{"id": "RHSA-2008:0275", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2008:0275) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* on AMD64 architectures, the possibility of a kernel crash was discovered\nby testing the Linux kernel process-trace ability. This could allow a local\nunprivileged user to cause a denial of service (kernel crash).\n(CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to setup\na large interval value, forcing the timer expiry value to become negative,\ncausing a denial of service (kernel hang). (CVE-2007-6712, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel IPsec\nprotocol implementation, due to improper handling of fragmented ESP\npackets. When an attacker controlling an intermediate router fragmented\nthese packets into very small pieces, it would cause a kernel crash on the\nreceiving node during packet reassembly. (CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux kernel\nPWC USB video driver. A local unprivileged user could use this flaw to\nbring the kernel USB subsystem into the busy-waiting state, causing a\ndenial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs:\n\n* in certain situations, a kernel hang and a possible panic occurred when\ndisabling the cpufreq daemon. This may have prevented system reboots from\ncompleting successfully.\n\n* continual \"softlockup\" messages, which occurred on the guest's console\nafter a successful save and restore of a Red Hat Enterprise Linux 5\npara-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed NFS\nlocks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated\npackages, which contain backported patches to resolve these issues.", "published": "2008-05-20T04:00:00", "modified": "2017-09-08T11:56:19", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2008:0275", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2007-5093", "CVE-2007-6282", "CVE-2007-6712", "CVE-2008-1615"], "lastseen": "2019-08-13T18:46:04", "viewCount": 2, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2019-08-13T18:46:04", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-6282", "CVE-2008-1615", "CVE-2007-5093", "CVE-2007-6712"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2008-0275.NASL", "ORACLELINUX_ELSA-2008-0237.NASL", "SL_20080507_KERNEL_ON_SL4_X.NASL", "REDHAT-RHSA-2008-0275.NASL", "CENTOS_RHSA-2008-0275.NASL", "DEBIAN_DSA-1588.NASL", "ORACLEVM_OVMSA-2008-2005.NASL", "SUSE_KERNEL-5336.NASL", "CENTOS_RHSA-2008-0237.NASL", "REDHAT-RHSA-2008-0237.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065330", "OPENVAS:65330", "OPENVAS:1361412562310870130", "OPENVAS:61103", "OPENVAS:1361412562310870078", "OPENVAS:870130", "OPENVAS:850014", "OPENVAS:870078", "OPENVAS:61105", "OPENVAS:1361412562310122589"]}, {"type": "centos", "idList": ["CESA-2008:0275", "CESA-2008:0972", "CESA-2008:0237"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0972", "ELSA-2008-0275", "ELSA-2008-0237"]}, {"type": "suse", "idList": ["SUSE-SA:2008:032", "SUSE-SA:2008:035", "SUSE-SA:2008:030", "SUSE-SA:2008:031", "SUSE-SA:2008:038"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1588-2:B9B84", "DEBIAN:DSA-1630-1:8E4BC", "DEBIAN:DSA-1381-1:B1830", "DEBIAN:DSA-1588-1:0FC6B", "DEBIAN:DSA-1381-2:956ED"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18111", "SECURITYVULNS:DOC:20387", "SECURITYVULNS:VULN:8210", "SECURITYVULNS:VULN:9235", "SECURITYVULNS:DOC:18851", "SECURITYVULNS:DOC:19921", "SECURITYVULNS:VULN:9029"]}, {"type": "redhat", "idList": ["RHSA-2008:0972", "RHSA-2008:0585", "RHSA-2008:0237"]}, {"type": "osvdb", "idList": ["OSVDB:39233"]}, {"type": "ubuntu", "idList": ["USN-578-1", "USN-558-1", "USN-574-1", "USN-625-1"]}], "modified": "2019-08-13T18:46:04", "rev": 2}, "vulnersScore": 6.7}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-PAE", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-PAE-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-kdump-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-kdump-devel-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-devel-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-devel-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-devel-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-devel-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "src", "packageName": "kernel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-2.6.18-53.1.21.el5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-headers", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-headers-2.6.18-53.1.21.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debug", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-devel-2.6.18-53.1.21.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-xen-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-xen-devel-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-headers", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-headers-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-devel-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-devel-2.6.18-53.1.21.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-xen-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-xen-devel-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-PAE-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-PAE-devel-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debug", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-devel-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-devel-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-xen-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-kdump", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-kdump-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-2.6.18-53.1.21.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debug", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-2.6.18-53.1.21.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-xen", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-xen-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-headers", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-headers-2.6.18-53.1.21.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-headers", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-headers-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "kernel-headers", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-headers-2.6.18-53.1.21.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-devel-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-xen", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-xen-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "noarch", "packageName": "kernel-doc", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-doc-2.6.18-53.1.21.el5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debug", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-2.6.18-53.1.21.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen-devel", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-xen-devel-2.6.18-53.1.21.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debug", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-debug-2.6.18-53.1.21.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "kernel-headers", "packageVersion": "2.6.18-53.1.21.el5", "packageFilename": "kernel-headers-2.6.18-53.1.21.el5.ppc.rpm", "operator": "lt"}]}

{"cve": [{"lastseen": "2020-10-03T11:45:55", "description": "The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.", "edition": 3, "cvss3": {}, "published": "2008-05-08T00:20:00", "title": "CVE-2007-6282", "type": "cve", "cwe": ["CWE-16"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6282"], "modified": "2017-09-29T01:29:00", "cpe": ["cpe:/o:redhat:enterprise_linux:as_4", "cpe:/o:redhat:enterprise_linux:es_4", "cpe:/o:redhat:enterprise_linux_desktop:4", "cpe:/o:redhat:enterprise_linux:ws_4"], "id": "CVE-2007-6282", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6282", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:55", "description": "Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.", "edition": 3, "cvss3": {}, "published": "2008-04-12T19:05:00", "title": "CVE-2007-6712", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6712"], "modified": "2017-09-29T01:30:00", "cpe": ["cpe:/a:kernel:linux_kernel:2.6.21_rc4"], "id": "CVE-2007-6712", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6712", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:kernel:linux_kernel:2.6.21_rc4:*:x64:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:54", "description": "The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 \"relies on user space to close the device,\" which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.", "edition": 3, "cvss3": {}, "published": "2007-09-26T21:17:00", "title": "CVE-2007-5093", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5093"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.20.9", "cpe:/o:linux:linux_kernel:2.6.12.22", "cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.6.22.3", "cpe:/o:linux:linux_kernel:2.6.19.1", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.6.21", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.4", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.6.8", "cpe:/o:linux:linux_kernel:2.6.21.1", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.6.22.1", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.23", "cpe:/o:linux:linux_kernel:2.6.19", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.6.20.15", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.6.20.11", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.6.19.2", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.6.20", "cpe:/o:linux:linux_kernel:2.6.22.7", "cpe:/o:linux:linux_kernel:2.6.22.4", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.6.20.8", "cpe:/o:linux:linux_kernel:2.6.3", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.6.20.14", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.6.6", "cpe:/o:linux:linux_kernel:2.6.20.12", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.20.3", "cpe:/o:linux:linux_kernel:2.6.5", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.6.8.1.5", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.6.21.4", "cpe:/o:linux:linux_kernel:2.6.18.3", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.6.2", "cpe:/o:linux:linux_kernel:2.6.22", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.6.22.5", "cpe:/o:linux:linux_kernel:2.6.13.5", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.6.18.2", "cpe:/o:linux:linux_kernel:2.6.9", "cpe:/o:linux:linux_kernel:2.6.20.2", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.20.5", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.6.20.4", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.6.7", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.11_rc1_bk6", "cpe:/o:linux:linux_kernel:2.6.15.11", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.6.18.4", "cpe:/o:linux:linux_kernel:2.6.21.3", "cpe:/o:linux:linux_kernel:2.6.8.1", "cpe:/o:linux:linux_kernel:2.6_test9_cvs", "cpe:/o:linux:linux_kernel:2.6.12.12", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.6.20.1", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.6.20.13", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.6.20.10", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.21.2", "cpe:/o:linux:linux_kernel:2.6.22.6"], "id": "CVE-2007-5093", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5093", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11_rc1_bk6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:50:58", "description": "Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.", "edition": 3, "cvss3": {}, "published": "2008-05-08T00:20:00", "title": "CVE-2008-1615", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1615"], "modified": "2017-09-29T01:30:00", "cpe": ["cpe:/o:redhat:enterprise_linux:as_4", "cpe:/o:redhat:enterprise_linux:es_4", "cpe:/o:redhat:enterprise_linux_desktop:4", "cpe:/o:redhat:enterprise_linux:ws_4"], "id": "CVE-2008-1615", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1615", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-04-09T11:40:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "description": "Check for the Version of kernel", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870078", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870078", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0275-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0275-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n \n * on AMD64 architectures, the possibility of a kernel crash was discovered\n by testing the Linux kernel process-trace ability. This could allow a local\n unprivileged user to cause a denial of service (kernel crash).\n (CVE-2008-1615, Important)\n \n * on 64-bit architectures, the possibility of a timer-expiration value\n overflow was found in the Linux kernel high-resolution timers\n functionality, hrtimer. This could allow a local unprivileged user to setup\n a large interval value, forcing the timer expiry value to become negative,\n causing a denial of service (kernel hang). (CVE-2007-6712, Important)\n \n * the possibility of a kernel crash was found in the Linux kernel IPsec\n protocol implementation, due to improper handling of fragmented ESP\n packets. When an attacker controlling an intermediate router fragmented\n these packets into very small pieces, it would cause a kernel crash on the\n receiving node during packet reassembly. (CVE-2007-6282, Important)\n \n * a potential denial of service attack was discovered in the Linux kernel\n PWC USB video driver. A local unprivileged user could use this flaw to\n bring the kernel USB subsystem into the busy-waiting state, causing a\n denial of service. (CVE-2007-5093, Low)\n \n As well, these updated packages fix the following bugs:\n \n * in certain situations, a kernel hang and a possible panic occurred when\n disabling the cpufreq daemon. This may have prevented system reboots from\n completing successfully.\n \n * continual &quot;softlockup&quot; messages, which occurred on the guest's console\n after a successful save and restore of a Red Hat Enterprise Linux 5\n para-virtualized guest, have been resolved.\n \n * in the previous kernel packages, the kernel may not have reclaimed NFS\n locks after a system reboot.\n \n Red Hat Enterprise Linux 5 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00010.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870078\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0275-01\");\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n script_name( \"RedHat Update for kernel RHSA-2008:0275-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870078", "href": "http://plugins.openvas.org/nasl.php?oid=870078", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0275-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0275-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n \n * on AMD64 architectures, the possibility of a kernel crash was discovered\n by testing the Linux kernel process-trace ability. This could allow a local\n unprivileged user to cause a denial of service (kernel crash).\n (CVE-2008-1615, Important)\n \n * on 64-bit architectures, the possibility of a timer-expiration value\n overflow was found in the Linux kernel high-resolution timers\n functionality, hrtimer. This could allow a local unprivileged user to setup\n a large interval value, forcing the timer expiry value to become negative,\n causing a denial of service (kernel hang). (CVE-2007-6712, Important)\n \n * the possibility of a kernel crash was found in the Linux kernel IPsec\n protocol implementation, due to improper handling of fragmented ESP\n packets. When an attacker controlling an intermediate router fragmented\n these packets into very small pieces, it would cause a kernel crash on the\n receiving node during packet reassembly. (CVE-2007-6282, Important)\n \n * a potential denial of service attack was discovered in the Linux kernel\n PWC USB video driver. A local unprivileged user could use this flaw to\n bring the kernel USB subsystem into the busy-waiting state, causing a\n denial of service. (CVE-2007-5093, Low)\n \n As well, these updated packages fix the following bugs:\n \n * in certain situations, a kernel hang and a possible panic occurred when\n disabling the cpufreq daemon. This may have prevented system reboots from\n completing successfully.\n \n * continual &quot;softlockup&quot; messages, which occurred on the guest's console\n after a successful save and restore of a Red Hat Enterprise Linux 5\n para-virtualized guest, have been resolved.\n \n * in the previous kernel packages, the kernel may not have reclaimed NFS\n locks after a system reboot.\n \n Red Hat Enterprise Linux 5 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00010.html\");\n script_id(870078);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0275-01\");\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n script_name( \"RedHat Update for kernel RHSA-2008:0275-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~53.1.21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "description": "Oracle Linux Local Security Checks ELSA-2008-0275", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122589", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122589", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0275", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0275.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122589\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:48:43 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0275\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0275\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0275.html\");\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~53.1.21.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~53.1.21.0.1.el5~1.2.8~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~53.1.21.0.1.el5PAE~1.2.8~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~53.1.21.0.1.el5debug~1.2.8~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~53.1.21.0.1.el5xen~1.2.8~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~53.1.21.0.1.el5~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~53.1.21.0.1.el5PAE~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~53.1.21.0.1.el5debug~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~53.1.21.0.1.el5xen~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-26T08:55:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-1367"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-install-initrd\n um-host-kernel\n kernel-debug\n kernel-bigsmp\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5028577 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65330", "href": "http://plugins.openvas.org/nasl.php?oid=65330", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5028577.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-install-initrd\n um-host-kernel\n kernel-debug\n kernel-bigsmp\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5028577 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65330);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1615\", \"CVE-2008-1375\", \"CVE-2007-6282\", \"CVE-2008-1367\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"um-host-install-initrd\", rpm:\"um-host-install-initrd~1.0~48.27\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-12T11:20:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-1367"], "description": "Check for the Version of kernel", "modified": "2017-12-08T00:00:00", "published": "2009-01-23T00:00:00", "id": "OPENVAS:850014", "href": "http://plugins.openvas.org/nasl.php?oid=850014", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2008:031", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_031.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for kernel SUSE-SA:2008:031\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This kernel update fixes the following security problems:\n\n CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack\n by sending a bad ESP packet. This requires the host to be able to\n receive such packets (default filtered by the firewall).\n\n CVE-2008-1615: On x86_64 systems a denial of service attack could be\n used by local attackers to immediately panic / crash the machine.\n\n CVE-2008-1375: Fixed a dnotify race condition, which could be used\n by local attackers to potentially execute code.\n\n CVE-2008-1367: Clear the &quot;direction&quot; flag before calling signal\n handlers. For specific not yet identified programs under specific\n timing conditions this could potentially have caused memory corruption\n or code execution.\n\n Other changes and improvements include:\n - OCFS2 updated to 1.2.9\n - Significant bug fixes.\n\n More details are available in the RPM changelog.