "https://www.tenable.com/plugins/nessus/88523", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2889-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88523);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2889-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2889-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2889-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2889-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-49-generic\", pkgver:\"3.19.0-49.55~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-49-generic-lpae\", pkgver:\"3.19.0-49.55~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-49-lowlatency\", pkgver:\"3.19.0-49.55~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-10T15:40:35", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the Linux kernel's Filesystem in Userspace (FUSE) implementation did not handle initial zero length segments properly. A local attacker could use this to cause a denial of service (unkillable task). (CVE-2015-8785).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2886-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7799", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8785"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2886-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88518", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2886-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88518);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8785\");\n script_xref(name:\"USN\", value:\"2886-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2886-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the Linux kernel's Filesystem in Userspace\n(FUSE) implementation did not handle initial zero length segments\nproperly. A local attacker could use this to cause a denial of service\n(unkillable task). (CVE-2015-8785).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2886-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7799\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8785\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2886-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-98-generic\", pkgver:\"3.2.0-98.138\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-98-generic-pae\", pkgver:\"3.2.0-98.138\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-98-highbank\", pkgver:\"3.2.0-98.138\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-98-virtual\", pkgver:\"3.2.0-98.138\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:19", "description": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (CVE-2013-7446)", "cvss3": {}, "published": "2017-05-02T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K20022580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL20022580.NASL", "href": "https://www.tenable.com/plugins/nessus/99920", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K20022580.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99920);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2013-7446\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K20022580)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel\nbefore 4.3.3 allows local users to bypass intended AF_UNIX socket\npermissions or cause a denial of service (panic) via crafted epoll_ctl\ncalls. (CVE-2013-7446)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K20022580\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K20022580.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K20022580\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:20", "description": "kernel-4.1.8-200.fc22 - Linux v4.1.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-05T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.1.8-200.fc22 (2015-16440)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6937"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-16440.NASL", "href": "https://www.tenable.com/plugins/nessus/86263", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-16440.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86263);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6937\");\n script_xref(name:\"FEDORA\", value:\"2015-16440\");\n\n script_name(english:\"Fedora 22 : kernel-4.1.8-200.fc22 (2015-16440)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"kernel-4.1.8-200.fc22 - Linux v4.1.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1263139\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/168447.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?563bb655\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.1.8-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:40", "description": "The 4.2.1 stable update contains a number of bug fixes across the tree. kernel-4.2.1-300.fc23 - Linux v4.2.1\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-09-24T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.1-300.fc23 (2015-16417)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6937"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-16417.NASL", "href": "https://www.tenable.com/plugins/nessus/86113", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-16417.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86113);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6937\");\n script_xref(name:\"FEDORA\", value:\"2015-16417\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.1-300.fc23 (2015-16417)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.1 stable update contains a number of bug fixes across the\ntree. kernel-4.2.1-300.fc23 - Linux v4.2.1\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1263139\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-September/167358.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88148c34\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.1-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:47", "description": "kernel-4.1.8-100.fc21 - Linux v4.1.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-05T00:00:00", "type": "nessus", "title": "Fedora 21 : kernel-4.1.8-100.fc21 (2015-16441)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6937"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-16441.NASL", "href": "https://www.tenable.com/plugins/nessus/86264", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-16441.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86264);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6937\");\n script_xref(name:\"FEDORA\", value:\"2015-16441\");\n\n script_name(english:\"Fedora 21 : kernel-4.1.8-100.fc21 (2015-16441)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"kernel-4.1.8-100.fc21 - Linux v4.1.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1263139\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/168539.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?896f9f55\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-4.1.8-100.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:34", "description": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7509: Mounting ext4 filesystems in no-journal mode could hav lead to a system crash (bsc#956709).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bnc#938706).\n\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7509", "CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-2339-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87651", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2339-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87651);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5157\", \"CVE-2015-5307\", \"CVE-2015-6937\", \"CVE-2015-7509\", \"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8104\", \"CVE-2015-8215\");\n script_bugtraq_id(76005);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7509: Mounting ext4 filesystems in no-journal\n mode could hav lead to a system crash (bsc#956709).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #DB (aka\n Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #AC (aka\n Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an\n underlying transport exists when creating a connection,\n causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux\n kernel on the x86_64 platform mishandled IRET faults in\n processing NMIs that occurred during userspace\n execution, which might have allowed local users to gain\n privileges by triggering an NMI (bnc#938706).\n\n - CVE-2015-7872: The key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local\n users to cause a denial of service (OOPS) via crafted\n keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers\n to cause a denial of service (IPv6 traffic disruption)\n via a crafted MTU value in an IPv6 Router Advertisement\n (RA) message, a different vulnerability than\n CVE-2015-8215 (bnc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound (bnc#945825).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=879378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=879381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=900610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=921081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5157/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6937/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7509/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8104/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8215/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152339-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?baca640f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-kernel-source-12278=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-kernel-source-12278=1\n\nSUSE Linux Enterprise Server 11-EXTRA :\n\nzypper in -t patch slexsp3-kernel-source-12278=1\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-kernel-source-12278=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-kernel-source-12278=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-source-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-syms-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-source-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-source-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-syms-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-68.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-68.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-31T14:29:14", "description": "The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.51 to receive various security and bugfixes.\n\nFollowing features were added :\n\n - hwrng: Add a driver for the hwrng found in power7+ systems (fate#315784).\n\nFollowing security bugs were fixed :\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. (bsc#955354)\n\n - CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempted to support a FRAGLIST feature without proper memory allocation, which allowed guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets (bnc#940776).\n\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#926238).\n\n - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#952384).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-18T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2292-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-2925", "CVE-2015-5156", "CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8215"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel"], "id": "SUSE_SU-2015-2292-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2292-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87495);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-2925\", \"CVE-2015-5156\", \"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8215\");\n script_bugtraq_id(73926);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2292-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.51 to\nreceive various security and bugfixes.\n\nFollowing features were added :\n\n - hwrng: Add a driver for the hwrng found in power7+\n systems (fate#315784).