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"kernel on SUSE SLES 9, Novell Linux Desktop 9, Novell Linux POS 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850014);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2008-031\");\n script_cve_id(\"CVE-2007-6282\", \"CVE-2008-1367\", \"CVE-2008-1375\", \"CVE-2008-1615\");\n script_name( \"SuSE Update for kernel SUSE-SA:2008:031\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.5~7.312\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.5~7.312\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.5~7.312\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.5~7.312\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-um\", rpm:\"kernel-um~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"um-host-install-initrd\", rpm:\"um-host-install-initrd~1.0~48.27\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"um-host-kernel\", rpm:\"um-host-kernel~2.6.5~7.312\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-1367"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-install-initrd\n um-host-kernel\n kernel-debug\n kernel-bigsmp\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5028577 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065330", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065330", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5028577.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-install-initrd\n um-host-kernel\n kernel-debug\n kernel-bigsmp\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5028577 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65330\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1615\", \"CVE-2008-1375\", \"CVE-2007-6282\", \"CVE-2008-1367\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"um-host-install-initrd\", rpm:\"um-host-install-initrd~1.0~48.27\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1588-1.", "modified": "2017-07-07T00:00:00", "published": "2008-06-11T00:00:00", "id": "OPENVAS:61103", "href": "http://plugins.openvas.org/nasl.php?oid=61103", "type": "openvas", "title": "Debian Security Advisory DSA 1588-1 (linux-2.6)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1588_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1588-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that may\nlead to a denial of service. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2007-6712\n\nJohannes Bauer discovered an integer overflow condition in the hrtimer\nsubsystem on 64-bit systems. This can be exploited by local users to\ntrigger a denial of service (DoS) by causing the kernel to execute an\ninfinite loop.\n\nCVE-2008-1615\n\nJan Kratochvil reported a local denial of service condition that\npermits local users on systems running the amd64 flavor kernel\nto cause a system crash.\n\nCVE-2008-2136\n\nPaul Harks discovered a memory leak in the Simple Internet Transition\n(SIT) code used for IPv6 over IPv4 tunnels. This can be exploited\nby remote users to cause a denial of service condition.\n\nCVE-2008-2137\n\nDavid Miller and Jan Lieskovsky discovered issues with the virtual\naddress range checking of mmaped regions on the sparc architecture\nthat may be exploited by local users to cause a denial of service.\n\nFor the stable distribution (etch), this problem has been fixed in version\n2.6.18.dfsg.1-18etch5.\n\nBuilds for linux-2.6/s390 and fai-kernels/powerpc were not yet available at\nthe time of this advisory. This advisory will be updated as these builds\nbecome available.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1588-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201588-1\";\n\n\nif(description)\n{\n script_id(61103);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-06-11 18:37:44 +0200 (Wed, 11 Jun 2008)\");\n script_cve_id(\"CVE-2007-6712\", \"CVE-2008-1615\", \"CVE-2008-2136\", \"CVE-2008-2137\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1588-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.18-6\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-alpha\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fai-kernels\", ver:\"1.17+etch.18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-arm\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-hppa\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.18-1um-2etch.18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-i386\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-ia64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mips\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mipsel\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-sparc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1588-2.", "modified": "2017-07-07T00:00:00", "published": "2008-06-11T00:00:00", "id": "OPENVAS:61105", "href": "http://plugins.openvas.org/nasl.php?oid=61105", "type": "openvas", "title": "Debian Security Advisory DSA 1588-2 (linux-2.6)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1588_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1588-2 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that may\nlead to a denial of service. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2007-6712\n\nJohannes Bauer discovered an integer overflow condition in the hrtimer\nsubsystem on 64-bit systems. This can be exploited by local users to\ntrigger a denial of service (DoS) by causing the kernel to execute an\ninfinite loop.\n\nCVE-2008-1615\n\nJan Kratochvil reported a local denial of service condition that\npermits local users on systems running the amd64 flavor kernel\nto cause a system crash.\n\nCVE-2008-2136\n\nPaul Harks discovered a memory leak in the Simple Internet Transition\n(SIT) code used for IPv6 over IPv4 tunnels. This can be exploited\nby remote users to cause a denial of service condition.\n\nCVE-2008-2137\n\nDavid Miller and Jan Lieskovsky discovered issues with the virtual\naddress range checking of mmaped regions on the sparc architecture\nthat may be exploited by local users to cause a denial of service.\n\nFor the stable distribution (etch), this problem has been fixed in version\n2.6.18.dfsg.1-18etch5.\n\nThis updated advisory adds the linux-2.6 build for s390 and the fai-kernels\nbuild for powerpc which were not yet available at the time of DSA-1588-1.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1588-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201588-2\";\n\n\nif(description)\n{\n script_id(61105);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-06-11 18:37:44 +0200 (Wed, 11 Jun 2008)\");\n script_cve_id(\"CVE-2007-6712\", \"CVE-2008-1615\", \"CVE-2008-2136\", \"CVE-2008-2137\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1588-2 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.18-6\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.18\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-alpha\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fai-kernels\", ver:\"1.17+etch.18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-arm\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-hppa\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.18-1um-2etch.18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-i386\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-ia64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mips\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mipsel\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390-tape\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-s390\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-sparc\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-18etch5\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "description": "Check for the Version of kernel", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870130", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870130", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0237-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0237-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n \n * the absence of a protection mechanism when attempting to access a\n critical section of code has been found in the Linux kernel open file\n descriptors control mechanism, fcntl. This could allow a local unprivileged\n user to simultaneously execute code, which would otherwise be protected\n against parallel execution. As well, a race condition when handling locks\n in the Linux kernel fcntl functionality, may have allowed a process\n belonging to a local unprivileged user to gain re-ordered access to the\n descriptor table. (CVE-2008-1669, Important)\n \n * on AMD64 architectures, the possibility of a kernel crash was discovered\n by testing the Linux kernel process-trace ability. This could allow a local\n unprivileged user to cause a denial of service (kernel crash).\n (CVE-2008-1615, Important)\n \n * the absence of a protection mechanism when attempting to access a\n critical section of code, as well as a race condition, have been found\n in the Linux kernel file system event notifier, dnotify. This could allow a\n local unprivileged user to get inconsistent data, or to send arbitrary\n signals to arbitrary system processes. (CVE-2008-1375, Important)\n \n Red Hat would like to thank Nick Piggin for responsibly disclosing the\n following issue:\n \n * when accessing kernel memory locations, certain Linux kernel drivers\n registering a fault handler did not perform required range checks. A local\n unprivileged user could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a kernel crash.\n (CVE-2008-0007, Important)\n \n * the possibility of a kernel crash was found in the Linux kernel IPsec\n protocol implementation, due to improper handling of fragmented ESP\n packets. When an attacker controlling an intermediate router fragmented\n these packets into very small pieces, it would cause a kernel crash on the\n receiving node during packet reassembly. (CVE-2007-6282, Important)\n \n * a flaw in the MOXA serial driver could allow a local unprivileged user\n to perform privileged operations, such as replacing firmware.\n (CVE-2005-0504, Important)\n \n As well, these updated packages fix the following bugs:\n \n * multiple buffer overflows in the neofb driver have been resolved. It was\n not possible for an unprivileged user to exploit these issues, and as such,\n they have not been handled as ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00002.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870130\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0237-01\");\n script_cve_id(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n script_name( \"RedHat Update for kernel RHSA-2008:0237-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870130", "href": "http://plugins.openvas.org/nasl.php?oid=870130", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0237-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0237-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n \n * the absence of a protection mechanism when attempting to access a\n critical section of code has been found in the Linux kernel open file\n descriptors control mechanism, fcntl. This could allow a local unprivileged\n user to simultaneously execute code, which would otherwise be protected\n against parallel execution. As well, a race condition when handling locks\n in the Linux kernel fcntl functionality, may have allowed a process\n belonging to a local unprivileged user to gain re-ordered access to the\n descriptor table. (CVE-2008-1669, Important)\n \n * on AMD64 architectures, the possibility of a kernel crash was discovered\n by testing the Linux kernel process-trace ability. This could allow a local\n unprivileged user to cause a denial of service (kernel crash).\n (CVE-2008-1615, Important)\n \n * the absence of a protection mechanism when attempting to access a\n critical section of code, as well as a race condition, have been found\n in the Linux kernel file system event notifier, dnotify. This could allow a\n local unprivileged user to get inconsistent data, or to send arbitrary\n signals to arbitrary system processes. (CVE-2008-1375, Important)\n \n Red Hat would like to thank Nick Piggin for responsibly disclosing the\n following issue:\n \n * when accessing kernel memory locations, certain Linux kernel drivers\n registering a fault handler did not perform required range checks. A local\n unprivileged user could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a kernel crash.\n (CVE-2008-0007, Important)\n \n * the possibility of a kernel crash was found in the Linux kernel IPsec\n protocol implementation, due to improper handling of fragmented ESP\n packets. When an attacker controlling an intermediate router fragmented\n these packets into very small pieces, it would cause a kernel crash on the\n receiving node during packet reassembly. (CVE-2007-6282, Important)\n \n * a flaw in the MOXA serial driver could allow a local unprivileged user\n to perform privileged operations, such as replacing firmware.\n (CVE-2005-0504, Important)\n \n As well, these updated packages fix the following bugs:\n \n * multiple buffer overflows in the neofb driver have been resolved. It was\n not possible for an unprivileged user to exploit these issues, and as such,\n they have not been handled as ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-May/msg00002.html\");\n script_id(870130);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0237-01\");\n script_cve_id(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n script_name( \"RedHat Update for kernel RHSA-2008:0237-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~67.0.15.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:32", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "description": "[2.6.18-53.1.21.0.1.el5]\n- [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [ORA 6045759]\n- [NET] Fix msi issue with kexec/kdump (Michael Chan) [ORA 6219364]\n- [MM] Fix alloc_pages_node() static 'nid' race made kernel crash (Joe Jin) [ORA 6187457]\n- [splice] Fix bad unlock_page() in error case (Jens Axboe) [ORA 6263574]\n- [dio] fix error-path crashes (Linux Torvalds) [ORA 6242289]\n[2.6.18-53.1.21.el5]\n- [misc] infinite loop in highres timers (Michal Schmidt ) [440001]\n- [video] PWC driver DoS (Pete Zaitcev ) [308521]\n- [x86_64] fix unprivileged crash on %cs corruption (Jarod Wilson ) [439787]\n- [net] ESP: ensure IV is in linear part of the skb (Thomas Graf ) [427247]\n- [cpufreq] booting with maxcpus=1 panics (Doug Chapman ) [429516]\n- [net] sunrpc: lockd recovery is broken (Steve Dickson ) [445360]\n- [cpufreq] don't take sem in cpufreq_quick_get (Doug Chapman ) [400821]\n- [cpufreq] remove hotplug cpu cruft (Doug Chapman ) [400821]\n- [cpufreq] governor: use new rwsem locking in work cb (Doug Chapman ) [400821]\n- [cpufreq] ondemand governor restructure the work cb (Doug Chapman ) [400821]\n- [cpufreq] rewrite lock to eliminate hotplug issues (Doug Chapman ) [400821]\n[2.6.18-53.1.20.el5]\n- [misc] fix softlockup warnings/crashes (Chris Lalancette ) [444402]", "edition": 4, "modified": "2008-05-20T00:00:00", "published": "2008-05-20T00:00:00", "id": "ELSA-2008-0275", "href": "http://linux.oracle.com/errata/ELSA-2008-0275.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "description": "[2.6.9-67.0.15.0.1.EL]\n- fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) [orabug 6845794]\n- fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) [orabug 5931647]\n- fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]\n- fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648]\n- remove patch sysrq-b that queues upto keventd thread [orabug 6125546]\n- allow more than 4GB hugepage for single user (Herbert van den Bergh) [orabug 6002738]\n- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]\n[2.6.9-67.0.15]\n-fix kabi breakage in 67.0.14\n[2.6.9-67.0.14]\n-fs: serialize file access for dnotify (Alexander Viro) [443437] {CVE-2008-1669}\n-update: fix race condition in dnotify (Alexander Viro) [439756] {CVE-2008-1375}\n[2.6.9-67.0.13]\n-Revert: Add HP DL580 G5 to bfsort whitelist (Tony Camuso) [437976]\n[2.6.9-67.0.12]\n-fs: fix race condition in dnotify (Alexander Viro) [439756] {CVE-2008-1375}\n[2.6.9-67.0.11]\n-nfs: High vm pagecache reclaim latency on systems with large highmem to lowmem ratio fix (Larry Woodman) [438345]\n-nfs: Fix nfs read performance regression. Introduce a new tunable (Larry Woodman) [438477]\n-Retry: check to see if agp is valid before reporting aperture size warnings (Brian Maly) [392771 431897]\n-Ensure IV is in linear part of the skb to avoid BUG due to OOB access (Thomas Graf) [427245] {CVE-2007-6282}\n-fix unprivileged crash on x86_64 cs corruption (Jarod Wilson) [439786] {CVE-2008-1615}\n[2.6.9-67.0.10]\n-update: do not return zero in mmap (Vitaly Mayatskikh) [400811]\n-neofb: avoid overwriting fb_info fields (Vitaly Mayatskikh) [430251]\n-[NET] link_watch: always schedule urgent events (Don Dutile) [436102]\n-nlm: fix a client side race on blocking locks (Jeff Layton) [436129]\n-nlm: cleanup for blocked locks (Jeff Layton) [436129]\n-Add HP DL580 G5 to bfsort whitelist (Tony Camuso) [437976]\n-nfs: Discard pagecache data for dirs on denty_iput (Jeff Layton) [437788]\n[2.6.9-67.0.9]\n-[NET] link_watch: handle jiffies wraparound (Vince Worthington) [436749]\n-libata: un-blacklist hitachi drives to enable NCQ (David Milburn) [436499]\n-libata: sata_nv may send commands with duplicate tags (David Milburn) [436499]\n[2.6.9-67.0.8]\n-Insufficient range checks in fault handlers with mremap (Vitaly Mayatskikh) [428968] {CVE-2008-0007}\n-[MOXA] buffer overflow in moxa driver (Vitaly Mayatskikh) [423131] {CVE-2005-0504}\n-Fix unix stream socket recv race condition (Hideo AOKI) [435122]", "edition": 4, "modified": "2008-05-07T00:00:00", "published": "2008-05-07T00:00:00", "id": "ELSA-2008-0237", "href": "http://linux.oracle.com/errata/ELSA-2008-0237.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:50", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "description": "[2.6.9-78.0.8.0.1.EL]\n- fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) \n [orabug 5931647]\n- fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) \n [orabug 6845794]\n- fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]\n- fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648]\n- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane) \n [orabug 6125546]\n- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]\n- fix guest spinning in xen (Herbert van den Bergh) [orabug 7004010]\n- fix serial port lock recursion (Herbert van den Bergh) [orabug 6761872]\n- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]\n- fix in nfs_attribute_timeout() (Trond Myklebust) [orabug 7378108]\n- [vm] Fix hang in shrink_zone for direct reclaim threads under heavy swapping \n load condition (John Sobecki,Chris Mason) [orabug 6086839]\n- use lfence instead of cpuid instruction to implement memory barriers \n (Herbert van den Bergh) [orabug 7452412]\n- add netpoll support to xen netfront (Tina Yang) [orabz 7261]\n[2.6.9-78.0.8]\n-pwc: fix kernel pwc driver dos (Eugene Teo) [308501 308511] {CVE-2007-5093}\n-[s390] prevent ptrace padding area read write in 31 bit mode (Jarod Wilson) [437932 438148] {CVE-2008-1514}\n-ext[234]: avoid printk floods in the face of directory corruption (Eric Sandeen) [459598 459599] {CVE-2008-3528}\n-kernel: open call allows setgid bit when user is not in new file's group (Eugene Teo) [463685 463686] {CVE-2008-4210}\n-cifs: fix o_append on directio mounts (Jeff Layton) [464494 461005]\n-ixgbe: remove device id for unsupported device (Andy Gospodarek) [465735 456533]\n-aacraid: remove quirk aac_quirk_scsi_32 for some controllers (Tomas Henzl) [468151 457552]\n-mptfusion: mpt causes panic if a raid 1 is configured (Tomas Henzl) [465265 469236]\n-cpufreq: support for affected_cpus (Brian Maly) [469647 465366]\n[2.6.9-78.0.7]\n-scsi: fix oops when removing devices from sym driver (Mike Christie) [455770 441545]\n-netdump: fix up several netdump issues (Neil Horman) [466113 461014]\n-mptfusion: fix outputting large amount of log message when issuing host reset (Tomas Henzl) [466217 455451]\n[2.6.9-78.0.6]\n-fix kernel snd_seq_oss_synth_make_info leak (Eugene Teo) [457998 457999] {CVE-2008-3272}\n-dio: zero struct dio with kzalloc instead of manually (Eugene Teo) [461089 461090] {CVE-2007-6716}\n-ext3: fix ext3 block accounting (Josef Bacik) [464496 450900]\n-fix regression in /proc/self/mem (Anton Arapov) [464747 460106]\n-allocate usb and scsi hba structs together (Pete Zaitcev) [465232 441552]\n-Fix do_wait() vs exec() race (Vitaly Mayatskikh) [466214 452706]", "edition": 4, "modified": "2008-11-19T00:00:00", "published": "2008-11-19T00:00:00", "id": "ELSA-2008-0972", "href": "http://linux.oracle.com/errata/ELSA-2008-0972.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.6, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:39", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0275\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* on AMD64 architectures, the possibility of a kernel crash was discovered\nby testing the Linux kernel process-trace ability. This could allow a local\nunprivileged user to cause a denial of service (kernel crash).\n(CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to setup\na large interval value, forcing the timer expiry value to become negative,\ncausing a denial of service (kernel hang). (CVE-2007-6712, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel IPsec\nprotocol implementation, due to improper handling of fragmented ESP\npackets. When an attacker controlling an intermediate router fragmented\nthese packets into very small pieces, it would cause a kernel crash on the\nreceiving node during packet reassembly. (CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux kernel\nPWC USB video driver. A local unprivileged user could use this flaw to\nbring the kernel USB subsystem into the busy-waiting state, causing a\ndenial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs:\n\n* in certain situations, a kernel hang and a possible panic occurred when\ndisabling the cpufreq daemon. This may have prevented system reboots from\ncompleting successfully.\n\n* continual \"softlockup\" messages, which occurred on the guest's console\nafter a successful save and restore of a Red Hat Enterprise Linux 5\npara-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed NFS\nlocks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated\npackages, which contain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-May/026954.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-May/026955.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0275.html", "edition": 3, "modified": "2008-05-21T12:48:13", "published": "2008-05-21T12:48:13", "href": "http://lists.centos.org/pipermail/centos-announce/2008-May/026954.html", "id": "CESA-2008:0275", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:24:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0237\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local unprivileged\nuser to simultaneously execute code, which would otherwise be protected\nagainst parallel execution. As well, a race condition when handling locks\nin the Linux kernel fcntl functionality, may have allowed a process\nbelonging to a local unprivileged user to gain re-ordered access to the\ndescriptor table. (CVE-2008-1669, Important)\n\n* on AMD64 architectures, the possibility of a kernel crash was discovered\nby testing the Linux kernel process-trace ability. This could allow a local\nunprivileged user to cause a denial of service (kernel crash).\n(CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could allow a\nlocal unprivileged user to get inconsistent data, or to send arbitrary\nsignals to arbitrary system processes. (CVE-2008-1375, Important)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue:\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A local\nunprivileged user could use this flaw to gain read or write access to\narbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel IPsec\nprotocol implementation, due to improper handling of fragmented ESP\npackets. When an attacker controlling an intermediate router fragmented\nthese packets into very small pieces, it would cause a kernel crash on the\nreceiving node during packet reassembly. (CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged user\nto perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs:\n\n* multiple buffer overflows in the neofb driver have been resolved. It was\nnot possible for an unprivileged user to exploit these issues, and as such,\nthey have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size, has\nbeen resolved.\n\n* a race condition in UNIX domain sockets may have caused \"recv()\" to\nreturn zero. In clustered configurations, this may have caused unexpected\nfailovers.\n\n* to prevent link storms, network link carrier events were delayed by up to\none second, causing unnecessary packet loss. Now, link carrier events are\nscheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS file\nsystems.\n\n* in certain situations, the libATA sata_nv driver may have sent commands\nwith duplicate tags, which were rejected by SATA devices. This may have\ncaused infinite reboots.\n\n* running the \"service network restart\" command may have caused networking\nto fail.\n\n* a bug in NFS caused cached information about directories to be stored\nfor too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance may\nhave been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated\npackages, which contain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-May/026926.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-May/026927.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-May/026929.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-May/026933.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0237.html", "edition": 4, "modified": "2008-05-10T18:21:04", "published": "2008-05-10T02:08:23", "href": "http://lists.centos.org/pipermail/centos-announce/2008-May/026926.html", "id": "CESA-2008:0237", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-01T13:33:06", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0972\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation. This\ncould have allowed a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\nkernel, a local unprivileged user could cause a denial of service by\nreading from or writing into a padding area in the user_regs_struct32\nstructure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear\nthe setuid and setgid bits. This could have allowed a local unprivileged\nuser to obtain access to privileged information. (CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open Sound\nSystem (OSS) implementation. This deficiency could have led to an\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux kernel's\nPWC USB video driver. A local unprivileged user could have used this flaw\nto bring the kernel USB subsystem into the busy-waiting state.\n(CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service issue when\nread or write operations were performed. (CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs:\n\n* when using the CIFS \"forcedirectio\" option, appending to an open file on\na CIFS share resulted in that file being overwritten with the data to be\nappended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was present\non a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when trying\nto load the aacraid driver and printed the following error message:\n\"aac_srb: aac_fib_send failed with status: 8195\".\n\n* due to an mpt driver regression, when RAID 1 was configured on Primergy\nsystems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\nduring boot.\n\n* the mpt driver produced a large number of extraneous debugging messages\nwhen performing a \"Host reset\" operation.\n\n* due to a regression in the sym driver, the kernel panicked when a SCSI\nhot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in\naccordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These are\naddressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative count\nof used blocks.\n\n* reading /proc/self/mem incorrectly returned \"Invalid argument\" instead of\n\"input/output error\" due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was\nremoved while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash during\nthe creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated\npackages, which contain backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027462.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027463.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027481.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-November/027483.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0972.html", "edition": 5, "modified": "2008-11-25T23:53:53", "published": "2008-11-20T14:26:01", "href": "http://lists.centos.org/pipermail/centos-announce/2008-November/027462.html", "id": "CESA-2008:0972", "title": "kernel security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-01T04:56:17", "description": "Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to\nsetup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). (CVE-2007-6712,\nImportant)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux\nkernel PWC USB video driver. A local unprivileged user could use this\nflaw to bring the kernel USB subsystem into the busy-waiting state,\ncausing a denial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs :\n\n* in certain situations, a kernel hang and a possible panic occurred\nwhen disabling the cpufreq daemon. This may have prevented system\nreboots from completing successfully.\n\n* continual 'softlockup' messages, which occurred on the guest's\nconsole after a successful save and restore of a Red Hat Enterprise\nLinux 5 para-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed\nNFS locks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 27, "published": "2008-05-20T00:00:00", "title": "RHEL 5 : kernel (RHSA-2008:0275)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "cpe:/o:redhat:enterprise_linux:5.1", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2008-0275.NASL", "href": "https://www.tenable.com/plugins/nessus/32391", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0275. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(32391);\n script_version (\"1.25\");\n script_cvs_date(\"Date: 2019/10/25 13:36:13\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n script_bugtraq_id(29081, 29086);\n script_xref(name:\"RHSA\", value:\"2008:0275\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:0275)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to\nsetup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). (CVE-2007-6712,\nImportant)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux\nkernel PWC USB video driver. A local unprivileged user could use this\nflaw to bring the kernel USB subsystem into the busy-waiting state,\ncausing a denial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs :\n\n* in certain situations, a kernel hang and a possible panic occurred\nwhen disabling the cpufreq daemon. This may have prevented system\nreboots from completing successfully.\n\n* continual 'softlockup' messages, which occurred on the guest's\nconsole after a successful save and restore of a Red Hat Enterprise\nLinux 5 para-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed\nNFS locks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0275\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0275\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0275\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-53.1.21.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-53.1.21.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:25:20", "description": "Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to\nsetup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). (CVE-2007-6712,\nImportant)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux\nkernel PWC USB video driver. A local unprivileged user could use this\nflaw to bring the kernel USB subsystem into the busy-waiting state,\ncausing a denial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs :\n\n* in certain situations, a kernel hang and a possible panic occurred\nwhen disabling the cpufreq daemon. This may have prevented system\nreboots from completing successfully.\n\n* continual 'softlockup' messages, which occurred on the guest's\nconsole after a successful save and restore of a Red Hat Enterprise\nLinux 5 para-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed\nNFS locks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 28, "published": "2010-01-06T00:00:00", "title": "CentOS 5 : kernel (CESA-2008:0275)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-PAE-devel", "p-cpe:/a:centos:centos:kernel-xen-devel", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:kernel-PAE", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2008-0275.NASL", "href": "https://www.tenable.com/plugins/nessus/43685", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0275 and \n# CentOS Errata and Security Advisory 2008:0275 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43685);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n script_bugtraq_id(29081, 29086);\n script_xref(name:\"RHSA\", value:\"2008:0275\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:0275)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to\nsetup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). (CVE-2007-6712,\nImportant)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux\nkernel PWC USB video driver. A local unprivileged user could use this\nflaw to bring the kernel USB subsystem into the busy-waiting state,\ncausing a denial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs :\n\n* in certain situations, a kernel hang and a possible panic occurred\nwhen disabling the cpufreq daemon. This may have prevented system\nreboots from completing successfully.\n\n* continual 'softlockup' messages, which occurred on the guest's\nconsole after a successful save and restore of a Red Hat Enterprise\nLinux 5 para-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed\nNFS locks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-May/014916.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f724d8e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-May/014917.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78982bc4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-53.1.21.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-53.1.21.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T04:35:29", "description": "From Red Hat Security Advisory 2008:0275 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to\nsetup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). (CVE-2007-6712,\nImportant)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux\nkernel PWC USB video driver. A local unprivileged user could use this\nflaw to bring the kernel USB subsystem into the busy-waiting state,\ncausing a denial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs :\n\n* in certain situations, a kernel hang and a possible panic occurred\nwhen disabling the cpufreq daemon. This may have prevented system\nreboots from completing successfully.\n\n* continual 'softlockup' messages, which occurred on the guest's\nconsole after a successful save and restore of a Red Hat Enterprise\nLinux 5 para-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed\nNFS locks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : kernel (ELSA-2008-0275)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-PAE", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-xen-devel", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-PAE-devel", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-xen"], "id": "ORACLELINUX_ELSA-2008-0275.NASL", "href": "https://www.tenable.com/plugins/nessus/67691", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0275 and \n# Oracle Linux Security Advisory ELSA-2008-0275 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67691);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/10/25 13:36:07\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\");\n script_bugtraq_id(29081, 29086);\n script_xref(name:\"RHSA\", value:\"2008:0275\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-0275)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0275 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to\nsetup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). (CVE-2007-6712,\nImportant)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a potential denial of service attack was discovered in the Linux\nkernel PWC USB video driver. A local unprivileged user could use this\nflaw to bring the kernel USB subsystem into the busy-waiting state,\ncausing a denial of service. (CVE-2007-5093, Low)\n\nAs well, these updated packages fix the following bugs :\n\n* in certain situations, a kernel hang and a possible panic occurred\nwhen disabling the cpufreq daemon. This may have prevented system\nreboots from completing successfully.\n\n* continual 'softlockup' messages, which occurred on the guest's\nconsole after a successful save and restore of a Red Hat Enterprise\nLinux 5 para-virtualized guest, have been resolved.\n\n* in the previous kernel packages, the kernel may not have reclaimed\nNFS locks after a system reboot.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-May/000600.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-5093\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1615\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0275\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-53.1.21.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-53.1.21.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:45:02", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2007-6712\n Johannes Bauer discovered an integer overflow condition\n in the hrtimer subsystem on 64-bit systems. This can be\n exploited by local users to trigger a denial of service\n (DoS) by causing the kernel to execute an infinite loop.\n\n - CVE-2008-1615\n Jan Kratochvil reported a local denial of service\n condition that permits local users on systems running\n the amd64 flavor kernel to cause a system crash.\n\n - CVE-2008-2136\n Paul Harks discovered a memory leak in the Simple\n Internet Transition (SIT) code used for IPv6 over IPv4\n tunnels. This can be exploited by remote users to cause\n a denial of service condition.\n\n - CVE-2008-2137\n David Miller and Jan Lieskovsky discovered issues with\n the virtual address range checking of mmaped regions on\n the sparc architecture that may be exploited by local\n users to cause a denial of service.", "edition": 27, "published": "2008-05-28T00:00:00", "title": "Debian DSA-1588-1 : linux-2.6 - denial of service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "modified": "2008-05-28T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:linux-2.6"], "id": "DEBIAN_DSA-1588.NASL", "href": "https://www.tenable.com/plugins/nessus/32448", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1588. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32448);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6712\", \"CVE-2008-1615\", \"CVE-2008-2136\", \"CVE-2008-2137\");\n script_xref(name:\"DSA\", value:\"1588\");\n\n script_name(english:\"Debian DSA-1588-1 : linux-2.6 - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2007-6712\n Johannes Bauer discovered an integer overflow condition\n in the hrtimer subsystem on 64-bit systems. This can be\n exploited by local users to trigger a denial of service\n (DoS) by causing the kernel to execute an infinite loop.\n\n - CVE-2008-1615\n Jan Kratochvil reported a local denial of service\n condition that permits local users on systems running\n the amd64 flavor kernel to cause a system crash.\n\n - CVE-2008-2136\n Paul Harks discovered a memory leak in the Simple\n Internet Transition (SIT) code used for IPv6 over IPv4\n tunnels. This can be exploited by remote users to cause\n a denial of service condition.\n\n - CVE-2008-2137\n David Miller and Jan Lieskovsky discovered issues with\n the virtual address range checking of mmaped regions on\n the sparc architecture that may be exploited by local\n users to cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1588\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-18etch5.\n\nBuilds for linux-2.6/s390 and fai-kernels/powerpc were not yet\navailable at the time of this advisory. This advisory will be updated\nas these builds become available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T04:50:48", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix utrace dead_engine ops race\n\n - fix ptrace_attach leak\n\n - CVE-2007-5093: kernel PWC driver DoS\n\n - CVE-2007-6282: IPSec ESP kernel panics\n\n - CVE-2007-6712: kernel: infinite loop in highres timers\n (kernel hang)\n\n - CVE-2008-1615: kernel: ptrace: Unprivileged crash on\n x86_64 %cs corruption\n\n - CVE-2008-1294: kernel: setrlimit(RLIMIT_CPUINFO) with\n zero value doesn't inherit properly across children\n\n - CVE-2008-2136: kernel: sit memory leak\n\n - CVE-2008-2812: kernel: NULL ptr dereference in multiple\n network drivers due to missing checks in tty code\n\n - restore\n linux-2.6-x86-clear-df-flag-for-signal-handlers.patch\n\n - restore linux-2.6-utrace.patch /\n linux-2.6-xen-utrace.patch\n\n - Kernel security erratas for OVM 2.1.2 from bz#5932 :\n\n - CVE-2007-6063: isdn: fix possible isdn_net buffer\n overflows\n\n - CVE-2007-3104 Null pointer to an inode in a dentry can\n cause an oops in sysfs_readdir\n\n - CVE-2008-0598: write system call vulnerability\n\n - CVE-2008-1375: kernel: race condition in dnotify\n\n - CVE-2008-0001: kernel: filesystem corruption by\n unprivileged user via directory truncation\n\n - CVE-2008-2358: dccp: sanity check feature length\n\n - CVE-2007-5938: NULL dereference in iwl driver\n\n - RHSA-2008:0508: kernel: [x86_64] The string instruction\n version didn't zero the output on exception.