\n\nFollowing security bugs were fixed :\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in\n the Linux kernel did not validate attempted changes to\n the MTU value, which allowed context-dependent attackers\n to cause a denial of service (packet loss) via a value\n that is (1) smaller than the minimum compliant value or\n (2) larger than the MTU of an interface, as demonstrated\n by a Router Advertisement (RA) message that is not\n validated by a daemon, a different vulnerability than\n CVE-2015-0272. (bsc#955354)\n\n - CVE-2015-5156: The virtnet_probe function in\n drivers/net/virtio_net.c in the Linux kernel attempted\n to support a FRAGLIST feature without proper memory\n allocation, which allowed guest OS users to cause a\n denial of service (buffer overflow and memory\n corruption) via a crafted sequence of fragmented packets\n (bnc#940776).\n\n - CVE-2015-7872: The key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local\n users to cause a denial of service (OOPS) via crafted\n keyctl commands (bnc#951440).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers are valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-2925: The prepend_path function in fs/dcache.c\n in the Linux kernel did not properly handle rename\n actions inside a bind mount, which allowed local users\n to bypass an intended container protection mechanism by\n renaming a directory, related to a 'double-chroot attack\n (bnc#926238).\n\n - CVE-2015-7990: RDS: Verify the underlying transport\n exists before creating a connection, preventing possible\n DoS (bsc#952384).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=758040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=921949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=958647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2925/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5156/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8215/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152292-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9179e39b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP1-2015-985=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2015-985=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2015-985=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-985=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2015-985=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2015-985=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debugsource-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-devel-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-syms-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-60.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-60.20.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:16", "description": "It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-20T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2773-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5156", "CVE-2015-6937"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2773-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86465", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2773-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86465);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-5156\", \"CVE-2015-6937\");\n script_xref(name:\"USN\", value:\"2773-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2773-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that virtio networking in the Linux kernel did not\nhandle fragments correctly, leading to kernel memory corruption. A\nremote attacker could use this to cause a denial of service (system\ncrash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel did not verify sockets were\nproperly bound before attempting to send a message, which could cause\na NULL pointer dereference. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-6937).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2773-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-5156\", \"CVE-2015-6937\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2773-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-92-generic\", pkgver:\"3.2.0-92.130\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-92-generic-pae\", pkgver:\"3.2.0-92.130\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-92-highbank\", pkgver:\"3.2.0-92.130\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-92-virtual\", pkgver:\"3.2.0-92.130\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:07:40", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2888-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7550", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2888-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2888-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88521);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\");\n script_xref(name:\"USN\", value:\"2888-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2888-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2888-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2888-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-60-generic\", pkgver:\"3.16.0-60.80~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-60-generic-lpae\", pkgver:\"3.16.0-60.80~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-60-lowlatency\", pkgver:\"3.16.0-60.80~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:01", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-8104: Prevent guest to host DoS caused by infinite loop in microcode via #DB exception (bsc#954404).\n\n - CVE-2015-5307: Prevent guest to host DoS caused by infinite loop in microcode via #AC exception (bsc#953527).\n\n - CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bsc#938706).\n\n - CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951440).\n\n - CVE-2015-0272: Prevent remote DoS using IPv6 RA with bogus MTU by validating before applying it (bsc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bsc#945825).\n\n - CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggered permanent file-descriptor allocation (bsc#942367).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2108-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6252", "CVE-2015-6937", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-bigsmp", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-base", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-extra", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-trace-extra", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-2108-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2108-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87104);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5157\", \"CVE-2015-5307\", \"CVE-2015-6252\", \"CVE-2015-6937\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8104\");\n script_bugtraq_id(76005);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2108-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to\nreceive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-8104: Prevent guest to host DoS caused by\n infinite loop in microcode via #DB exception\n (bsc#954404).\n\n - CVE-2015-5307: Prevent guest to host DoS caused by\n infinite loop in microcode via #AC exception\n (bsc#953527).\n\n - CVE-2015-7990: RDS: Verify the underlying transport\n exists before creating a connection, preventing possible\n DoS (bsc#952384).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux\n kernel on the x86_64 platform mishandled IRET faults in\n processing NMIs that occurred during userspace\n execution, which might have allowed local users to gain\n privileges by triggering an NMI (bsc#938706).\n\n - CVE-2015-7872: Possible crash when trying to garbage\n collect an uninstantiated keyring (bsc#951440).\n\n - CVE-2015-0272: Prevent remote DoS using IPv6 RA with\n bogus MTU by validating before applying it (bsc#944296).\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound (bsc#945825).\n\n - CVE-2015-6252: The vhost_dev_ioctl function in\n drivers/vhost/vhost.c in the Linux kernel allowed local\n users to cause a denial of service (memory consumption)\n via a VHOST_SET_LOG_FD ioctl call that triggered\n permanent file-descriptor allocation (bsc#942367).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=777565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=900610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=920016\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=923002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=926774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5157/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6252/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6937/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8104/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152108-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?911cfa21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP3 :\n\nzypper in -t patch sdksp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Server for VMWare 11-SP3 :\n\nzypper in -t patch slessp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Server 11-SP3 :\n\nzypper in -t patch slessp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Server 11-EXTRA :\n\nzypper in -t patch slexsp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Desktop 11-SP3 :\n\nzypper in -t patch sledsp3-kernel-source-12226=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-kernel-source-12226=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-trace-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-source-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-syms-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-source-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-source-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-syms-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.47.71.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.47.71.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-31T14:29:13", "description": "The SUSE Linux Enterprise 12 kernel was updated to 3.12.51 to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers were valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-5283: The sctp_init function in net/sctp/protocol.c in the Linux kernel had an incorrect sequence of protocol-initialization steps, which allowed local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished (bnc#947155).\n\n - CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a 'double-chroot attack (bnc#926238).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-07T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-2925", "CVE-2015-5283", "CVE-2015-5307", "CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-2194-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:2194-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87214);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-2925\", \"CVE-2015-5283\", \"CVE-2015-5307\", \"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7990\", \"CVE-2015-8104\", \"CVE-2015-8215\");\n script_bugtraq_id(73926);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 kernel was updated to 3.12.51 to receive\nvarious security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel did not\n ensure that certain slot numbers were valid, which\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) via a crafted\n PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-5283: The sctp_init function in\n net/sctp/protocol.c in the Linux kernel had an incorrect\n sequence of protocol-initialization steps, which allowed\n local users to cause a denial of service (panic or\n memory corruption) by creating SCTP sockets before all\n of the steps have finished (bnc#947155).\n\n - CVE-2015-2925: The prepend_path function in fs/dcache.c\n in the Linux kernel did not properly handle rename\n actions inside a bind mount, which allowed local users\n to bypass an intended container protection mechanism by\n renaming a directory, related to a 'double-chroot attack\n (bnc#926238).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #DB (aka\n Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n allowed guest OS users to cause a denial of service\n (host OS panic or hang) by triggering many #AC (aka\n Alignment Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n\n - CVE-2015-7990: RDS: There was no verification that an\n underlying transport exists when creating a connection,\n causing usage of a NULL pointer (bsc#952384).