\n\n - kernel: clear df flag for signal handlers\n\n - fs: missing dput in do_lookup error leaks dentries\n\n - sysfs: fix condition check in sysfs_drop_dentry\n\n - sysfs: fix race condition around sd->s_dentry\n\n - ieee80211: off-by-two integer underflow", "edition": 27, "published": "2014-11-26T00:00:00", "title": "OracleVM 2.1 : kernel (OVMSA-2008-2005)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2008-1294", "CVE-2007-3104", "CVE-2007-6282", "CVE-2008-0001", "CVE-2008-0598", "CVE-2008-1375", "CVE-2007-6712", "CVE-2007-5093", "CVE-2008-1615", "CVE-2007-5938", "CVE-2008-2358", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-kdump-devel", "cpe:/o:oracle:vm_server:2.1", "p-cpe:/a:oracle:vm:kernel-BOOT", "p-cpe:/a:oracle:vm:kernel-ovs", "p-cpe:/a:oracle:vm:kernel-kdump", "p-cpe:/a:oracle:vm:kernel-BOOT-devel", "p-cpe:/a:oracle:vm:kernel-ovs-devel"], "id": "ORACLEVM_OVMSA-2008-2005.NASL", "href": "https://www.tenable.com/plugins/nessus/79447", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2008-2005.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79447);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:06\");\n\n script_cve_id(\"CVE-2007-3104\", \"CVE-2007-5093\", \"CVE-2007-5938\", \"CVE-2007-6063\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-0001\", \"CVE-2008-0598\", \"CVE-2008-1294\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-2136\", \"CVE-2008-2358\", \"CVE-2008-2812\");\n script_bugtraq_id(24631, 26605, 27280, 29003, 29081, 29086, 29235, 29603, 29942, 30076);\n\n script_name(english:\"OracleVM 2.1 : kernel (OVMSA-2008-2005)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix utrace dead_engine ops race\n\n - fix ptrace_attach leak\n\n - CVE-2007-5093: kernel PWC driver DoS\n\n - CVE-2007-6282: IPSec ESP kernel panics\n\n - CVE-2007-6712: kernel: infinite loop in highres timers\n (kernel hang)\n\n - CVE-2008-1615: kernel: ptrace: Unprivileged crash on\n x86_64 %cs corruption\n\n - CVE-2008-1294: kernel: setrlimit(RLIMIT_CPUINFO) with\n zero value doesn't inherit properly across children\n\n - CVE-2008-2136: kernel: sit memory leak\n\n - CVE-2008-2812: kernel: NULL ptr dereference in multiple\n network drivers due to missing checks in tty code\n\n - restore\n linux-2.6-x86-clear-df-flag-for-signal-handlers.patch\n\n - restore linux-2.6-utrace.patch /\n linux-2.6-xen-utrace.patch\n\n - Kernel security erratas for OVM 2.1.2 from bz#5932 :\n\n - CVE-2007-6063: isdn: fix possible isdn_net buffer\n overflows\n\n - CVE-2007-3104 Null pointer to an inode in a dentry can\n cause an oops in sysfs_readdir\n\n - CVE-2008-0598: write system call vulnerability\n\n - CVE-2008-1375: kernel: race condition in dnotify\n\n - CVE-2008-0001: kernel: filesystem corruption by\n unprivileged user via directory truncation\n\n - CVE-2008-2358: dccp: sanity check feature length\n\n - CVE-2007-5938: NULL dereference in iwl driver\n\n - RHSA-2008:0508: kernel: [x86_64] The string instruction\n version didn't zero the output on exception.\n\n - kernel: clear df flag for signal handlers\n\n - fs: missing dput in do_lookup error leaks dentries\n\n - sysfs: fix condition check in sysfs_drop_dentry\n\n - sysfs: fix race condition around sd->s_dentry\n\n - ieee80211: off-by-two integer underflow\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2008-September/000003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?97ce6a60\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 20, 119, 189, 200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.1\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.1\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-2.6.18-8.1.15.1.19.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-devel-2.6.18-8.1.15.1.19.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-2.6.18-8.1.15.1.19.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-devel-2.6.18-8.1.15.1.19.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-2.6.18-8.1.15.1.19.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-devel-2.6.18-8.1.15.1.19.el5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-BOOT / kernel-BOOT-devel / kernel-kdump / kernel-kdump-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:31:40", "description": "This kernel update fixes the following security problems :\n\nCVE-2008-1615: On x86_64 a denial of service attack could be used by\nlocal attackers to immediately panic / crash the machine.\n\nCVE-2008-2358: A security problem in DCCP was fixed, which could be\nused by remote attackers to crash the machine.\n\nCVE-2007-6206: An information leakage during coredumping of root\nprocesses was fixed.\n\nCVE-2007-6712: A integer overflow in the hrtimer_forward function\n(hrtimer.c) in Linux kernel, when running on 64-bit systems, allows\nlocal users to cause a denial of service (infinite loop) via a timer\nwith a large expiry value, which causes the timer to always be\nexpired.\n\nCVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by\nremote attackers to immediately crash the machine.\n\nCVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could\npotentially allow local attackers to execute code by timing file\nlocking.\n\nCVE-2008-1367: Clear the 'direction' flag before calling signal\nhandlers. For specific not yet identified programs under specific\ntiming conditions this could potentially have caused memory corruption\nor code execution.\n\nCVE-2008-1375: Fixed a dnotify race condition, which could be used by\nlocal attackers to potentially execute code.\n\nCVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by\nsending a bad ESP packet. This requires the host to be able to receive\nsuch packets (default filtered by the firewall).\n\nCVE-2007-5500: A ptrace bug could be used by local attackers to hang\ntheir own processes indefinitely.\n\nCVE-2007-5904: A remote buffer overflow in CIFS was fixed which could\nbe used by remote attackers to crash the machine or potentially\nexecute code.\n\nAnd the following bugs (numbers are https://bugzilla.novell.com/\nreferences) :\n\n - patches.arch/x86-nosmp-implies-noapic.patch: When\n booting with nosmp or maxcpus=0 on i386 or x86-64, we\n must disable the I/O APIC, otherwise the system won't\n boot in most cases (bnc#308540).\n\n - patches.arch/i386-at-sysinfo-ehdr: i386: make\n AT_SYSINFO_EHDR consistent with AT_SYSINFO (bnc#289641).\n\n - patches.suse/bonding-workqueue: Update to fix a hang\n when closing a bonding device (342994).\n\n - patches.fixes/mptspi-dv-renegotiate-oops: mptlinux\n crashes on kernel 2.6.22 (bnc#271749).", "edition": 25, "published": "2008-06-24T00:00:00", "title": "openSUSE 10 Security Update : kernel (kernel-5336)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-5904", "CVE-2007-6282", "CVE-2008-1669", "CVE-2008-1375", "CVE-2007-6712", "CVE-2008-1615", "CVE-2007-6206", "CVE-2008-2358", "CVE-2008-1367", "CVE-2007-5500"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-bigsmp", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:kernel-xenpae", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-kdump"], "id": "SUSE_KERNEL-5336.NASL", "href": "https://www.tenable.com/plugins/nessus/33252", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5336.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(33252);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2019/10/25 13:36:32\");\n\n script_cve_id(\"CVE-2007-5500\", \"CVE-2007-5904\", \"CVE-2007-6206\", \"CVE-2007-6282\", \"CVE-2007-6712\", \"CVE-2008-1367\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\", \"CVE-2008-2136\", \"CVE-2008-2358\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5336)\");\n script_summary(english:\"Check for the kernel-5336 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update fixes the following security problems :\n\nCVE-2008-1615: On x86_64 a denial of service attack could be used by\nlocal attackers to immediately panic / crash the machine.\n\nCVE-2008-2358: A security problem in DCCP was fixed, which could be\nused by remote attackers to crash the machine.\n\nCVE-2007-6206: An information leakage during coredumping of root\nprocesses was fixed.\n\nCVE-2007-6712: A integer overflow in the hrtimer_forward function\n(hrtimer.c) in Linux kernel, when running on 64-bit systems, allows\nlocal users to cause a denial of service (infinite loop) via a timer\nwith a large expiry value, which causes the timer to always be\nexpired.\n\nCVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by\nremote attackers to immediately crash the machine.\n\nCVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could\npotentially allow local attackers to execute code by timing file\nlocking.\n\nCVE-2008-1367: Clear the 'direction' flag before calling signal\nhandlers. For specific not yet identified programs under specific\ntiming conditions this could potentially have caused memory corruption\nor code execution.\n\nCVE-2008-1375: Fixed a dnotify race condition, which could be used by\nlocal attackers to potentially execute code.\n\nCVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by\nsending a bad ESP packet. This requires the host to be able to receive\nsuch packets (default filtered by the firewall).\n\nCVE-2007-5500: A ptrace bug could be used by local attackers to hang\ntheir own processes indefinitely.\n\nCVE-2007-5904: A remote buffer overflow in CIFS was fixed which could\nbe used by remote attackers to crash the machine or potentially\nexecute code.\n\nAnd the following bugs (numbers are https://bugzilla.novell.com/\nreferences) :\n\n - patches.arch/x86-nosmp-implies-noapic.patch: When\n booting with nosmp or maxcpus=0 on i386 or x86-64, we\n must disable the I/O APIC, otherwise the system won't\n boot in most cases (bnc#308540).\n\n - patches.arch/i386-at-sysinfo-ehdr: i386: make\n AT_SYSINFO_EHDR consistent with AT_SYSINFO (bnc#289641).\n\n - patches.suse/bonding-workqueue: Update to fix a hang\n when closing a bonding device (342994).\n\n - patches.fixes/mptspi-dv-renegotiate-oops: mptlinux\n crashes on kernel 2.6.22 (bnc#271749).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 94, 119, 189, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-bigsmp-2.6.18.8-0.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-default-2.6.18.8-0.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-kdump-2.6.18.8-0.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-source-2.6.18.8-0.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-syms-2.6.18.8-0.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-xen-2.6.18.8-0.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-xenpae-2.6.18.8-0.10\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-default / kernel-kdump / kernel-source / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T04:56:16", "description": "Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local\nunprivileged user to simultaneously execute code, which would\notherwise be protected against parallel execution. As well, a race\ncondition when handling locks in the Linux kernel fcntl functionality,\nmay have allowed a process belonging to a local unprivileged user to\ngain re-ordered access to the descriptor table. (CVE-2008-1669,\nImportant)\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could\nallow a local unprivileged user to get inconsistent data, or to send\narbitrary signals to arbitrary system processes. (CVE-2008-1375,\nImportant)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue :\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged\nuser to perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n* multiple buffer overflows in the neofb driver have been resolved. It\nwas not possible for an unprivileged user to exploit these issues, and\nas such, they have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size,\nhas been resolved.\n\n* a race condition in UNIX domain sockets may have caused 'recv()' to\nreturn zero. In clustered configurations, this may have caused\nunexpected failovers.\n\n* to prevent link storms, network link carrier events were delayed by\nup to one second, causing unnecessary packet loss. Now, link carrier\nevents are scheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS\nfile systems.\n\n* in certain situations, the libATA sata_nv driver may have sent\ncommands with duplicate tags, which were rejected by SATA devices.\nThis may have caused infinite reboots.\n\n* running the 'service network restart' command may have caused\nnetworking to fail.\n\n* a bug in NFS caused cached information about directories to be\nstored for too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance\nmay have been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 27, "published": "2008-05-09T00:00:00", "title": "RHEL 4 : kernel (RHSA-2008:0237)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "cpe:/o:redhat:enterprise_linux:4.6"], "id": "REDHAT-RHSA-2008-0237.NASL", "href": "https://www.tenable.com/plugins/nessus/32162", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0237. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(32162);\n script_version (\"1.26\");\n script_cvs_date(\"Date: 2019/10/25 13:36:13\");\n\n script_cve_id(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n script_bugtraq_id(29003, 29076, 29081, 29086);\n script_xref(name:\"RHSA\", value:\"2008:0237\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2008:0237)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local\nunprivileged user to simultaneously execute code, which would\notherwise be protected against parallel execution. As well, a race\ncondition when handling locks in the Linux kernel fcntl functionality,\nmay have allowed a process belonging to a local unprivileged user to\ngain re-ordered access to the descriptor table. (CVE-2008-1669,\nImportant)\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could\nallow a local unprivileged user to get inconsistent data, or to send\narbitrary signals to arbitrary system processes. (CVE-2008-1375,\nImportant)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue :\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged\nuser to perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n* multiple buffer overflows in the neofb driver have been resolved. It\nwas not possible for an unprivileged user to exploit these issues, and\nas such, they have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size,\nhas been resolved.\n\n* a race condition in UNIX domain sockets may have caused 'recv()' to\nreturn zero. In clustered configurations, this may have caused\nunexpected failovers.\n\n* to prevent link storms, network link carrier events were delayed by\nup to one second, causing unnecessary packet loss. Now, link carrier\nevents are scheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS\nfile systems.\n\n* in certain situations, the libATA sata_nv driver may have sent\ncommands with duplicate tags, which were rejected by SATA devices.\nThis may have caused infinite reboots.\n\n* running the 'service network restart' command may have caused\nnetworking to fail.\n\n* a bug in NFS caused cached information about directories to be\nstored for too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance\nmay have been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0504\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0237\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 94, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0237\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0237\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:32:58", "description": "These updated packages fix the following security issues :\n\n - the absence of a protection mechanism when attempting to\n access a critical section of code has been found in the\n Linux kernel open file descriptors control mechanism,\n fcntl. This could allow a local unprivileged user to\n simultaneously execute code, which would otherwise be\n protected against parallel execution. As well, a race\n condition when handling locks in the Linux kernel fcntl\n functionality, may have allowed a process belonging to a\n local unprivileged user to gain re-ordered access to the\n descriptor table. (CVE-2008-1669, Important)\n\n - on AMD64 architectures, the possibility of a kernel\n crash was discovered by testing the Linux kernel\n process-trace ability. This could allow a local\n unprivileged user to cause a denial of service (kernel\n crash). (CVE-2008-1615, Important)\n\n - the absence of a protection mechanism when attempting to\n access a critical section of code, as well as a race\n condition, have been found in the Linux kernel file\n system event notifier, dnotify. This could allow a local\n unprivileged user to get inconsistent data, or to send\n arbitrary signals to arbitrary system processes.\n (CVE-2008-1375, Important)\n\n - when accessing kernel memory locations, certain Linux\n kernel drivers registering a fault handler did not\n perform required range checks. A local unprivileged user\n could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a kernel\n crash. (CVE-2008-0007, Important)\n\n - the possibility of a kernel crash was found in the Linux\n kernel IPsec protocol implementation, due to improper\n handling of fragmented ESP packets. When an attacker\n controlling an intermediate router fragmented these\n packets into very small pieces, it would cause a kernel\n crash on the receiving node during packet reassembly.\n (CVE-2007-6282, Important)\n\n - a flaw in the MOXA serial driver could allow a local\n unprivileged user to perform privileged operations, such\n as replacing firmware. (CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n - multiple buffer overflows in the neofb driver have been\n resolved. It was not possible for an unprivileged user\n to exploit these issues, and as such, they have not been\n handled as security issues.\n\n - a kernel panic, due to inconsistent detection of AGP\n aperture size, has been resolved.\n\n - a race condition in UNIX domain sockets may have caused\n 'recv()' to return zero. In clustered configurations,\n this may have caused unexpected failovers.\n\n - to prevent link storms, network link carrier events were\n delayed by up to one second, causing unnecessary packet\n loss. Now, link carrier events are scheduled\n immediately.\n\n - a client-side race on blocking locks caused large time\n delays on NFS file systems.\n\n - in certain situations, the libATA sata_nv driver may\n have sent commands with duplicate tags, which were\n rejected by SATA devices. This may have caused infinite\n reboots.\n\n - running the 'service network restart' command may have\n caused networking to fail.\n\n - a bug in NFS caused cached information about directories\n to be stored for too long, causing wrong attributes to\n be read.\n\n - on systems with a large highmem/lowmem ratio, NFS write\n performance may have been very slow when using small\n files.\n\n - a bug, which caused network hangs when the system clock\n was wrapped around zero, has been resolved.", "edition": 25, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "modified": "2021-01-02T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080507_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60394", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60394);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/25 13:36:17\");\n\n script_cve_id(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These updated packages fix the following security issues :\n\n - the absence of a protection mechanism when attempting to\n access a critical section of code has been found in the\n Linux kernel open file descriptors control mechanism,\n fcntl. This could allow a local unprivileged user to\n simultaneously execute code, which would otherwise be\n protected against parallel execution. As well, a race\n condition when handling locks in the Linux kernel fcntl\n functionality, may have allowed a process belonging to a\n local unprivileged user to gain re-ordered access to the\n descriptor table. (CVE-2008-1669, Important)\n\n - on AMD64 architectures, the possibility of a kernel\n crash was discovered by testing the Linux kernel\n process-trace ability. This could allow a local\n unprivileged user to cause a denial of service (kernel\n crash). (CVE-2008-1615, Important)\n\n - the absence of a protection mechanism when attempting to\n access a critical section of code, as well as a race\n condition, have been found in the Linux kernel file\n system event notifier, dnotify. This could allow a local\n unprivileged user to get inconsistent data, or to send\n arbitrary signals to arbitrary system processes.\n (CVE-2008-1375, Important)\n\n - when accessing kernel memory locations, certain Linux\n kernel drivers registering a fault handler did not\n perform required range checks. A local unprivileged user\n could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a kernel\n crash. (CVE-2008-0007, Important)\n\n - the possibility of a kernel crash was found in the Linux\n kernel IPsec protocol implementation, due to improper\n handling of fragmented ESP packets. When an attacker\n controlling an intermediate router fragmented these\n packets into very small pieces, it would cause a kernel\n crash on the receiving node during packet reassembly.\n (CVE-2007-6282, Important)\n\n - a flaw in the MOXA serial driver could allow a local\n unprivileged user to perform privileged operations, such\n as replacing firmware. (CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n - multiple buffer overflows in the neofb driver have been\n resolved. It was not possible for an unprivileged user\n to exploit these issues, and as such, they have not been\n handled as security issues.\n\n - a kernel panic, due to inconsistent detection of AGP\n aperture size, has been resolved.\n\n - a race condition in UNIX domain sockets may have caused\n 'recv()' to return zero. In clustered configurations,\n this may have caused unexpected failovers.\n\n - to prevent link storms, network link carrier events were\n delayed by up to one second, causing unnecessary packet\n loss. Now, link carrier events are scheduled\n immediately.\n\n - a client-side race on blocking locks caused large time\n delays on NFS file systems.\n\n - in certain situations, the libATA sata_nv driver may\n have sent commands with duplicate tags, which were\n rejected by SATA devices. This may have caused infinite\n reboots.\n\n - running the 'service network restart' command may have\n caused networking to fail.\n\n - a bug in NFS caused cached information about directories\n to be stored for too long, causing wrong attributes to\n be read.\n\n - on systems with a large highmem/lowmem ratio, NFS write\n performance may have been very slow when using small\n files.\n\n - a bug, which caused network hangs when the system clock\n was wrapped around zero, has been resolved.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0805&L=scientific-linux-errata&T=0&P=304\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1453e5f4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:19", "description": "Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local\nunprivileged user to simultaneously execute code, which would\notherwise be protected against parallel execution. As well, a race\ncondition when handling locks in the Linux kernel fcntl functionality,\nmay have allowed a process belonging to a local unprivileged user to\ngain re-ordered access to the descriptor table. (CVE-2008-1669,\nImportant)\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could\nallow a local unprivileged user to get inconsistent data, or to send\narbitrary signals to arbitrary system processes. (CVE-2008-1375,\nImportant)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue :\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged\nuser to perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n* multiple buffer overflows in the neofb driver have been resolved. It\nwas not possible for an unprivileged user to exploit these issues, and\nas such, they have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size,\nhas been resolved.\n\n* a race condition in UNIX domain sockets may have caused 'recv()' to\nreturn zero. In clustered configurations, this may have caused\nunexpected failovers.\n\n* to prevent link storms, network link carrier events were delayed by\nup to one second, causing unnecessary packet loss. Now, link carrier\nevents are scheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS\nfile systems.\n\n* in certain situations, the libATA sata_nv driver may have sent\ncommands with duplicate tags, which were rejected by SATA devices.\nThis may have caused infinite reboots.\n\n* running the 'service network restart' command may have caused\nnetworking to fail.\n\n* a bug in NFS caused cached information about directories to be\nstored for too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance\nmay have been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 28, "published": "2010-01-06T00:00:00", "title": "CentOS 4 : kernel (CESA-2008:0237)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-xenU-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-doc", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-xenU", "p-cpe:/a:centos:centos:kernel-hugemem-devel"], "id": "CENTOS_RHSA-2008-0237.NASL", "href": "https://www.tenable.com/plugins/nessus/43682", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0237 and \n# CentOS Errata and Security Advisory 2008:0237 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43682);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n script_bugtraq_id(29003, 29076, 29081, 29086);\n script_xref(name:\"RHSA\", value:\"2008:0237\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2008:0237)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local\nunprivileged user to simultaneously execute code, which would\notherwise be protected against parallel execution. As well, a race\ncondition when handling locks in the Linux kernel fcntl functionality,\nmay have allowed a process belonging to a local unprivileged user to\ngain re-ordered access to the descriptor table. (CVE-2008-1669,\nImportant)\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could\nallow a local unprivileged user to get inconsistent data, or to send\narbitrary signals to arbitrary system processes. (CVE-2008-1375,\nImportant)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue :\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged\nuser to perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n* multiple buffer overflows in the neofb driver have been resolved. It\nwas not possible for an unprivileged user to exploit these issues, and\nas such, they have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size,\nhas been resolved.\n\n* a race condition in UNIX domain sockets may have caused 'recv()' to\nreturn zero. In clustered configurations, this may have caused\nunexpected failovers.\n\n* to prevent link storms, network link carrier events were delayed by\nup to one second, causing unnecessary packet loss. Now, link carrier\nevents are scheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS\nfile systems.\n\n* in certain situations, the libATA sata_nv driver may have sent\ncommands with duplicate tags, which were rejected by SATA devices.\nThis may have caused infinite reboots.\n\n* running the 'service network restart' command may have caused\nnetworking to fail.\n\n* a bug in NFS caused cached information about directories to be\nstored for too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance\nmay have been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-May/014888.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe137d8d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-May/014889.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2564d283\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-May/014891.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c12bdf90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 94, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T04:35:29", "description": "From Red Hat Security Advisory 2008:0237 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local\nunprivileged user to simultaneously execute code, which would\notherwise be protected against parallel execution. As well, a race\ncondition when handling locks in the Linux kernel fcntl functionality,\nmay have allowed a process belonging to a local unprivileged user to\ngain re-ordered access to the descriptor table. (CVE-2008-1669,\nImportant)\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could\nallow a local unprivileged user to get inconsistent data, or to send\narbitrary signals to arbitrary system processes. (CVE-2008-1375,\nImportant)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue :\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged\nuser to perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n* multiple buffer overflows in the neofb driver have been resolved. It\nwas not possible for an unprivileged user to exploit these issues, and\nas such, they have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size,\nhas been resolved.\n\n* a race condition in UNIX domain sockets may have caused 'recv()' to\nreturn zero. In clustered configurations, this may have caused\nunexpected failovers.\n\n* to prevent link storms, network link carrier events were delayed by\nup to one second, causing unnecessary packet loss. Now, link carrier\nevents are scheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS\nfile systems.\n\n* in certain situations, the libATA sata_nv driver may have sent\ncommands with duplicate tags, which were rejected by SATA devices.\nThis may have caused infinite reboots.\n\n* running the 'service network restart' command may have caused\nnetworking to fail.\n\n* a bug in NFS caused cached information about directories to be\nstored for too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance\nmay have been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : kernel (ELSA-2008-0237)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6282", "CVE-2008-1669", "CVE-2005-0504", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-0007"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-xenU-devel", "p-cpe:/a:oracle:linux:kernel-xenU", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-largesmp-devel"], "id": "ORACLELINUX_ELSA-2008-0237.NASL", "href": "https://www.tenable.com/plugins/nessus/67685", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0237 and \n# Oracle Linux Security Advisory ELSA-2008-0237 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67685);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/10/25 13:36:07\");\n\n script_cve_id(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\");\n script_bugtraq_id(29003, 29076, 29081, 29086);\n script_xref(name:\"RHSA\", value:\"2008:0237\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2008-0237)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0237 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local\nunprivileged user to simultaneously execute code, which would\notherwise be protected against parallel execution. As well, a race\ncondition when handling locks in the Linux kernel fcntl functionality,\nmay have allowed a process belonging to a local unprivileged user to\ngain re-ordered access to the descriptor table. (CVE-2008-1669,\nImportant)\n\n* on AMD64 architectures, the possibility of a kernel crash was\ndiscovered by testing the Linux kernel process-trace ability. This\ncould allow a local unprivileged user to cause a denial of service\n(kernel crash). (CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could\nallow a local unprivileged user to get inconsistent data, or to send\narbitrary signals to arbitrary system processes. (CVE-2008-1375,\nImportant)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue :\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel\nIPsec protocol implementation, due to improper handling of fragmented\nESP packets. When an attacker controlling an intermediate router\nfragmented these packets into very small pieces, it would cause a\nkernel crash on the receiving node during packet reassembly.\n(CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged\nuser to perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs :\n\n* multiple buffer overflows in the neofb driver have been resolved. It\nwas not possible for an unprivileged user to exploit these issues, and\nas such, they have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size,\nhas been resolved.\n\n* a race condition in UNIX domain sockets may have caused 'recv()' to\nreturn zero. In clustered configurations, this may have caused\nunexpected failovers.\n\n* to prevent link storms, network link carrier events were delayed by\nup to one second, causing unnecessary packet loss. Now, link carrier\nevents are scheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS\nfile systems.\n\n* in certain situations, the libATA sata_nv driver may have sent\ncommands with duplicate tags, which were rejected by SATA devices.\nThis may have caused infinite reboots.\n\n* running the 'service network restart' command may have caused\nnetworking to fail.\n\n* a bug in NFS caused cached information about directories to be\nstored for too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance\nmay have been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-May/000585.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 94, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2005-0504\", \"CVE-2007-6282\", \"CVE-2008-0007\", \"CVE-2008-1375\", \"CVE-2008-1615\", \"CVE-2008-1669\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0237\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-67.0.15.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:05:50", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6282", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-1367"], "description": "This kernel update fixes the following security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-07-02T13:19:53", "published": "2008-07-02T13:19:53", "id": "SUSE-SA:2008:031", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html", "type": "suse", "title": "remote denial of service in kernel", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:49:41", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2136", "CVE-2007-5904", "CVE-2007-6282", "CVE-2008-1669", "CVE-2008-1375", "CVE-2007-6712", "CVE-2008-1615", "CVE-2007-6206", "CVE-2008-0600", "CVE-2008-2358", "CVE-2008-1367", "CVE-2008-2148", "CVE-2007-5500"], "description": "The Linux kernel update was updated on openSUSE 10.2 and 10.3 to fix the following security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-06-20T16:05:15", "published": "2008-06-20T16:05:15", "id": "SUSE-SA:2008:030", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html", "title": "remote denial of service in kernel", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:15:09", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2136", "CVE-2007-6282", "CVE-2008-1669", "CVE-2007-6151", "CVE-2008-1375", "CVE-2008-1615", "CVE-2007-6206", "CVE-2008-1367", "CVE-2007-5500"], "description": "The Linux kernel on the SUSE Linux Enterprise 10 Service Pack 1 line of products was updated to fix quite a number of security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-07-07T14:54:24", "published": "2008-07-07T14:54:24", "id": "SUSE-SA:2008:032", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html", "type": "suse", "title": "remote denial of service in kernel", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:56", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1669", "CVE-2008-1615", "CVE-2008-2372", "CVE-2008-2931", "CVE-2008-2812", "CVE-2008-1673"], "description": "The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 and fixes the following security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-07-21T10:42:10", "published": "2008-07-21T10:42:10", "id": "SUSE-SA:2008:035", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html", "title": "remote denial of service in kernel", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:45:04", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1669", "CVE-2008-1615", "CVE-2008-2372", "CVE-2008-2931", "CVE-2008-2812", "CVE-2008-1673"], "description": "This is a respin of the previous Linux kernel update for SUSE Linux Enterprise 10 SP2 as announced in SUSE-SA:2008:035, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-07-29T17:28:49", "published": "2008-07-29T17:28:49", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html", "id": "SUSE-SA:2008:038", "title": "remote denial of service in kernel", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:26", "bulletinFamily": "software", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-1588-1 security@debian.org\r\nhttp://www.debian.org/security/ dann frazier\r\nMay 27, 2008 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : denial of service\r\nProblem type : local/remote\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2007-6712 CVE-2008-1615 CVE-2008-2136 CVE-2008-2137\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that may\r\nlead to a denial of service. The Common Vulnerabilities and Exposures\r\nproject identifies the following problems:\r\n\r\nCVE-2007-6712\r\n\r\n Johannes Bauer discovered an integer overflow condition in the hrtimer\r\n subsystem on 64-bit systems. This can be exploited by local users to\r\n trigger a denial of service &#40;DoS&#41; by causing the kernel to execute an\r\n infinite loop.\r\n\r\nCVE-2008-1615\r\n\r\n Jan Kratochvil reported a local denial of service condition that\r\n permits local users on systems running the amd64 flavor kernel\r\n to cause a system crash.\r\n\r\nCVE-2008-2136\r\n\r\n Paul Harks discovered a memory leak in the Simple Internet Transition\r\n &#40;SIT&#41; code used for IPv6 over IPv4 tunnels. This can be exploited\r\n by remote users to cause a denial of service condition.\r\n\r\nCVE-2008-2137\r\n\r\n David Miller and Jan Lieskovsky discovered issues with the virtual\r\n address range checking of mmaped regions on the sparc architecture\r\n that may be exploited by local users to cause a denial of service.\r\n\r\nFor the stable distribution &#40;etch&#41;, this problem has been fixed in version\r\n2.6.18.dfsg.1-18etch5.\r\n\r\nBuilds for linux-2.6/s390 and fai-kernels/powerpc were not yet available at\r\nthe time of this advisory. This advisory will be updated as these builds\r\nbecome available.\r\n\r\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\r\nuser-mode-linux packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nThe following matrix lists additional source packages that were rebuilt for\r\ncompatability with or to take advantage of this update:\r\n\r\n Debian 4.0 &#40;etch&#41;\r\n fai-kernels 1.17+etch.18etch5\r\n user-mode-linux 2.6.18-1um-2etch.18etch5\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch5.dsc\r\n Size/MD5 checksum: 5672 70da3d3fa9c813c51429d8b5d3b2e8ea\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5.dsc\r\n Size/MD5 checksum: 740 94f5cb267a06c1dec878da90b9f1dd83\r\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\r\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch5.diff.gz\r\n Size/MD5 checksum: 5351147 abe5e0484f16f812708afc484e161bc5\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\r\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\r\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5.diff.gz\r\n Size/MD5 checksum: 17351 2f7dba888df3958188615ea041eca743\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5.tar.gz\r\n Size/MD5 checksum: 55660 0538ff4f7178e76ea127ebef056d6b06\r\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5.dsc\r\n Size/MD5 checksum: 892 be5c0a2ad62acc5172513a9ce287c94c\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\r\n Size/MD5 checksum: 41462358 4a72841c24a18efce23193d77f367fe1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch5_all.deb\r\n Size/MD5 checksum: 3718002 4f526d410be4803e0caa37b49447f4d2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\r\n Size/MD5 checksum: 1083076 615903cc33714c0cfa8dbcc48772a939\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\r\n Size/MD5 checksum: 3589354 d3f8c0a58d10ba994aca59ce80317fe8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\r\n Size/MD5 checksum: 54650 0ec7b128e82da0898223888f4fa07e53\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\r\n Size/MD5 checksum: 1592544 f1b06a865148d3ecc897f6f898b9f56a\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 54138 e7252716146d76ec712aa139287db245\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 23532610 9e2eba932bf5b4cbf909da8be17025f0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 54106 b537043ae0a9552a4e6c2d94cf2c2800\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 268424 dbbb97dee4c3070f9cd0172bcdc49ef4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 3027930 4c8fd619b7f8bb0f50e1bf0609e37a20\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 268084 6464e53b77d391c0417013c3b270c59f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 23463090 48ec7662494774ee942a6252fd44e07f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 3052820 51f401e43b054813abfbe1c422713370\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 269742 5c26e5083d2a86ea8ce9c80873fb0d3e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 23845162 28d1de6a26fd663eeb2e3977923575c8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 23484076 c04d5474a002c0c6872b0c0779499e00\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch5_alpha.deb\r\n Size/MD5 checksum: 267482 537e40c1b92217edb912b680b30f8cd8\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 54108 f51956cb9e9c4fcce9d2852cc304c8de\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 54134 07e4c8015b83da692bf2128f73966043\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 16950720 269a05ec2a25fd5e6ce7df4cb5a998c6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 3396124 8f57552a6dc82815c1e0881f3d827c20\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 3227466 a28c80ec87bb6b6a7534c36e9a01a8b4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 16906784 c8ba6e5505966c0cbd559e07dc1a95ee\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 54082 a3e4fb024f6242b1761565cdb1a27bab\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 1682832 5bb35f10ad153f7a0e64d0560f36b14b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 