\n\n - CVE-2015-7872: The key_gc_unused_keys function in\n security/keys/gc.c in the Linux kernel allowed local\n users to cause a denial of service (OOPS) via crafted\n keyctl commands (bnc#951440).\n\n - CVE-2015-0272: Missing checks allowed remote attackers\n to cause a denial of service (IPv6 traffic disruption)\n via a crafted MTU value in an IPv6 Router Advertisement\n (RA) message, a different vulnerability than\n CVE-2015-8215 (bnc#944296).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=867595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=904348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=921949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=930145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=936773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=939926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=946078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=948831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=952758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=953980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=954635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2925/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5283/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7872/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8104/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20152194-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e36375c5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2015-945=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-945=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-945=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2015-945=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2015-945=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-945=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.51-52.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.51-52.31.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:07:40", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) implementation did not ensure that data structures were initialized when handling IPv4 addresses. An attacker could use this to cause a denial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2890-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7550", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8787"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2890-2.NASL", "href": "https://www.tenable.com/plugins/nessus/88525", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88525);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2890-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-27-generic\", pkgver:\"4.2.0-27.32~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-27-generic-lpae\", pkgver:\"4.2.0-27.32~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-27-lowlatency\", pkgver:\"4.2.0-27.32~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:24", "description": "The 4.2.7 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.2.7-200.fc22 (2015-c4ed00a68f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7515", "CVE-2015-7833", "CVE-2015-8374"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-C4ED00A68F.NASL", "href": "https://www.tenable.com/plugins/nessus/89399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c4ed00a68f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89399);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7515\", \"CVE-2015-7833\", \"CVE-2015-8374\");\n script_xref(name:\"FEDORA\", value:\"2015-c4ed00a68f\");\n\n script_name(english:\"Fedora 22 : kernel-4.2.7-200.fc22 (2015-c4ed00a68f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.7 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1270158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1285326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1286261\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/173888.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6bfd0e0d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.2.7-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-10T15:39:59", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) implementation did not ensure that data structures were initialized when handling IPv4 addresses. An attacker could use this to cause a denial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7550", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8787"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2890-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88524", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88524);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-generic\", pkgver:\"4.2.0-27.32\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-generic-lpae\", pkgver:\"4.2.0-27.32\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-27-lowlatency\", pkgver:\"4.2.0-27.32\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:07:42", "description": "It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel had a race condition when checking whether a socket was bound or not. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel incorrectly handled compressed inline extants on truncation. A local attacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking implementation did not validate protocol identifiers for certain protocol families, A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux kernel did not verify an address length when setting up a socket. A local attacker could use this to craft an application that exposed sensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux kernel did not properly validate the socket address length for Synchronous Connection-Oriented (SCO) sockets. A local attacker could use this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT) implementation did not ensure that data structures were initialized when handling IPv4 addresses. An attacker could use this to cause a denial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-02T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2890-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7513", "CVE-2015-7550", "CVE-2015-7990", "CVE-2015-8374", "CVE-2015-8543", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8787"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2890-3.NASL", "href": "https://www.tenable.com/plugins/nessus/88526", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2890-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88526);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n script_xref(name:\"USN\", value:\"2890-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2890-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a use-after-free vulnerability existed in the\nAF_UNIX implementation in the Linux kernel. A local attacker could use\ncrafted epoll_ctl calls to cause a denial of service (system crash) or\nexpose sensitive information. (CVE-2013-7446)\n\nIt was discovered that the KVM implementation in the Linux kernel did\nnot properly restore the values of the Programmable Interrupt Timer\n(PIT). A user-assisted attacker in a KVM guest could cause a denial of\nservice in the host (system crash). (CVE-2015-7513)\n\nIt was discovered that the Linux kernel keyring subsystem contained a\nrace between read and revoke operations. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2015-7550)\n\nSasha Levin discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel had a race condition when checking\nwhether a socket was bound or not. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2015-7990)\n\nIt was discovered that the Btrfs implementation in the Linux kernel\nincorrectly handled compressed inline extants on truncation. A local\nattacker could use this to expose sensitive information.\n(CVE-2015-8374)\n\nGuoyong Gang discovered that the Linux kernel networking\nimplementation did not validate protocol identifiers for certain\nprotocol families, A local attacker could use this to cause a denial\nof service (system crash) or possibly gain administrative privileges.\n(CVE-2015-8543)\n\nDmitry Vyukov discovered that the pptp implementation in the Linux\nkernel did not verify an address length when setting up a socket. A\nlocal attacker could use this to craft an application that exposed\nsensitive information from kernel memory. (CVE-2015-8569)\n\nDavid Miller discovered that the Bluetooth implementation in the Linux\nkernel did not properly validate the socket address length for\nSynchronous Connection-Oriented (SCO) sockets. A local attacker could\nuse this to expose sensitive information. (CVE-2015-8575)\n\nIt was discovered that the netfilter Network Address Translation (NAT)\nimplementation did not ensure that data structures were initialized\nwhen handling IPv4 addresses. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-8787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2890-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7446\", \"CVE-2015-7513\", \"CVE-2015-7550\", \"CVE-2015-7990\", \"CVE-2015-8374\", \"CVE-2015-8543\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8787\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2890-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1022-raspi2\", pkgver:\"4.2.0-1022.29\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:00", "description": "The 4.2.7 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.7-300.fc23 (2015-ac9a19888e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7515", "CVE-2015-7833", "CVE-2015-8374"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-AC9A19888E.NASL", "href": "https://www.tenable.com/plugins/nessus/89366", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-ac9a19888e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89366);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7515\", \"CVE-2015-7833\", \"CVE-2015-8374\");\n script_xref(name:\"FEDORA\", value:\"2015-ac9a19888e\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.7-300.fc23 (2015-ac9a19888e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.7 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1270158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1285326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1286261\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/173908.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b32d1104\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.7-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:32", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2844-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2844-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2844-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87471);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2844-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2844-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2844-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2844-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-56-generic\", pkgver:\"3.16.0-56.75~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-56-generic-lpae\", pkgver:\"3.16.0-56.75~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-56-lowlatency\", pkgver:\"3.16.0-56.75~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:16", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2841-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2841-2.NASL", "href": "https://www.tenable.com/plugins/nessus/87467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2841-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87467);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2841-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2841-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2841-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2841-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-73-generic\", pkgver:\"3.13.0-73.116~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-73-generic-lpae\", pkgver:\"3.13.0-73.116~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:09:38", "description": "The 4.2.8 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.8-300.fc23 (2015-c59710b05d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7550", "CVE-2015-8543"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-C59710B05D.NASL", "href": "https://www.tenable.com/plugins/nessus/89400", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c59710b05d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89400);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7550\", \"CVE-2015-8543\");\n script_xref(name:\"FEDORA\", value:\"2015-c59710b05d\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.8-300.fc23 (2015-c59710b05d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.8 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1282688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1290475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291329\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174290.