3251476 a8994a53f8082ac755c5153f21645cb6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 274250 b632fc76029cda382920bbf17dc70c76\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 3421192 b41a836c46e5fb252989a41785d1374f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 274730 2483995f136e52562556017c2f0d4a96\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 274044 0d460826b9c6fac02574482db7914bd6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 15355064 384131032d56063c896019e39e037a96\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 274730 da10935f2b25722252c68761e5065405\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 54094 292e8525fc3f29d5166365da794cfaef\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 1651262 d538be2c0dda417622040c33f34cd237\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\r\n Size/MD5 checksum: 15366488 a3ad9046c3f774dd5097e6982ffe39fa\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_amd64.deb\r\n Size/MD5 checksum: 5960836 ccceae60cac558233545c4c4cdbe409e\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 54180 fbd9dae1ecda050a0b0734b04db35501\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 7924540 fcc6f7d63d622745a55c4bd9fa066560\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 239248 e9e3b3e13071c64cc7e6f2dd7e15cfdb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 54140 f38cd11a11adfb18ea0aa4de1b08ea39\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 4587314 01782ba5f8d91bee1d77302e9a6a9e61\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 3410452 448786f55f94315700e03bb93b454621\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 234064 c0e792fcc328bedc6583179e5156266e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 7566024 d0423054e62d157a7fc10ad2e27e07a9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 204142 b4a419a3a28fb963c5279d9e9b125705\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 5009344 5613d609c1c046f2b2ba72c6c890c486\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 198814 12c93d0b1d0f0d61ecaf5bfebcf8eb3a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 233122 5bc42539dc40aaa1d81507b5f5a9bf83\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch5_arm.deb\r\n Size/MD5 checksum: 8870920 3a45be48b3293a9cbe193b0db5ab2d96\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 10996540 34a482a7404b6e48cc4202a3c031e39c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 11398886 13d0d088bbd0e90ba1ade33ee2ded031\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 54136 be5be650e3800c63cedec99e2c7823fa\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 11804256 cb47826af75d4ad2e3006ce8ea6ea493\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 195920 3883151884f603b502ed741945ffe3dd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 10548980 c6bf62e7a77bac7a9f13e88934a7edd8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 196764 53581705559a0ff4812e5622633ad987\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 197038 03b0dd0d144eddf69e9cbf4ae9b3c187\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 54114 b399acd2935e12d8580bac5075aca833\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 3021520 2d524cf038836529a4b5b98b527fb2c3\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch5_hppa.deb\r\n Size/MD5 checksum: 197926 929a482ee6043c8913e0a02297975d75\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 281128 96055c189ea53e2d36ef2ba928112fda\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 14279136 50f18a8d2410f33d2fa6b3d913d333c8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 54098 bc1b6debe849f30326190420aaf3bcf8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16336566 f0da95e8ce638a5246ad4d814f5fde09\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16375886 6d7a589bdf348d2b883b12dc59d821dc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 280108 03ecf352b9f9808cfad169da68bae00d\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_i386.deb\r\n Size/MD5 checksum: 5504676 89f5fa03885ee4f737461182eabd709b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 3168146 107659ec75db011516e29d898c3bc63b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 272402 ed55cb5a5a38b9b98ea99afda45fa179\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 283546 645d7a6511ed1edd8d939bcf23a06db0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16404516 342d98b58ac8d8e4e66923a4ce993463\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 280800 53a9b58e467b80f51e9164099ec88e18\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16836824 56389bee0ae2c10099f7e19760c7b89f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 277982 6242067c054616623741facb41be96b7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 54098 4845efdb09aea41ef938c090530335d6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 3148840 26b1b0193f25d457db81ed3893c0d1de\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16467076 aa6cc19fdd8d3c4688ae4ea2c35e667b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 54084 30945bdfc901629b6f1df13c704e70a7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 272478 0563e7854cbbe484cbe7ba042c89b19c\r\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5_i386.deb\r\n Size/MD5 checksum: 25587444 e2c0ff4dc80f241a41f27e415497462c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 1326822 d6eccf90389e1f5fd41653ef2da4060a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 3170850 4d2061539468c3788a8032e5e27aadfb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 14289748 1e8a50868e7dee3bcf4ed7e8469c20ff\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 272122 ac3985bf454e339c3a02ee17a4a4104c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 1299688 f3a4ef71801a826f1da151fd12e4be57\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 281326 2b142556dc07fa41dada942fcf36cc8e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16190240 8a63f6a2ac3b6334cbacb99129c76a9d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 3054490 f549787f1b48cf4a7bf5cad359776e72\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 16506826 4e0ef2228324c2fc14365a5aaeda0e30\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch5_i386.deb\r\n Size/MD5 checksum: 54160 8a5f9200a579604b5b44609549d0fec3\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 54132 9c4710a3f9fe303d8fb91b1bc2f26aba\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 255602 502b77e416d4146085c986e3f044ef65\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 255496 a1e152ea44a76c0376c0c5308e7eb73f\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 28013686 e3a9f2c0f65dbb32ddaef4279f46a02d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 54116 e91729e3a1d6c9e036b34a07d5322ea1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 28181240 a977c1726724712c52209f9448f4a430\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_ia64.deb\r\n Size/MD5 checksum: 3082082 d279733263714c558f68651a532950d0\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 54134 22a4791eab8c910e616d157866d53025\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 167044 70a9e850f5b589307c11d793d1ae6402\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 3413738 bacb0e69b1b775b8c107817388179890\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 187064 c5e7a3e6da64281a67676b1f574da751\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 54186 24256be3de335798d64096467935c740\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 8308966 ddf5ee18359c5814b7becca4bb6db245\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 15677882 5ae00f56b380829aa0a497776b0135f8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 154386 e901acfcbcc3b5549c30bbe7ce710cc6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 6125594 e396b15e9dcab593e4320236d7ac1572\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 15652934 8abfb40f359d54ac15854b782f8198bc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 9075546 c7bda747c97bd58ecf70afa6fb71a02a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 186748 16d2e8cce7839f20fbf5baa65f07094e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch5_mips.deb\r\n Size/MD5 checksum: 162974 f9993e3f13a281a749a77e83a2c706cf\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 15053122 38c50780f0382abf544339b0423c86b2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 54160 813b1edc195ae4a98f7c458e432e89ba\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 3350138 d4ffd93599f61d99b2f50ed87d31144d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 9863398 71469c0b29659c83f2f4996de5ae855b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 155774 bb807178ae81678f4cea5b64bcd8e0f9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 15030230 802e7f15ae2a00d4a3fd99f8d37e48f8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 182630 a9e57a79ab1530af02e9b61b81606fa9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 178290 bb9edbbf330c0b465ad37e0e5499b2b2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 54106 3abe49b4366693a69c50a899f3f7eeea\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 150042 64a877e7e1680dd1a69317d87888621a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 5941952 71641a79aa2f9869e4608b0df2cc78cc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 182772 e01dad553ee807ba9bd8b4f12275e79d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 155828 d95e8387335c55a5ded2340e8fec68f9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 6027796 c1cc067bcd418ae935e8f4a39e96dc78\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch5_mipsel.deb\r\n Size/MD5 checksum: 5926602 baf4afb27b59a0b9ef8b548a3f1a80f3\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 3392458 d0e49a4a623d77420317f8e6cec301a6\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 229438 bf578fa343cc77237329c34882b4d038\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 18294080 cb7f16ec55e918534e9042e7e0c5ef7c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 3414806 3a901290719800285b63c53e7b9d4109\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 15157308 f605138dd137eb4374139ec0cf79351a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 251522 4f8ef89f851229849bc5a3bc5b19c82b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 252312 e3c7462faede8715dd91b566a58f9b68\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 16969642 0607cea9945592510f5d3fb9f928c68e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 252654 a1a124efec56637b9dfa87c8cd9550cc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 245866 6745e27544fab3eb5aba4a97ebf0fd9a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 16402670 d3b6fdc36ccd744cc0c8956be6176e0b\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 17016920 e24f260fac43e592708bb9ba1e707c16\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 253460 8cf63cbc53c6272a748d33b1bd98dfb2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 18349664 4222693f7730b0e6833541ba79afd50e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 253334 e3314d10a9e3160c79a497967f44fbbd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 54160 2b3e2ac3e9367055f4e7669e56583beb\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 54112 3199cd9481a91d0def2d149bc0b59c4e\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\r\n Size/MD5 checksum: 16626546 e09c228686cb96ce5e56a142a6366e13\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 3190524 3e8e5ea3e72da553d2716dd73f0a5fb7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 10647606 9ec3d7c71c0a503b4294aa780a9fdd09\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 54110 f011e208c98ce3aeeaf9dd00ad82b6dd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 6411008 58c2219a0c20105cf239e323da2e0340\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 165004 ebcd3a274a921148a884d50eb71fb2c5\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 194096 ce1428b814293647a6e00c947270b813\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 195024 4c4ff026f91be55c689b43a19060620d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 10692826 1053f11e2d543a6c56f9f80f31dc28af\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 54140 46c81fa9576fa5e3ac9200115527f02a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 195748 32499d6fc1f632ec879464002dceb221\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 3168216 d78356180bcbe48cc6ac77a980e08e9d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\r\n Size/MD5 checksum: 10391204 8cb2fa5bd484dff88cab8741035128df\r\n\r\n These changes will probably be included in the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFIPD45huANDBmkLRkRAi5BAJsHnGiFMDJb1rkp/QJ38cRAhAB1xgCeIL0I\r\nctecy+cP3sK3xsDYTxot1Ug=\r\n=Vl8h\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-05-29T00:00:00", "published": "2008-05-29T00:00:00", "id": "SECURITYVULNS:DOC:19921", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19921", "title": "[SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:29", "bulletinFamily": "software", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "description": "Memory leak in IPv6 over IPv4 tunnels, mmap DoS on the SPARC architecture, DoS on amd64 architecture, DoS with hrtimer integer overflow on 64bit architectures.", "edition": 1, "modified": "2008-05-29T00:00:00", "published": "2008-05-29T00:00:00", "id": "SECURITYVULNS:VULN:9029", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9029", "title": "Linux multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:27", "bulletinFamily": "software", "cvelist": ["CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "Multiple DoS conditions.", "edition": 1, "modified": "2007-10-04T00:00:00", "published": "2007-10-04T00:00:00", "id": "SECURITYVULNS:VULN:8210", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8210", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:23", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 1381-1 security@debian.org\r\nhttp://www.debian.org/security/ Dann Frazier\r\nOctober 2nd, 2007 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : several\r\nProblem-Type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093\r\n\r\nSeveral local vulnerabilities have been discovered in the Linux kernel\r\nthat may lead to a denial of service or the execution of arbitrary\r\ncode. The Common Vulnerabilities and Exposures project identifies the\r\nfollowing problems:\r\n\r\nCVE-2006-5755\r\n\r\n The NT bit maybe leaked into the next task which can local attackers\r\n to cause a Denial of Service &#40;crash&#41; on systems which run the &#39;amd64&#39;\r\n flavour kernel. The stable distribution &#40;&#39;etch&#39;&#41; was not believed to\r\n be vulnerable to this issue at the time of release, however Bastian\r\n Blank discovered that this issue still applied to the &#39;xen-amd64&#39; and\r\n &#39;xen-vserver-amd64&#39; flavours, and is resolved by this DSA.\r\n\r\nCVE-2007-4133\r\n\r\n Hugh Dickins discovered a potential local DoS &#40;panic&#41; in hugetlbfs.\r\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\r\n local users to trigger a BUG_ON&#40;&#41; call in exit_mmap.\r\n\r\nCVE-2007-4573\r\n\r\n Wojciech Purczynski discovered a vulnerability that can be exploited\r\n by a local user to obtain superuser privileges on x86_64 systems.\r\n This resulted from improper clearing of the high bits of registers\r\n during ia32 system call emulation. This vulnerability is relevant\r\n to the Debian amd64 port as well as users of the i386 port who run\r\n the amd64 linux-image flavour.\r\n\r\n DSA-1378 resolved this problem for the &#39;amd64&#39; flavour kernels, but\r\n Tim Wickberg and Ralf Hemmenst\u0413dt reported an outstanding issue with\r\n the &#39;xen-amd64&#39; and &#39;xen-vserver-amd64&#39; issues that is resolved by\r\n this DSA.\r\n\r\nCVE-2007-5093\r\n\r\n Alex Smith discovered an issue with the pwc driver for certain webcam\r\n devices. If the device is removed while a userspace application has it\r\n open, the driver will wait for userspace to close the device, resulting\r\n in a blocked USB subsystem. This issue is of low security impact as\r\n it requires the attacker to either have physical access to the system\r\n or to convince a user with local access to remove the device on their\r\n behalf.\r\n \r\nThese problems have been fixed in the stable distribution in version \r\n2.6.18.dfsg.1-13etch4.\r\n\r\nAt the time of this DSA, only the build for the amd64 architecture is\r\navailable. Due to the severity of the amd64-specific issues, we are\r\nreleasing an incomplete update. This advisory will be updated once\r\nother architecture builds become available.\r\n\r\nWe recommend that you upgrade your kernel package immediately and reboot\r\nthe machine. If you have built a custom kernel from the kernel source\r\npackage, you will need to rebuild to take advantage of these fixes.\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc\r\n Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz\r\n Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\r\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\r\n\r\n Architecture independent components:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd\r\n\r\n AMD64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ etch/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFHAvmDhuANDBmkLRkRAnP+AJ9AjvJ0omMbXO1kkyncnucj9DKgcwCfaRGg\r\nyOqlvjNwuKuGmBPP2MvwDhg=\r\n=j6lX\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2007-10-04T00:00:00", "published": "2007-10-04T00:00:00", "id": "SECURITYVULNS:DOC:18111", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18111", "title": "[SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-3272", "CVE-2007-6282", "CVE-2008-2826", "CVE-2008-0598", "CVE-2008-2729", "CVE-2008-2931", "CVE-2008-3275", "CVE-2008-2812"], "description": "IPSec ESP pacjet parsing DoS, multiple local DoS conditions, kernel memory data leak, privilege escalation.", "edition": 1, "modified": "2008-08-21T00:00:00", "published": "2008-08-21T00:00:00", "id": "SECURITYVULNS:VULN:9235", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9235", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-3272", "CVE-2007-6282", "CVE-2008-2826", "CVE-2008-0598", "CVE-2008-2729", "CVE-2008-2931", "CVE-2008-3275", "CVE-2008-2812"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-1630-1 security@debian.org\r\nhttp://www.debian.org/security/ dann frazier\r\nAug 21, 2008 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : denial of service/information leak\r\nProblem type : several\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2007-6282 CVE-2008-0598 CVE-2008-2729 CVE-2008-2812\r\n CVE-2008-2826 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that may\r\nlead to a denial of service or arbitrary code execution. The Common\r\nVulnerabilities and Exposures project identifies the following\r\nproblems:\r\n\r\nCVE-2007-6282\r\n\r\n Dirk Nehring discovered a vulnerability in the IPsec code that allows\r\n remote users to cause a denial of service by sending a specially crafted\r\n ESP packet.\r\n\r\nCVE-2008-0598\r\n\r\n Tavis Ormandy discovered a vulnerability that allows local users to access\r\n uninitialized kernel memory, possibly leaking sensitive data. This issue\r\n is specific to the amd64-flavour kernel images.\r\n\r\nCVE-2008-2729\r\n\r\n Andi Kleen discovered an issue where uninitialized kernel memory\r\n was being leaked to userspace during an exception. This issue may allow\r\n local users to gain access to sensitive data. Only the amd64-flavour\r\n Debian kernel images are affected.\r\n\r\nCVE-2008-2812\r\n\r\n Alan Cox discovered an issue in multiple tty drivers that allows\r\n local users to trigger a denial of service &#40;NULL pointer dereference&#41;\r\n and possibly obtain elevated privileges.\r\n\r\nCVE-2008-2826\r\n\r\n Gabriel Campana discovered an integer overflow in the sctp code that\r\n can be exploited by local users to cause a denial of service.\r\n\r\nCVE-2008-2931\r\n\r\n Miklos Szeredi reported a missing privilege check in the do_change_type&#40;&#41;\r\n function. This allows local, unprivileged users to change the properties\r\n of mount points.\r\n\r\nCVE-2008-3272\r\n\r\n Tobias Klein reported a locally exploitable data leak in the\r\n snd_seq_oss_synth_make_info&#40;&#41; function. This may allow local users\r\n to gain access to sensitive information.\r\n\r\nCVE-2008-3275\r\n\r\n Zoltan Sogor discovered a coding error in the VFS that allows local users\r\n to exploit a kernel memory leak resulting in a denial of service.\r\n\r\nFor the stable distribution &#40;etch&#41;, this problem has been fixed in\r\nversion 2.6.18.dfsg.1-22etch2.\r\n\r\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\r\nuser-mode-linux packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nThe following matrix lists additional source packages that were rebuilt for\r\ncompatability with or to take advantage of this update:\r\n\r\n Debian 4.0 &#40;etch&#41;\r\n fai-kernels 1.17+etch.22etch2\r\n user-mode-linux 2.6.18-1um-2etch.22etch2\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and\r\nsparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-22etch2.diff.gz\r\n Size/MD5 checksum: 5378366 80a876fbcded8984ff47308cf2ece776\r\n \r\nhttp://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\r\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2.dsc\r\n Size/MD5 checksum: 740 080fa46e372743186c973658347ceee1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\r\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\r\n \r\nhttp://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.22etch2.dsc\r\n Size/MD5 checksum: 892 30580beb633eb4806c40d659f552cd88\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-22etch2.dsc\r\n Size/MD5 checksum: 5672 780d93329a4cedaad9d0539c1cc400ac\r\n \r\nhttp://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.22etch2.diff.gz\r\n Size/MD5 checksum: 18180 2b9bbd3f4bcc3852320fc60d6947607e\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2.tar.gz\r\n Size/MD5 checksum: 56550 01fd54902e7ac7c3035c5176f1deae3c\r\n\r\nArchitecture independent packages:\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb\r\n Size/MD5 checksum: 3718952 804c3adc75403db743f603fd1dc44fa2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\r\n Size/MD5 checksum: 41460250 9fda57df0d76f6300b162c0765a87e32\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\r\n Size/MD5 checksum: 1632622 6d644a3a0502065b7a9faa9a7efdb8f4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\r\n Size/MD5 checksum: 1087372 8ff719e7a81edaa38b5eca31a7aaee02\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\r\n Size/MD5 checksum: 3590476 b803de0252e4f027567c5c13db4afe0a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\r\n Size/MD5 checksum: 55722 a4dd6ba664f85780bbe1ebf7f3a77b25\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 23464338 df80e9f9afac5942ec8cd73c8fa2acd3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 55150 c752933d6628e0ebe75dbe47f29ad4e2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 268952 128bea32232629d3255799ddc83da7b3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 269648 7617546d15e940343cbe381dfecae010\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 3053804 f72f8a710f0a4da22bc8fd431d9195ee\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 268368 5c248dbb5e31cc30d4148196b1f5cef0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 55180 2a8a3e402015cf1908906180eb6f8a5f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 23846050 ba3b97267e75c3d8027627b2a3ece5fb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 23485982 9ea2f705c0a99080425de75c48c66904\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 269242 1edcca9164f4eecd392897903269c1e2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_alpha.deb\r\n Size/MD5 checksum: 3028978 253a048a7d3ccdf823b8e28b47e5f849\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2_amd64.deb\r\n Size/MD5 checksum: 5961854 67e6d9bddf32e6ff37f15a37f9aa2b04\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 55174 94bc1ab70d46a153205059b1ba2fbd9e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 279498 bf0107981fe6a603a9b72be5e94190bb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 16909690 0d7e343ec621b05fb565ed0c4b355c9e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 3252530 97dc43477d90cae8fd6b4033781ce589\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 277930 b719a1156f14a870b6f0fed9fcac0e26\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 55146 865ab31e1451d19f5374492c7b5cec02\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 55152 811c0ed6f63166536426b3a30a0ae6a0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 1652318 1e02b1e5c1315c6775efd5a3ebb8eba0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 3228660 b3491a01820796609c57ff0ca45cd991\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 1684052 214c87ec095a47ddb16cb5a0386385d0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 15370528 6429150ddfdc20c94f5dd9223ce1eefa\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 16955552 08dbcfaeb394f720be04b43584cc2dca\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 277636 0c1dd9ed04830cef72a2799682cdb373\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 3422414 a66a5347a66c224513912f23df6e7811\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 3397342 d69524c251013eca5cb9c2fc6ac49f08\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 278800 f808d9f0b51671184647976e61673ef7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 55126 dcc26a10c820fe676abf6d0a8f733190\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\r\n Size/MD5 checksum: 15356684 ca635c5a74fde0c121ac8ad0dca7f3bc\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 240724 05944f6adaed3622fdbf4fa94d9e37c1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 55194 cfb4019acf8ce2b9eca9a06cde8fa6d8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 200112 db009d7e4d83679ea6bf62352e8cbe27\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 7925520 1488da3529714a8490790357b2a28d34\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 235346 8bac39d6ded885fc5247046c1a0f5c1c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 205074 8fa04e311cd6e56aa2749d4146056c77\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 55234 060e1f4e0b26b2fb42fe0be4d8078952\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 3411494 cfe4f5b7273940720e2bc1e945631f1c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 4588214 42d8698407235b46507cf2d7b992c09c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 234198 35c06e74a9f26ab8217ea98df7c01a9b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 7567632 3e4a444afcf3df3e510e2c5000a4b684\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 5010844 a3a1c62fbe80192e80bcaac498036e92\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb\r\n Size/MD5 checksum: 8872222 e1a64be9bdc5246dd1d9ef666eb0a311\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 11805014 e45047cea390fd98d4a55557414b578e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 55184 397ca7761578ce779b6ef9bacc372ffb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 10551992 1d693cdd06bb4dee92a25cd886817522\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 55158 15e7aa685aea41e29ac6c76825e99ad6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 199066 5aaf2ce6a96449673f8a8f48f36cf841\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 11400554 53c5eca027dc1015bf6423cbe65536cd\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 10998698 050980b34cbc925f0842c161828aa1f7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 197944 1d45f1fe804821cc7b8aa80b0dec4f36\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 3022526 52b6702172ceb2064dde03ea3cacca7a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 198152 556e2b16e2988976dac562f1baad15a9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-22etch2_hppa.deb\r\n Size/MD5 checksum: 197130 298d3e069a1f6996685c4a5a8bc1bada\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16377614 74d1938921db193d10a0ff798fe7c005\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 272450 5468ca009d328fc890a6ab771ab20968\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16471330 35ea40d0f873d6c8ff819a62239623ac\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 280452 b055d4305ed580aa9603c3ff5b8c48ef\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16838150 45beacafd1a4902c055c41bd7711586a\r\n \r\nhttp://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.22etch2_i386.deb\r\n Size/MD5 checksum: 25589346 bf03c496e08b7d40f52f602011c07560\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16406940 0225f98fb843e23225875943b5179aa1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 55132 28a33a24ebdcdcad85d335499397c88c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 55196 16b6e16eefaeb5891ab4ba7f832d0ed3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 3169128 eb405a8b5c8b6d815c95f73262a99af1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 55144 3d96d807e874865af58831720adb4486\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 3055432 a496fea546da3a21748b444ffd6836ec\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 272846 c58bde7235a1f1ac5c8145dc1ae9346b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 55140 eee1bdfac4bbecc919d0151b2e23d24c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 14292444 19fe5544166f396830fef3a1b4e4626f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 280608 496144bbb1d620644189d012b9d6ea70\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 282902 f4145bd74ab9467b1af36da46b7666ef\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 279034 26430131dc00922da7c9b034c191eaf1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 272230 871474e9b227166f527391aa064ec971\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2_i386.deb\r\n Size/MD5 checksum: 5505296 9da61c3c82edf996a6324ebd4517251c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 3149672 c6cbb32f47b75db7d63a6fcf84e0df38\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 3171866 333ceba6af38b86e41a1db10fc764319\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 281062 c0c403aedd560ad15fb7d90c54ce3145\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16192240 a4a3d514e989d64042c46d3ad8d0b0ae\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 278950 9de592d811e51eeb07ebe193f8734d15\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16337664 a367c6561e7cf8ff701a731d8072dca2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 1328006 c5089d6b0fa44ce46fdbbd17140cb9c6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 16509906 c8894d32a5f39e7512d2db9de74ddf3c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 1300920 9c42c8356ab3a07b89f2d95f47de5303\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\r\n Size/MD5 checksum: 14281014 32f281f475d4ee1f2d67dd029231ea46\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 256640 e96b0df79e67e6049d8feeb73e63f287\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 55174 c93847739b57f47faacaf642de4ab6c1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 256732 af4ee0bbafe50ce27d875243fe626ab9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 28181368 dff959a14317741919a7a46d73c273a8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 55146 9f30373190856528f752d21d66a88053\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 28014200 d290bc90985342dfe3b348d3e1d07922\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_ia64.deb\r\n Size/MD5 checksum: 3083012 cbb353d4e8cb3a2bfc4dbf43f4427344\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 8311782 6b24a125c1b553bd4f69d830f2d19eaa\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 6124616 ab5d97cb43f8e7d0f7cfebe2db2416df\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 55190 1cd7be3bb06e63ecf67e6c5c175aa201\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 187898 a74c79e4b6de9312c1a531b7d1c04e06\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 164036 58db324ddfe7d1b3f7086c67091c1ae3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 15654946 4c99171f6b6e8e0b06d88f65244f5a5c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 155578 71edf3d7d29b414ee8fe9c26d98afe2f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 15680482 79ca37454bab6d11c4af5621e3963e87\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 168240 0eafb18463f917510d3110c74786742d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 3415314 94c72a62a2c3c52535c3ef4936400ad9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 9077040 581d6744c0c10ec63b06b5d058e44a87\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 55236 7c94ce0a6b000ba9abcc0bf8272e033c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb\r\n Size/MD5 checksum: 188208 2356f7b9cf66b0694b1b7bb07e9e1df0\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 3351164 f15965863479e2b0eab136c912b25ebd\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 183690 e20c71f57188bc8458abb4dc212402f3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 156886 65c9aec3009d7ace0550bee15d0bd34c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 151270 92419bb4255d3989eef1b3d2e616e5a5\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 9864388 2aa86c68a6c8ac36e8dc22aafcac34fb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 183862 262a4f1a05c00b6c2752733101d2bb4b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 6030536 1199eb8f7b6a9b4ff1a32ebccfcd7074\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 5944692 205d02fd233142d8058874e6ead00e94\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 156854 1f02416baf0082238418bba97eb8aa4f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 15028044 00f2ad06dfa6c908036349c35a5a8e39\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 55154 6b6f4c17287d5e053d716a742cb738a0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 179462 e5497abf20a5461319d8f1d7c37d19b3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 15057484 ea8ab2c273fbc3d282d0120cdbbe5c34\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 55208 f3bfa65fa08c4ad552aef1536bdd1fcc\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-22etch2_mipsel.deb\r\n Size/MD5 checksum: 5928064 cad7b6b3653d205a39e876a508d4ddaf\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2_powerpc.deb\r\n Size/MD5 checksum: 3367890 ad1ad713d488f9e0e0669e1293f1ccd3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 254026 ae831a11ed61a4b52bb7a3043eb2f265\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 16628466 1b10ecc3a4095b9f0e9cd6fa0c544308\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 3415704 ea230f1f09a4e8341e7bb24ebd037dd3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 15160062 e41656dd2782d44ec9487138dc694722\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 17017000 04153c3611b94ae5044868407f1eaa96\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 255324 60960ac1262f6d8eabcd96d9789b27bc\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 253678 e1a1fcc0865698fca0aa46cc02c0e38d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 18295838 01cb70246fc9027dc9097964d0a7c06d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 253858 a30720b97122274208888b564c0548b5\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 18354880 c82075e19802e915551cd25b04f72c76\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 3393390 246ebdc0ce319ab1b8c0022b1b69fd1d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 246546 855a95e124dcd81d26d06fced8ff9cda\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 16406142 59c2543679159905e0d16445d7f5b66d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 231148 96bb009cbc3c1c9fc00a4f84a4aa9cd5\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 55156 94c052eb19ce469aabc0a9a71860f861\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 16971942 c230eb342210e9f9376783e013216695\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 252866 4b2bf2f6783bb456b5c003df3e1ea1f5\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\r\n Size/MD5 checksum: 55206 209887bf65d555135cde2cb7b1ef0b7b\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 55168 ba80b3fe0aa1ffdc92825578c4a0a8e2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 5620988 555c4bd0a4b245f267dc324c9b39d695\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 144604 bd539fa6955b9ea80a38046b1097ea6e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 145888 80f3dcbc19b2076e6a37ac8f48f1c687\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 5403802 9bfc6e49de7faecc3ae013efd8a5ff85\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 2944158 7a37040db97a3a43817eea570ca29554\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 5663004 f3b7384004cd0c0c6a0478865300b9f8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 55146 fd4df49a7d2116c1b1eb0f38211c196c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 145096 7e0bfcc155246d4b7cb8ee00d9a370ba\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 1440072 437e3a46bda63f1ba5bb2d0b970a669f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_s390.deb\r\n Size/MD5 checksum: 2967228 a32e5147c0f741a5300c6122aade4377\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 10394174 30c3164de023288678eda955e7088e89\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 166138 da9c686e82839dbecfc4d2f8d5d6ff8f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 6412488 738092d091284463d88dcce9bc0d683e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 10694332 aa5d657822ad30eb7edf2eca35644e09\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 196630 b349a6dd56888b772577075f21229498\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 195534 c7b2e3ee30ba33f0a207fa11a5f08916\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 197330 5e9f1ad14b5b10c6012b09dcfa93acb5\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 10647804 5bab66c5cdaa22683425b4e101fea4e0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 55156 da09f09d5c47ce3cd8666b7ba98b9a08\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 3191596 f6aee8879affc350feb8706cdffb95da\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 3169298 a6ad7bd3b6ba9d573f47c21f45b9f660\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-22etch2_sparc.deb\r\n Size/MD5 checksum: 55184 322a273cbddb53db9fdb143229104384\r\n\r\n These changes will probably be included in the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFIrZh4huANDBmkLRkRAskxAJ9J3UrvqPqj2rhy3PIXIfPUcWu8ggCggi+J\r\n3axwz1azO0SgmGCRip6WKHQ=\r\n=x8fB\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-08-21T00:00:00", "published": "2008-08-21T00:00:00", "id": "SECURITYVULNS:DOC:20387", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20387", "title": "[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2007-4997", "CVE-2007-3740", "CVE-2006-6058", "CVE-2007-6063", "CVE-2007-5500"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDVSA-2008:008\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : kernel\r\n Date : January 11, 2008\r\n Affected: Corporate 4.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n Some vulnerabilities were discovered and corrected in the Linux\r\n 2.6 kernel:\r\n \r\n The CIFS filesystem, when Unix extension support is enabled, does\r\n not honor the umask of a process, which allows local users to gain\r\n privileges. &#40;CVE-2007-3740&#41;\r\n \r\n The &#40;1&#41; hugetlb_vmtruncate_list and &#40;2&#41; hugetlb_vmtruncate functions\r\n in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform\r\n certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE\r\n units, which allows local users to cause a denial of service &#40;panic&#41;\r\n via unspecified vectors. &#40;CVE-2007-4133&#41;\r\n \r\n The IA32 system call emulation functionality in Linux kernel 2.4.x\r\n and 2.6.x before 2.6.22.7, when running on the x86_64 architecture,\r\n does not zero extend the eax register after the 32bit entry path to\r\n ptrace is used, which might allow local users to gain privileges by\r\n triggering an out-of-bounds access to the system call table using\r\n the &#37;RAX register. &#40;CVE-2007-4573&#41;\r\n \r\n Integer underflow in the ieee80211_rx function in\r\n net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before\r\n 2.6.23 allows remote attackers to cause a denial of service &#40;crash&#41;\r\n via a crafted SKB length value in a runt IEEE 802.11 frame when\r\n the IEEE80211_STYPE_QOS_DATA flag is set, aka an off-by-two\r\n error. &#40;CVE-2007-4997&#41;\r\n \r\n The disconnect method in the Philips USB Webcam &#40;pwc&#41; driver in Linux\r\n kernel 2.6.x before 2.6.22.6 relies on user space to close the device,\r\n which allows user-assisted local attackers to cause a denial of service\r\n &#40;USB subsystem hang and CPU consumption in khubd&#41; by not closing the\r\n device after the disconnect is invoked. NOTE: this rarely crosses\r\n privilege boundaries, unless the attacker can convince the victim to\r\n unplug the affected device. &#40;CVE-2007-5093&#41;\r\n \r\n The wait_task_stopped function in the Linux kernel before 2.6.23.8\r\n checks a TASK_TRACED bit instead of an exit_state value, which\r\n allows local users to cause a denial of service &#40;machine crash&#41; via\r\n unspecified vectors. NOTE: some of these details are obtained from\r\n third party information. &#40;CVE-2007-5500&#41;\r\n \r\n The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and\r\n possibly other versions, allows local users to cause a denial of\r\n service &#40;hang&#41; via a malformed minix file stream that triggers an\r\n infinite loop in the minix_bmap function. NOTE: this issue might be\r\n due to an integer overflow or signedness error. &#40;CVE-2006-6058&#41;\r\n \r\n Buffer overflow in the isdn_net_setcfg function in isdn_net.c in\r\n Linux kernel 2.6.23 allows local users to have an unknown impact via\r\n a crafted argument to the isdn_ioctl function. &#40;CVE-2007-6063&#41;\r\n \r\n Additionaly, support for Promise 4350 controller was added &#40;stex\r\n module&#41;.