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?19bbb402\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.8-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-09T14:09:05", "description": "The 4.2.8 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.2.8-200.fc22 (2015-c1c2f5e168)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7550", "CVE-2015-8543"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-C1C2F5E168.NASL", "href": "https://www.tenable.com/plugins/nessus/89393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c1c2f5e168.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89393);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-7550\", \"CVE-2015-8543\");\n script_xref(name:\"FEDORA\", value:\"2015-c1c2f5e168\");\n\n script_name(english:\"Fedora 22 : kernel-4.2.8-200.fc22 (2015-c1c2f5e168)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.8 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1282688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1290475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1291329\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/174249.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cedf7d50\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.2.8-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:17", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2841-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87466", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2841-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87466);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2841-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2841-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2841-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-73-generic\", pkgver:\"3.13.0-73.116\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-73-generic-lpae\", pkgver:\"3.13.0-73.116\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-73-lowlatency\", pkgver:\"3.13.0-73.116\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-12T15:03:46", "description": "This Solaris system is missing necessary patches to address critical security updates :\n\n - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Solaris accessible data. (CVE-2016-5244)\n\n - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. (CVE-2015-6937)\n\n - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via Portmap v3 to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. (CVE-2018-3172)", "cvss3": {}, "published": "2018-10-18T00:00:00", "type": "nessus", "title": "Oracle Solaris Critical Patch Update : oct2018_SRU11_4_1_4_0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6937", "CVE-2016-5244", "CVE-2018-3172"], "modified": "2022-08-11T00:00:00", "cpe": ["cpe:/o:oracle:solaris"], "id": "SOLARIS_OCT2018_SRU11_4_1_4_0.NASL", "href": "https://www.tenable.com/plugins/nessus/118190", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle CPU for oct2018.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118190);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/08/11\");\n\n script_cve_id(\"CVE-2015-6937\", \"CVE-2016-5244\", \"CVE-2018-3172\");\n\n script_name(english:\"Oracle Solaris Critical Patch Update : oct2018_SRU11_4_1_4_0\");\n script_summary(english:\"Check for the oct2018 CPU\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Solaris system is missing a security patch from CPU\noct2018.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This Solaris system is missing necessary patches to address critical\nsecurity updates :\n\n - Vulnerability in the Solaris component of Oracle Sun\n Systems Products Suite (subcomponent: Kernel). The\n supported version that is affected is 11.4. Easily\n exploitable vulnerability allows unauthenticated\n attacker with network access via multiple protocols to\n compromise Solaris. Successful attacks of this\n vulnerability can result in unauthorized access to\n critical data or complete access to all Solaris\n accessible data. (CVE-2016-5244)\n\n - Vulnerability in the Solaris component of Oracle Sun\n Systems Products Suite (subcomponent: Kernel). The\n supported version that is affected is 11.4. Easily\n exploitable vulnerability allows low privileged attacker\n with logon to the infrastructure where Solaris executes\n to compromise Solaris. Successful attacks of this\n vulnerability can result in unauthorized ability to\n cause a hang or frequently repeatable crash (complete\n DOS) of Solaris. (CVE-2015-6937)\n\n - Vulnerability in the Solaris component of Oracle Sun\n Systems Products Suite (subcomponent: RPC). Supported\n versions that are affected are 10 and 11.4. Easily\n exploitable vulnerability allows unauthenticated\n attacker with network access via Portmap v3 to\n compromise Solaris. Successful attacks of this\n vulnerability can result in unauthorized ability to\n cause a partial denial of service (partial DOS) of\n Solaris. (CVE-2018-3172)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.oracle.com/epmos/faces/DocumentDisplay?id=2451130.1\"\n );\n # https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/5115881.xml\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1619b94b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.oracle.com/security-alerts/cpuoct2018.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the oct2018 CPU from the Oracle support website.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5244\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\n\n\nfix_release = \"11.4-11.4.1.0.1.4.0\";\n\nflag = 0;\n\nif (solaris_check_release(release:\"11.4-11.4.1.0.1.4.0\", sru:\"11.4.1.4.0\") > 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report2());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_OS_RELEASE_NOT, \"Solaris\", fix_release, release);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:31", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the virtual video osd test driver in the Linux kernel did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 15.04 : linux vulnerabilities (USN-2842-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7884", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2842-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2842-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87468);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7884\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2842-1\");\n\n script_name(english:\"Ubuntu 15.04 : linux vulnerabilities (USN-2842-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the virtual video osd test driver in the Linux\nkernel did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2842-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7884\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2842-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-41-generic\", pkgver:\"3.19.0-41.46\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-41-generic-lpae\", pkgver:\"3.19.0-41.46\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-41-lowlatency\", pkgver:\"3.19.0-41.46\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:09", "description": "It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for the Linux kernel did not correctly handle references of memory mapped files from an aufs mount. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-21T00:00:00", "type": "nessus", "title": "Ubuntu 15.04 : linux vulnerabilities (USN-2779-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5156", "CVE-2015-6937", "CVE-2015-7312"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2779-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86493", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2779-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86493);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n script_xref(name:\"USN\", value:\"2779-1\");\n\n script_name(english:\"Ubuntu 15.04 : linux vulnerabilities (USN-2779-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Linux kernel did not check if a new IPv6\nMTU set by a user space application was valid. A remote attacker could\nforge a route advertisement with an invalid MTU that a user space\ndaemon like NetworkManager would honor and apply to the kernel,\ncausing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not\nhandle fragments correctly, leading to kernel memory corruption. A\nremote attacker could use this to cause a denial of service (system\ncrash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel did not verify sockets were\nproperly bound before attempting to send a message, which could cause\na NULL pointer dereference. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for\nthe Linux kernel did not correctly handle references of memory mapped\nfiles from an aufs mount. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code\nwith administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2779-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2779-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-31-generic\", pkgver:\"3.19.0-31.36\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-31-generic-lpae\", pkgver:\"3.19.0-31.36\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-31-lowlatency\", pkgver:\"3.19.0-31.36\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:09", "description": "It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for the Linux kernel did not correctly handle references of memory mapped files from an aufs mount. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2778-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5156", "CVE-2015-6937", "CVE-2015-7312"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2778-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86492", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2778-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86492);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n script_xref(name:\"USN\", value:\"2778-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2778-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Linux kernel did not check if a new IPv6\nMTU set by a user space application was valid. A remote attacker could\nforge a route advertisement with an invalid MTU that a user space\ndaemon like NetworkManager would honor and apply to the kernel,\ncausing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not\nhandle fragments correctly, leading to kernel memory corruption. A\nremote attacker could use this to cause a denial of service (system\ncrash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel did not verify sockets were\nproperly bound before attempting to send a message, which could cause\na NULL pointer dereference. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for\nthe Linux kernel did not correctly handle references of memory mapped\nfiles from an aufs mount. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code\nwith administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2778-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2778-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-31-generic\", pkgver:\"3.19.0-31.36~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-31-generic-lpae\", pkgver:\"3.19.0-31.36~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-31-lowlatency\", pkgver:\"3.19.0-31.36~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:15", "description": "It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for the Linux kernel did not correctly handle references of memory mapped files from an aufs mount. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-20T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2775-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5156", "CVE-2015-6937", "CVE-2015-7312"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2775-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86466", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2775-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86466);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n script_xref(name:\"USN\", value:\"2775-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2775-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Linux kernel did not check if a new IPv6\nMTU set by a user space application was valid. A remote attacker could\nforge a route advertisement with an invalid MTU that a user space\ndaemon like NetworkManager would honor and apply to the kernel,\ncausing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not\nhandle fragments correctly, leading to kernel memory corruption. A\nremote attacker could use this to cause a denial of service (system\ncrash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel did not verify sockets were\nproperly bound before attempting to send a message, which could cause\na NULL pointer dereference. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for\nthe Linux kernel did not correctly handle references of memory mapped\nfiles from an aufs mount. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code\nwith administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2775-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2775-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-66-generic\", pkgver:\"3.13.0-66.108~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-66-generic-lpae\", pkgver:\"3.13.0-66.108~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:22", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - vfs: read file_handle only once in handle_to_path (Sasha Levin) [Orabug: 25388709] (CVE-2015-1420)\n\n - crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417807]\n\n - USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462763] (CVE-2016-4482)\n\n - net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811] (CVE-2016-4485)\n\n - af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25464000] (CVE-2013-7446)\n\n - unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25464000] (CVE-2013-7446)", "cvss3": {}, "published": "2017-02-13T00:00:00", "type": "nessus", "title": "OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0041)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-1420", "CVE-2016-4482", "CVE-2016-4485"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.2"], "id": "ORACLEVM_OVMSA-2017-0041.NASL", "href": "https://www.tenable.com/plugins/nessus/97120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0041.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97120);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-1420\", \"CVE-2016-4482\", \"CVE-2016-4485\");\n script_bugtraq_id(72357);\n\n script_name(english:\"OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0041)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - vfs: read file_handle only once in handle_to_path (Sasha\n Levin) [Orabug: 25388709] (CVE-2015-1420)\n\n - crypto: algif_hash - Only export and import on sockets\n with data (Herbert Xu) [Orabug: 25417807]\n\n - USB: usbfs: fix potential infoleak in devio (Kangjie Lu)\n [Orabug: 25462763] (CVE-2016-4482)\n\n - net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811]\n (CVE-2016-4485)\n\n - af_unix: Guard against other == sk in unix_dgram_sendmsg\n (Rainer Weikusat) [Orabug: 25464000] (CVE-2013-7446)\n\n - unix: avoid use-after-free in ep_remove_wait_queue\n (Rainer Weikusat) [Orabug: 25464000] (CVE-2013-7446)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-February/000649.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b560f546\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.2\", reference:\"kernel-uek-2.6.39-400.294.2.el5uek\")) flag++;\nif (rpm_check(release:\"OVS3.2\", reference:\"kernel-uek-firmware-2.6.39-400.294.2.el5uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:22", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3515 advisory.\n\n - The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message. (CVE-2016-4485)\n\n - The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data. (CVE-2016-8646)\n\n - The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (CVE-2016-4482)\n\n - Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (CVE-2013-7446)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-02-13T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3515)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2016-4482", "CVE-2016-4485", "CVE-2016-8646"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.16.3.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.16.3.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2017-3515.NASL", "href": "https://www.tenable.com/plugins/nessus/97117", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3515.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97117);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2013-7446\",\n \"CVE-2016-4482\",\n \"CVE-2016-4485\",\n \"CVE-2016-8646\"\n );\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3515)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2017-3515 advisory.\n\n - The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a\n certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by\n reading a message. (CVE-2016-4485)\n\n - The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to\n cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket\n that has received zero bytes of data. (CVE-2016-8646)\n\n - The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not\n initialize a certain data structure, which allows local users to obtain sensitive information from kernel\n stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (CVE-2016-4482)\n\n - Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to\n bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl\n calls. (CVE-2013-7446)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2017-3515.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-7446\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.16.3.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.16.3.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-118.16.3.el6uek', '3.8.13-118.16.3.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2017-3515');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-118.16.3.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.16.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.16.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.16.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.16.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.16.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.16.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},\n {'reference':'dtrace-modules-3.8.13-118.16.3.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.16.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.16.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.16.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.16.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.16.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.16.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.16.3.el6uek / dtrace-modules-3.8.13-118.16.3.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:51", "description": "It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS) implementation in the Linux kernel did not verify sockets were properly bound before attempting to send a message, which could cause a NULL pointer dereference. An attacker could use this to cause a denial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for the Linux kernel did not correctly handle references of memory mapped files from an aufs mount. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-20T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2776-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0272", "CVE-2015-5156", "CVE-2015-6937", "CVE-2015-7312"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2776-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2776-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86467);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n script_xref(name:\"USN\", value:\"2776-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2776-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Linux kernel did not check if a new IPv6\nMTU set by a user space application was valid. A remote attacker could\nforge a route advertisement with an invalid MTU that a user space\ndaemon like NetworkManager would honor and apply to the kernel,\ncausing a denial of service. (CVE-2015-0272)\n\nIt was discovered that virtio networking in the Linux kernel did not\nhandle fragments correctly, leading to kernel memory corruption. A\nremote attacker could use this to cause a denial of service (system\ncrash) or possibly execute code with administrative privileges.\n(CVE-2015-5156)\n\nIt was discovered that the Reliable Datagram Sockets (RDS)\nimplementation in the Linux kernel did not verify sockets were\nproperly bound before attempting to send a message, which could cause\na NULL pointer dereference. An attacker could use this to cause a\ndenial of service (system crash). (CVE-2015-6937)\n\nBen Hutchings discovered that the Advanced Union Filesystem (aufs) for\nthe Linux kernel did not correctly handle references of memory mapped\nfiles from an aufs mount. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code\nwith administrative privileges. (CVE-2015-7312).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2776-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-0272\", \"CVE-2015-5156\", \"CVE-2015-6937\", \"CVE-2015-7312\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2776-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-66-generic\", pkgver:\"3.13.0-66.108\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-66-generic-lpae\", pkgver:\"3.13.0-66.108\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-66-lowlatency\", pkgver:\"3.13.0-66.108\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:14", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417805] (CVE-2016-8646)\n\n - USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462760] (CVE-2016-4482)\n\n - net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462807] (CVE-2016-4485)\n\n - af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25463996] (CVE-2013-7446)\n\n - unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25463996] (CVE-2013-7446)", "cvss3": {}, "published": "2017-02-13T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0040)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2016-4482", "CVE-2016-4485", "CVE-2016-8646"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2017-0040.NASL", "href": "https://www.tenable.com/plugins/nessus/97119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0040.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97119);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2016-4482\", \"CVE-2016-4485\", \"CVE-2016-8646\");\n\n script_name(english:\"OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0040)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - crypto: algif_hash - Only export and import on sockets\n with data (Herbert Xu) [Orabug: 25417805]\n (CVE-2016-8646)\n\n - USB: usbfs: fix potential infoleak in devio (Kangjie Lu)\n [Orabug: 25462760] (CVE-2016-4482)\n\n - net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462807]\n (CVE-2016-4485)\n\n - af_unix: Guard against other == sk in unix_dgram_sendmsg\n (Rainer Weikusat) [Orabug: 25463996] (CVE-2013-7446)\n\n - unix: avoid use-after-free in ep_remove_wait_queue\n (Rainer Weikusat) [Orabug: 25463996] (CVE-2013-7446)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-February/000648.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?995a591b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-3.8.13-118.16.3.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"kernel-uek-firmware-3.8.13-118.16.3.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:30", "description": "Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the virtual video osd test driver in the Linux kernel did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2842-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7884", "CVE-2015-7885", "CVE-2015-8104"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2842-2.NASL", "href": "https://www.tenable.com/plugins/nessus/87469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2842-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87469);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7884\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n script_xref(name:\"USN\", value:\"2842-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2842-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Beulich discovered that the KVM svm hypervisor implementation in\nthe Linux kernel did not properly catch Debug exceptions on AMD\nprocessors. An attacker in a guest virtual machine could use this to\ncause a denial of service (system crash) in the host OS.\n(CVE-2015-8104)\n\nGuoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nIt was discovered that the virtual video osd test driver in the Linux\nkernel did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2842-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7884\", \"CVE-2015-7885\", \"CVE-2015-8104\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2842-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-41-generic\", pkgver:\"3.19.0-41.46~14.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-41-generic-lpae\", pkgver:\"3.19.0-41.46~14.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-41-lowlatency\", pkgver:\"3.19.0-41.46~14.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-06T14:13:03", "description": "The openSUSE 13.2 kernel was updated to receive various security and bugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962075).\n\n - CVE-2015-7550: A local user could have triggered a race between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).\n\n - CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2014-8989: The Linux kernel did not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allowed local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a 'negative groups' issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c (bnc#906545).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI (bnc#937969).\n\n - CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).\n\n - CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key (bnc#912202).\n\n - CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937 (bnc#952384 953052).\n\n - CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).\n\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 did not initialize a certain structure member, which allowed local users to obtain sensitive information from kernel memory via a crafted application (bnc#951627).\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product (bnc#955354).\n\n - CVE-2015-8767: A case can occur when sctp_accept() is called by the user during a heartbeat timeout event after the 4-way handshake. Since sctp_assoc_migrate() changes both assoc->base.sk and assoc->ep, the bh_sock_lock in sctp_generate_heartbeat_event() will be taken with the listening socket but released with the new association socket. The result is a deadlock on any future attempts to take the listening socket lock.\n (bsc#961509)\n\n - CVE-2015-8575: Validate socket address length in sco_sock_bind() to prevent information leak (bsc#959399).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers could have lead to double fetch vulnerabilities, causing denial of service or arbitrary code execution (depending on the configuration) (bsc#957988).\n\nThe following non-security bugs were fixed :\n\n - ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440).\n\n - ALSA: hda - Fix noise problems on Thinkpad T440s (boo#958504).\n\n - Input: aiptek - fix crash on detecting device without endpoints (bnc#956708).\n\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y (boo#956934).\n\n - KVM: x86: update masterclock values on TSC writes (bsc#961739).\n\n - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client (bsc#960839).\n\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949).\n\n - blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976).\n\n - blktap: refine mm tracking (bsc#952976).\n\n - cdrom: Random writing support for BD-RE media (bnc#959568).\n\n - genksyms: Handle string literals with spaces in reference files (bsc#958510).\n\n - ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).\n\n - ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422).\n\n - ipv6: fix tunnel error handling (bsc#952579).\n\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n\n - uas: Add response iu handling (bnc#954138).\n\n - usbvision fix overflow of interfaces array (bnc#950998).\n\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n\n - xen/pciback: Do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).", "cvss3": {}, "published": "2016-02-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8989", "CVE-2014-9529", "CVE-2015-0272", "CVE-2015-5157", "CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7550", "CVE-2015-7799", "CVE-2015-7885", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215", "CVE-2015-8543", "CVE-2015-8550", "CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8767", "CVE-2016-0728"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bbswitch", "p-cpe:/a:novell:opensuse:bbswitch-debugsource", "p-cpe:/a:novell:opensuse:bbswitch-kmp-default", "p-cpe:/a:novell:opensuse:bbswitch-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop", "p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-pae", "p-cpe:/a:novell:opensuse:bbswitch-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-xen", "p-cpe:/a:novell:opensuse:bbswitch-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:cloop", "p-cpe:/a:novell:opensuse:cloop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-debugsource", "p-cpe:/a:novell:opensuse:cloop-kmp-default", "p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-pae", "p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-xen", "p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:crash", "p-cpe:/a:novell:opensuse:crash-debuginfo", "p-cpe:/a:novell:opensuse:crash-debugsource", "p-cpe:/a:novell:opensuse:crash-devel", "p-cpe:/a:novell:opensuse:crash-eppic", "p-cpe:/a:novell:opensuse:crash-eppic-debuginfo", "p-cpe:/a:novell:opensuse:crash-gcore", "p-cpe:/a:novell:opensuse:crash-gcore-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-default", "p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-desktop", "p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-pae", "p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-xen", "p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-debugsource", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:ipset", "p-cpe:/a:novell:opensuse:ipset-debuginfo", "p-cpe:/a:novell:opensuse:ipset-debugsource", "p-cpe:/a:novell:opensuse:ipset-devel", "p-cpe:/a:novell:opensuse:ipset-kmp-default", "p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-pae", "p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-xen", "p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-obs-qa-xen", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:libipset3", "p-cpe:/a:novell:opensuse:libipset3-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock", "p-cpe:/a:novell:opensuse:pcfclock-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-debugsource", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:python-virtualbox", "p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-debugsource", "p-cpe:/a:novell:opensuse:vhba-kmp-default", "p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-pae", "p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-xen", "p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-source", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domu", "p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons", "p-cpe:/a:novell:opensuse:xtables-addons-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-debugsource", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-136.NASL", "href": "https://www.tenable.com/plugins/nessus/88605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-136.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88605);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8989\", \"CVE-2014-9529\", \"CVE-2015-0272\", \"CVE-2015-5157\", \"CVE-2015-5307\", \"CVE-2015-6937\", \"CVE-2015-7550\", \"CVE-2015-7799\", \"CVE-2015-7885\", \"CVE-2015-7990\", \"CVE-2015-8104\", \"CVE-2015-8215\", \"CVE-2015-8543\", \"CVE-2015-8550\", \"CVE-2015-8551\", \"CVE-2015-8552\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8767\", \"CVE-2016-0728\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)\");\n script_summary(english:\"Check for the openSUSE-2016-136 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 13.2 kernel was updated to receive various security and\nbugfixes.\n\nFollowing security bugs were fixed :\n\n - CVE-2016-0728: A reference leak in keyring handling with\n join_session_keyring() could lead to local attackers\n gain root privileges. (bsc#962075).\n\n - CVE-2015-7550: A local user could have triggered a race\n between read and revoke in keyctl (bnc#958951).\n\n - CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect\n functions in drivers/net/ppp/pptp.c in the Linux kernel\n did not verify an address length, which allowed local\n users to obtain sensitive information from kernel memory\n and bypass the KASLR protection mechanism via a crafted\n application (bnc#959190).\n\n - CVE-2015-8543: The networking implementation in the\n Linux kernel did not validate protocol identifiers for\n certain protocol families, which allowed local users to\n cause a denial of service (NULL function pointer\n dereference and system crash) or possibly gain\n privileges by leveraging CLONE_NEWUSER support to\n execute a crafted SOCK_RAW application (bnc#958886).\n\n - CVE-2014-8989: The Linux kernel did not properly\n restrict dropping of supplemental group memberships in\n certain namespace scenarios, which allowed local users\n to bypass intended file permissions by leveraging a\n POSIX ACL containing an entry for the group category\n that is more restrictive than the entry for the other\n category, aka a 'negative groups' issue, related to\n kernel/groups.c, kernel/uid16.c, and\n kernel/user_namespace.c (bnc#906545).\n\n - CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux\n kernel on the x86_64 platform mishandles IRET faults in\n processing NMIs that occurred during userspace\n execution, which might allow local users to gain\n privileges by triggering an NMI (bnc#937969).\n\n - CVE-2015-7799: The slhc_init function in\n drivers/net/slip/slhc.c in the Linux kernel through\n 4.2.3 did not ensure that certain slot numbers are\n valid, which allowed local users to cause a denial of\n service (NULL pointer dereference and system crash) via\n a crafted PPPIOCSMAXCID ioctl call (bnc#949936).\n\n - CVE-2015-8104: The KVM subsystem in the Linux kernel\n through 4.2.6, and Xen 4.3.x through 4.6.x, allowed\n guest OS users to cause a denial of service (host OS\n panic or hang) by triggering many #DB (aka Debug)\n exceptions, related to svm.c (bnc#954404).\n\n - CVE-2015-5307: The KVM subsystem in the Linux kernel\n through 4.2.6, and Xen 4.3.x through 4.6.x, allowed\n guest OS users to cause a denial of service (host OS\n panic or hang) by triggering many #AC (aka Alignment\n Check) exceptions, related to svm.c and vmx.c\n (bnc#953527).\n\n - CVE-2014-9529: Race condition in the key_gc_unused_keys\n function in security/keys/gc.c in the Linux kernel\n allowed local users to cause a denial of service (memory\n corruption or panic) or possibly have unspecified other\n impact via keyctl commands that trigger access to a key\n structure member during garbage collection of a key\n (bnc#912202).\n\n - CVE-2015-7990: Race condition in the rds_sendmsg\n function in net/rds/sendmsg.c in the Linux kernel\n allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound. NOTE: this vulnerability exists because\n of an incomplete fix for CVE-2015-6937 (bnc#952384\n 953052).\n\n - CVE-2015-6937: The __rds_conn_create function in\n net/rds/connection.c in the Linux kernel allowed local\n users to cause a denial of service (NULL pointer\n dereference and system crash) or possibly have\n unspecified other impact by using a socket that was not\n properly bound (bnc#945825).\n\n - CVE-2015-7885: The dgnc_mgmt_ioctl function in\n drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel\n through 4.3.3 did not initialize a certain structure\n member, which allowed local users to obtain sensitive\n information from kernel memory via a crafted application\n (bnc#951627).\n\n - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in\n the Linux kernel did not validate attempted changes to\n the MTU value, which allowed context-dependent attackers\n to cause a denial of service (packet loss) via a value\n that is (1) smaller than the minimum compliant value or\n (2) larger than the MTU of an interface, as demonstrated\n by a Router Advertisement (RA) message that is not\n validated by a daemon, a different vulnerability than\n CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is\n limited to the NetworkManager product (bnc#955354).\n\n - CVE-2015-8767: A case can occur when sctp_accept() is\n called by the user during a heartbeat timeout event\n after the 4-way handshake. Since sctp_assoc_migrate()\n changes both assoc->base.sk and assoc->ep, the\n bh_sock_lock in sctp_generate_heartbeat_event() will be\n taken with the listening socket but released with the\n new association socket. The result is a deadlock on any\n future attempts to take the listening socket lock.\n (bsc#961509)\n\n - CVE-2015-8575: Validate socket address length in\n sco_sock_bind() to prevent information leak\n (bsc#959399).\n\n - CVE-2015-8551, CVE-2015-8552: xen/pciback: For\n XEN_PCI_OP_disable_msi[|x] only disable if device has\n MSI(X) enabled (bsc#957990).\n\n - CVE-2015-8550: Compiler optimizations in the XEN PV\n backend drivers could have lead to double fetch\n vulnerabilities, causing denial of service or arbitrary\n code execution (depending on the configuration)\n (bsc#957988).\n\nThe following non-security bugs were fixed :\n\n - ALSA: hda - Disable 64bit address for Creative HDA\n controllers (bnc#814440).\n\n - ALSA: hda - Fix noise problems on Thinkpad T440s\n (boo#958504).\n\n - Input: aiptek - fix crash on detecting device without\n endpoints (bnc#956708).\n\n - KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y\n (boo#956934).\n\n - KVM: x86: update masterclock values on TSC writes\n (bsc#961739).\n\n - NFS: Fix a NULL pointer dereference of migration\n recovery ops for v4.2 client (bsc#960839).\n\n - apparmor: allow SYS_CAP_RESOURCE to be sufficient to\n prlimit another task (bsc#921949).\n\n - blktap: also call blkif_disconnect() when frontend\n switched to closed (bsc#952976).\n\n - blktap: refine mm tracking (bsc#952976).\n\n - cdrom: Random writing support for BD-RE media\n (bnc#959568).\n\n - genksyms: Handle string literals with spaces in\n reference files (bsc#958510).\n\n - ipv4: Do not increase PMTU with Datagram Too Big message\n (bsc#955224).\n\n - ipv6: distinguish frag queues by device for multicast\n and link-local packets (bsc#955422).\n\n - ipv6: fix tunnel error handling (bsc#952579).\n\n - route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).\n\n - uas: Add response iu handling (bnc#954138).\n\n - usbvision fix overflow of interfaces array (bnc#950998).\n\n - x86/evtchn: make use of PHYSDEVOP_map_pirq.\n\n - xen/pciback: Do not allow MSI-X ops if\n PCI_COMMAND_MEMORY is not set (bsc#957990 XSA-157).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=814440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=906545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=912202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=921949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=937969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=937970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=938706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=944296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=945825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=950998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951638\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=952976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=953527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=954404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=962075\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-0.8-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-debugsource-0.8-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-default-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-default-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-desktop-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-pae-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-xen-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_32-3.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-2.639-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-debuginfo-2.639-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-debugsource-2.639-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-default-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-default-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-desktop-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-desktop-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-pae-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-pae-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-xen-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-xen-debuginfo-2.639_k3.16.7_32-14.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-debuginfo-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-debugsource-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-devel-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-eppic-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-eppic-debuginfo-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-gcore-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-gcore-debuginfo-7.0.8-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-default-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-default-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-desktop-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-pae-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-pae-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-xen-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-xen-debuginfo-7.0.8_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-debugsource-1.28-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-default-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-default-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-desktop-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-pae-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-xen-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_32-18.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-debuginfo-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-debugsource-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-devel-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-default-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-default-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-desktop-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-desktop-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-pae-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-pae-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-xen-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-xen-debuginfo-6.23_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-macros-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-build-3.16.7-32.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-build-debugsource-3.16.7-32.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-qa-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-qa-xen-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-source-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-source-vanilla-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-syms-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libipset3-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libipset3-debuginfo-6.23-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-0.44-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-debuginfo-0.44-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-debugsource-0.44-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-default-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-default-debuginfo-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-desktop-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-pae-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_32-260.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-debugsource-20140629-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-default-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-default-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-desktop-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-desktop-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-pae-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-pae-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-xen-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-xen-debuginfo-20140629_k3.16.7_32-2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debugsource-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-devel-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-desktop-icons-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-debuginfo-4.3.34_k3.16.7_32-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-source-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-debuginfo-4.3.34-37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-debugsource-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-devel-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-debuginfo-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-debuginfo-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-2.6-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-debuginfo-2.6-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-debugsource-2.6-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-default-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-desktop-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-pae-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-xen-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_32-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.16.7-32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-debuginfo-4.4.3_08_k3.16.7_32-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-4.4.3_08-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.3_08-38.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bbswitch / bbswitch-debugsource / bbswitch-kmp-default / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:19", "description": "Guoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799)\n\nDmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). (CVE-2015-7872)\n\nIt was discovered that the virtual video osd test driver in the Linux kernel did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard devices did not properly initialize data structures. A local attacker could use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-18T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2843-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7884", "CVE-2015-7885"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2843-3.NASL", "href": "https://www.tenable.com/plugins/nessus/87498", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2843-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87498);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7884\", \"CVE-2015-7885\");\n script_xref(name:\"USN\", value:\"2843-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2843-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Guoyong Gang discovered that the ppp implementation in the Linux\nkernel did not ensure that certain slot numbers are valid. A local\nattacker with the privilege to call ioctl() on /dev/ppp could cause a\ndenial of service (system crash). (CVE-2015-7799)\n\nDmitry Vyukov discovered that the Linux kernel's keyring handler\nattempted to garbage collect incompletely instantiated keys. A local\nunprivileged attacker could use this to cause a denial of service\n(system crash). (CVE-2015-7872)\n\nIt was discovered that the virtual video osd test driver in the Linux\nkernel did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7884)\n\nIt was discovered that the driver for Digi Neo and ClassicBoard\ndevices did not properly initialize data structures. A local attacker\ncould use this to obtain sensitive information from the kernel.\n(CVE-2015-7885).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2843-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7799\", \"CVE-2015-7872\", \"CVE-2015-7884\", \"CVE-2015-7885\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2843-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1016-raspi2\", pkgver:\"4.2.0-1016.23\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:13", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3516 advisory.\n\n - The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message. (CVE-2016-4485)\n\n - The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data. (CVE-2016-8646)\n\n - The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (CVE-2016-4482)\n\n - Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (CVE-2013-7446)\n\n - Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.\n (CVE-2015-1420)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-02-13T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3516)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-1420", "CVE-2016-4482", "CVE-2016-4485", "CVE-2016-8646"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2017-3516.NASL", "href": "https://www.tenable.com/plugins/nessus/97118", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3516.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97118);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2013-7446\",\n \"CVE-2015-1420\",\n \"CVE-2016-4482\",\n \"CVE-2016-4485\"\n );\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3516)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2017-3516 advisory.\n\n - The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a\n certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by\n reading a message. (CVE-2016-4485)\n\n - The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to\n cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket\n that has received zero bytes of data. (CVE-2016-8646)\n\n - The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not\n initialize a certain data structure, which allows local users to obtain sensitive information from kernel\n stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. (CVE-2016-4482)\n\n - Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to\n bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl\n calls. (CVE-2013-7446)\n\n - Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows\n local users to bypass intended size restrictions and trigger read operations on additional memory\n locations by changing the handle_bytes value of a file handle during the execution of this function.\n (CVE-2015-1420)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2017-3516.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-7446\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.39-400.294.2.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2017-3516');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.39-400.294.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.294.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.294.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.294.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.294.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.294.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.294.2.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.294.2.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.294.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.294.2.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:22:57", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system.(CVE-2015-5157)\n\n - A denial of service vulnerability was found in the WhiteHEAT USB Serial Driver (whiteheat_attach function in drivers/usb/serial/whiteheat.c). In the driver, the COMMAND_PORT variable was hard coded and set to 4 (5th element). The driver assumed that the number of ports would always be 5 and used port number 5 as the command port. However, when using a USB device in which the number of ports was set to a number less than 5 (for example, 3), the driver triggered a kernel NULL-pointer dereference. A non-privileged attacker could use this flaw to panic the host.(CVE-2015-5257)\n\n - A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded.(CVE-2015-5283)\n\n - It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #AC (alignment check exception) is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.(CVE-2015-5307)\n\n - A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.(CVE-2015-5364)\n\n - A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.(CVE-2015-5366)\n\n - A cross-boundary flaw was discovered in the Linux kernel software raid driver. The driver accessed a disabled bitmap where only the first byte of the buffer was initialized to zero. This meant that the rest of the request (up to 4095 bytes) was left and copied into user space. An attacker could use this flaw to read private information from user space that would not otherwise have been accessible.(CVE-2015-5697)\n\n - An integer-overflow vulnerability was found in the scsi block-request handling code in function start_req(). A local attacker could use specially crafted IOV requests to overflow a counter used in bio_map_user_iov()'s page calculation, and write past the end of the array that contains kernel-page pointers.(CVE-2015-5707)\n\n - A flaw was found in the way the Linux kernel's vhost driver treated userspace provided log file descriptor when processing the VHOST_SET_LOG_FD ioctl command. The file descriptor was never released and continued to consume kernel memory. A privileged local user with access to the /dev/vhost-net files could use this flaw to create a denial-of-service attack.(CVE-2015-6252)\n\n - A flaw was found in the way the Linux kernel's perf subsystem retrieved userlevel stack traces on PowerPC systems. A local, unprivileged user could use this flaw to cause a denial of service on the system by creating a special stack layout that would force the perf_callchain_user_64() function into an infinite loop.(CVE-2015-6526)\n\n - A NULL-pointer dereference vulnerability was discovered in the Linux kernel. The kernel's Reliable Datagram Sockets (RDS) protocol implementation did not verify that an underlying transport existed before creating a connection to a remote server. A local system user could exploit this flaw to crash the system by creating sockets at specific times to trigger a NULL pointer dereference.(CVE-2015-6937)\n\n - Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c.(CVE-2015-7312)\n\n - A divide-by-zero flaw was discovered in the Linux kernel built with KVM virtualization support(CONFIG_KVM). The flaw occurs in the KVM module's Programmable Interval Timer(PIT) emulation, when PIT counters for channel 1 or 2 are set to zero(0) and a privileged user inside the guest attempts to read these counters. A privileged guest user with access to PIT I/O ports could exploit this issue to crash the host kernel (denial of service).(CVE-2015-7513)\n\n - An out-of-bounds memory access flaw was found in the Linux kernel's aiptek USB tablet driver (aiptek_probe() function in drivers/input/tablet/aiptek.c). The driver assumed that the interface always had at least one endpoint. By using a specially crafted USB device with no endpoints on one of its interfaces, an unprivileged user with physical access to the system could trigger a kernel NULL pointer dereference, causing the system to panic.(CVE-2015-7515)\n\n - A NULL-pointer dereference flaw was found in the kernel, which is caused by a race between revoking a user-type key and reading from it. The issue could be triggered by an unprivileged user with a local account, causing the kernel to crash (denial of service).(CVE-2015-7550)\n\n - A flaw was found in the way the Linux kernel visor driver handles certain invalid USB device descriptors.\n The driver assumes that the device always has at least one bulk OUT endpoint. By using a specially crafted USB device (without a bulk OUT endpoint), an unprivileged user with physical access could trigger a kernel NULL-pointer dereference and cause a system panic (denial of service).(CVE-2015-7566)\n\n - A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to elevate their privileges on the system.(CVE-2015-7613)\n\n - A flaw was discovered in the Linux kernel where issuing certain ioctl() -s commands to the '/dev/ppp' device file could lead to a NULL pointer dereference. A privileged user could use this flaw to cause a kernel crash and denial of service.(CVE-2015-7799)\n\n - It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings.\n A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2015-7872)\n\n - A denial of service flaw was discovered in the Linux kernel, where a race condition caused a NULL pointer dereference in the RDS socket-creation code. A local attacker could use this flaw to create a situation in which a NULL pointer crashed the kernel.(CVE-2015-7990)\n\n - It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #DB (debug exception) is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.(CVE-2015-8104)\n\n - It was found that the Linux kernel's IPv6 network stack did not properly validate the value of the MTU variable when it was set. A remote attacker could potentially use this flaw to disrupt a target system's networking (packet loss) by setting an invalid MTU value, for example, via a NetworkManager daemon that is processing router advertisement packets running on the target system.(CVE-2015-8215)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1488)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5157", "CVE-2015-5257", "CVE-2015-5283", "CVE-2015-5307", "CVE-2015-5364", "CVE-2015-5366", "CVE-2015-5697", "CVE-2015-5707", "CVE-2015-6252", "CVE-2015-6526", "CVE-2015-6937", "CVE-2015-7312", "CVE-2015-7513", "CVE-2015-7515", "CVE-2015-7550", "CVE-2015-7566", "CVE-2015-7613", "CVE-2015-7799", "CVE-2015-7872", "CVE-2015-7990", "CVE-2015-8104", "CVE-2015-8215"], "modified": "2021-02-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1488.NASL", "href": "https://www.tenable.com/plugins/nessus/124812", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124812);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2015-5157\",\n \"CVE-2015-5257\",\n \"CVE-2015-5283\",\n \"CVE-2015-5307\",\n \"CVE-2015-5364\",\n \"CVE-2015-5366\",\n \"CVE-2015-5697\",\n \"CVE-2015-5707\",\n \"CVE-2015-6252\",\n \"CVE-2015-6526\",\n \"CVE-2015-6937\",\n \"CVE-2015-7312\",\n \"CVE-2015-7513\",\n \"CVE-2015-7515\",\n \"CVE-2015-7550\",\n \"CVE-2015-7566\",\n \"CVE-2015-7613\",\n \"CVE-2015-7799\",\n \"CVE-2015-7872\",\n \"CVE-2015-7990\",\n \"CVE-2015-8104\",\n \"CVE-2015-8215\"\n );\n script_bugtraq_id(\n 75510,\n 76005\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1488)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to