\r\n \r\n To update your kernel, please follow the directions located at:\r\n \r\n http://www.mandriva.com/en/security/kernelupdate\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3740\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4133\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4573\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4997\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5093\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5500\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6058\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Corporate 4.0:\r\n 07fa3648c4fcad266094de58ee5f7976 corporate/4.0/i586/kernel-2.6.12.33mdk-1-1mdk.i586.rpm\r\n e252e134fca461feeee210bc85fe0b66 corporate/4.0/i586/kernel-BOOT-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 2364ec022ffd41f61ef19aa4da196584 corporate/4.0/i586/kernel-doc-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 56b9c725e2370594ea37bff83bec8adf corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.33mdk-1-1mdk.i586.rpm\r\n ac5b435ab4b230da799b12b06054e3e5 corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 4bd260613b29981fd3b0a742707c6785 corporate/4.0/i586/kernel-smp-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 4111453b8da035fa44428f7d79b77c64 corporate/4.0/i586/kernel-source-2.6.12.33mdk-1-1mdk.i586.rpm\r\n c31d879b0becf2c84569ad18615fbe7c corporate/4.0/i586/kernel-source-stripped-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 9e8f1b4d991c1b144b5e999b647bbce6 corporate/4.0/i586/kernel-xbox-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 895efcf862e5e8428ceec714f29666da corporate/4.0/i586/kernel-xen0-2.6.12.33mdk-1-1mdk.i586.rpm\r\n bab9c0071d482b0e3c03c181b8cca71a corporate/4.0/i586/kernel-xenU-2.6.12.33mdk-1-1mdk.i586.rpm \r\n 877a5d94905829128211ecc1dd538138 corporate/4.0/SRPMS/kernel-2.6.12.33mdk-1-1mdk.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n d2e4070842e4a6ea4d9e029a5977d929 corporate/4.0/x86_64/kernel-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n bf3014e8afe93ab0a8877e1d80d921e4 corporate/4.0/x86_64/kernel-BOOT-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n ac4c529077ff74e82362c1b7d4404233 corporate/4.0/x86_64/kernel-doc-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n fe2963758a2fbef0ed561dd41741f1f0 corporate/4.0/x86_64/kernel-smp-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n f8ea4d85518c1e2e6a8b163febbb39f8 corporate/4.0/x86_64/kernel-source-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n 773dd4eb7e4ebbe76c49817399bdfb23 corporate/4.0/x86_64/kernel-source-stripped-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n 83c8eb396798958d3a0581f7610973e8 corporate/4.0/x86_64/kernel-xen0-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n e3a4fc8ac6984d283aebcbf8c733942f corporate/4.0/x86_64/kernel-xenU-2.6.12.33mdk-1-1mdk.x86_64.rpm \r\n 877a5d94905829128211ecc1dd538138 corporate/4.0/SRPMS/kernel-2.6.12.33mdk-1-1mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFHh8nGmqjQ0CJFipgRAmkIAJ94GfjCcBcizfHDPBZrHQEmHmu5TQCgxfMx\r\n1VPoB3XA6iDs9X0H11l20I0=\r\n=S6Bk\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-01-13T00:00:00", "published": "2008-01-13T00:00:00", "id": "SECURITYVULNS:DOC:18851", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18851", "title": "[ MDVSA-2008:008 ] - Updated kernel packages fix multiple vulnerabilities and bugs", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:25:38", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1588-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nMay 27, 2008 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : denial of service\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-6712 CVE-2008-1615 CVE-2008-2136 CVE-2008-2137\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may\nlead to a denial of service. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2007-6712\n\n Johannes Bauer discovered an integer overflow condition in the hrtimer\n subsystem on 64-bit systems. This can be exploited by local users to\n trigger a denial of service (DoS) by causing the kernel to execute an\n infinite loop.\n\nCVE-2008-1615\n\n Jan Kratochvil reported a local denial of service condition that\n permits local users on systems running the amd64 flavor kernel\n to cause a system crash.\n\nCVE-2008-2136\n\n Paul Harks discovered a memory leak in the Simple Internet Transition\n (SIT) code used for IPv6 over IPv4 tunnels. This can be exploited\n by remote users to cause a denial of service condition.\n\nCVE-2008-2137\n\n David Miller and Jan Lieskovsky discovered issues with the virtual\n address range checking of mmaped regions on the sparc architecture\n that may be exploited by local users to cause a denial of service.\n\nFor the stable distribution (etch), this problem has been fixed in version\n2.6.18.dfsg.1-18etch5.\n\nBuilds for linux-2.6/s390 and fai-kernels/powerpc were not yet available at\nthe time of this advisory. This advisory will be updated as these builds\nbecome available.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\nuser-mode-linux packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 4.0 (etch)\n fai-kernels 1.17+etch.18etch5\n user-mode-linux 2.6.18-1um-2etch.18etch5\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch5.dsc\n Size/MD5 checksum: 5672 70da3d3fa9c813c51429d8b5d3b2e8ea\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5.dsc\n Size/MD5 checksum: 740 94f5cb267a06c1dec878da90b9f1dd83\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch5.diff.gz\n Size/MD5 checksum: 5351147 abe5e0484f16f812708afc484e161bc5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5.diff.gz\n Size/MD5 checksum: 17351 2f7dba888df3958188615ea041eca743\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5.tar.gz\n Size/MD5 checksum: 55660 0538ff4f7178e76ea127ebef056d6b06\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5.dsc\n Size/MD5 checksum: 892 be5c0a2ad62acc5172513a9ce287c94c\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 41462358 4a72841c24a18efce23193d77f367fe1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 3718002 4f526d410be4803e0caa37b49447f4d2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 1083076 615903cc33714c0cfa8dbcc48772a939\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 3589354 d3f8c0a58d10ba994aca59ce80317fe8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 54650 0ec7b128e82da0898223888f4fa07e53\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 1592544 f1b06a865148d3ecc897f6f898b9f56a\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 54138 e7252716146d76ec712aa139287db245\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23532610 9e2eba932bf5b4cbf909da8be17025f0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 54106 b537043ae0a9552a4e6c2d94cf2c2800\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 268424 dbbb97dee4c3070f9cd0172bcdc49ef4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 3027930 4c8fd619b7f8bb0f50e1bf0609e37a20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 268084 6464e53b77d391c0417013c3b270c59f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23463090 48ec7662494774ee942a6252fd44e07f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 3052820 51f401e43b054813abfbe1c422713370\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 269742 5c26e5083d2a86ea8ce9c80873fb0d3e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23845162 28d1de6a26fd663eeb2e3977923575c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23484076 c04d5474a002c0c6872b0c0779499e00\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 267482 537e40c1b92217edb912b680b30f8cd8\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54108 f51956cb9e9c4fcce9d2852cc304c8de\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54134 07e4c8015b83da692bf2128f73966043\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 16950720 269a05ec2a25fd5e6ce7df4cb5a998c6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3396124 8f57552a6dc82815c1e0881f3d827c20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3227466 a28c80ec87bb6b6a7534c36e9a01a8b4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 16906784 c8ba6e5505966c0cbd559e07dc1a95ee\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54082 a3e4fb024f6242b1761565cdb1a27bab\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 1682832 5bb35f10ad153f7a0e64d0560f36b14b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3251476 a8994a53f8082ac755c5153f21645cb6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274250 b632fc76029cda382920bbf17dc70c76\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3421192 b41a836c46e5fb252989a41785d1374f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274730 2483995f136e52562556017c2f0d4a96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274044 0d460826b9c6fac02574482db7914bd6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 15355064 384131032d56063c896019e39e037a96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274730 da10935f2b25722252c68761e5065405\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54094 292e8525fc3f29d5166365da794cfaef\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 1651262 d538be2c0dda417622040c33f34cd237\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 15366488 a3ad9046c3f774dd5097e6982ffe39fa\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_amd64.deb\n Size/MD5 checksum: 5960836 ccceae60cac558233545c4c4cdbe409e\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 54180 fbd9dae1ecda050a0b0734b04db35501\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 7924540 fcc6f7d63d622745a55c4bd9fa066560\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 239248 e9e3b3e13071c64cc7e6f2dd7e15cfdb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 54140 f38cd11a11adfb18ea0aa4de1b08ea39\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 4587314 01782ba5f8d91bee1d77302e9a6a9e61\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 3410452 448786f55f94315700e03bb93b454621\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 234064 c0e792fcc328bedc6583179e5156266e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 7566024 d0423054e62d157a7fc10ad2e27e07a9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 204142 b4a419a3a28fb963c5279d9e9b125705\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 5009344 5613d609c1c046f2b2ba72c6c890c486\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 198814 12c93d0b1d0f0d61ecaf5bfebcf8eb3a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 233122 5bc42539dc40aaa1d81507b5f5a9bf83\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 8870920 3a45be48b3293a9cbe193b0db5ab2d96\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 10996540 34a482a7404b6e48cc4202a3c031e39c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 11398886 13d0d088bbd0e90ba1ade33ee2ded031\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 54136 be5be650e3800c63cedec99e2c7823fa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 11804256 cb47826af75d4ad2e3006ce8ea6ea493\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 195920 3883151884f603b502ed741945ffe3dd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 10548980 c6bf62e7a77bac7a9f13e88934a7edd8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 196764 53581705559a0ff4812e5622633ad987\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 197038 03b0dd0d144eddf69e9cbf4ae9b3c187\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 54114 b399acd2935e12d8580bac5075aca833\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 3021520 2d524cf038836529a4b5b98b527fb2c3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 197926 929a482ee6043c8913e0a02297975d75\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 281128 96055c189ea53e2d36ef2ba928112fda\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 14279136 50f18a8d2410f33d2fa6b3d913d333c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54098 bc1b6debe849f30326190420aaf3bcf8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16336566 f0da95e8ce638a5246ad4d814f5fde09\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16375886 6d7a589bdf348d2b883b12dc59d821dc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 280108 03ecf352b9f9808cfad169da68bae00d\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_i386.deb\n Size/MD5 checksum: 5504676 89f5fa03885ee4f737461182eabd709b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3168146 107659ec75db011516e29d898c3bc63b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 272402 ed55cb5a5a38b9b98ea99afda45fa179\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 283546 645d7a6511ed1edd8d939bcf23a06db0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16404516 342d98b58ac8d8e4e66923a4ce993463\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 280800 53a9b58e467b80f51e9164099ec88e18\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16836824 56389bee0ae2c10099f7e19760c7b89f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 277982 6242067c054616623741facb41be96b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54098 4845efdb09aea41ef938c090530335d6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3148840 26b1b0193f25d457db81ed3893c0d1de\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16467076 aa6cc19fdd8d3c4688ae4ea2c35e667b\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54084 30945bdfc901629b6f1df13c704e70a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 272478 0563e7854cbbe484cbe7ba042c89b19c\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5_i386.deb\n Size/MD5 checksum: 25587444 e2c0ff4dc80f241a41f27e415497462c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 1326822 d6eccf90389e1f5fd41653ef2da4060a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3170850 4d2061539468c3788a8032e5e27aadfb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 14289748 1e8a50868e7dee3bcf4ed7e8469c20ff\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 272122 ac3985bf454e339c3a02ee17a4a4104c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 1299688 f3a4ef71801a826f1da151fd12e4be57\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 281326 2b142556dc07fa41dada942fcf36cc8e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16190240 8a63f6a2ac3b6334cbacb99129c76a9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3054490 f549787f1b48cf4a7bf5cad359776e72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16506826 4e0ef2228324c2fc14365a5aaeda0e30\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54160 8a5f9200a579604b5b44609549d0fec3\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 54132 9c4710a3f9fe303d8fb91b1bc2f26aba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 255602 502b77e416d4146085c986e3f044ef65\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 255496 a1e152ea44a76c0376c0c5308e7eb73f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 28013686 e3a9f2c0f65dbb32ddaef4279f46a02d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 54116 e91729e3a1d6c9e036b34a07d5322ea1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 28181240 a977c1726724712c52209f9448f4a430\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 3082082 d279733263714c558f68651a532950d0\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 54134 22a4791eab8c910e616d157866d53025\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 167044 70a9e850f5b589307c11d793d1ae6402\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 3413738 bacb0e69b1b775b8c107817388179890\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 187064 c5e7a3e6da64281a67676b1f574da751\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 54186 24256be3de335798d64096467935c740\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 8308966 ddf5ee18359c5814b7becca4bb6db245\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 15677882 5ae00f56b380829aa0a497776b0135f8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 154386 e901acfcbcc3b5549c30bbe7ce710cc6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 6125594 e396b15e9dcab593e4320236d7ac1572\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 15652934 8abfb40f359d54ac15854b782f8198bc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 9075546 c7bda747c97bd58ecf70afa6fb71a02a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 186748 16d2e8cce7839f20fbf5baa65f07094e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 162974 f9993e3f13a281a749a77e83a2c706cf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 15053122 38c50780f0382abf544339b0423c86b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 54160 813b1edc195ae4a98f7c458e432e89ba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 3350138 d4ffd93599f61d99b2f50ed87d31144d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 9863398 71469c0b29659c83f2f4996de5ae855b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 155774 bb807178ae81678f4cea5b64bcd8e0f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 15030230 802e7f15ae2a00d4a3fd99f8d37e48f8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 182630 a9e57a79ab1530af02e9b61b81606fa9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 178290 bb9edbbf330c0b465ad37e0e5499b2b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 54106 3abe49b4366693a69c50a899f3f7eeea\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 150042 64a877e7e1680dd1a69317d87888621a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 5941952 71641a79aa2f9869e4608b0df2cc78cc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 182772 e01dad553ee807ba9bd8b4f12275e79d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 155828 d95e8387335c55a5ded2340e8fec68f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 6027796 c1cc067bcd418ae935e8f4a39e96dc78\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 5926602 baf4afb27b59a0b9ef8b548a3f1a80f3\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 3392458 d0e49a4a623d77420317f8e6cec301a6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 229438 bf578fa343cc77237329c34882b4d038\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 18294080 cb7f16ec55e918534e9042e7e0c5ef7c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 3414806 3a901290719800285b63c53e7b9d4109\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 15157308 f605138dd137eb4374139ec0cf79351a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 251522 4f8ef89f851229849bc5a3bc5b19c82b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 252312 e3c7462faede8715dd91b566a58f9b68\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 16969642 0607cea9945592510f5d3fb9f928c68e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 252654 a1a124efec56637b9dfa87c8cd9550cc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 245866 6745e27544fab3eb5aba4a97ebf0fd9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 16402670 d3b6fdc36ccd744cc0c8956be6176e0b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 17016920 e24f260fac43e592708bb9ba1e707c16\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 253460 8cf63cbc53c6272a748d33b1bd98dfb2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 18349664 4222693f7730b0e6833541ba79afd50e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 253334 e3314d10a9e3160c79a497967f44fbbd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 54160 2b3e2ac3e9367055f4e7669e56583beb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 54112 3199cd9481a91d0def2d149bc0b59c4e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 16626546 e09c228686cb96ce5e56a142a6366e13\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 3190524 3e8e5ea3e72da553d2716dd73f0a5fb7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 10647606 9ec3d7c71c0a503b4294aa780a9fdd09\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 54110 f011e208c98ce3aeeaf9dd00ad82b6dd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 6411008 58c2219a0c20105cf239e323da2e0340\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 165004 ebcd3a274a921148a884d50eb71fb2c5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 194096 ce1428b814293647a6e00c947270b813\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 195024 4c4ff026f91be55c689b43a19060620d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 10692826 1053f11e2d543a6c56f9f80f31dc28af\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 54140 46c81fa9576fa5e3ac9200115527f02a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 195748 32499d6fc1f632ec879464002dceb221\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 3168216 d78356180bcbe48cc6ac77a980e08e9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 10391204 8cb2fa5bd484dff88cab8741035128df\n\n These changes will probably be included in the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 7, "modified": "2008-05-27T17:12:07", "published": "2008-05-27T17:12:07", "id": "DEBIAN:DSA-1588-1:0FC6B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00166.html", "title": "[SECURITY] [DSA 1588-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-11T13:17:13", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2136", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1588-2 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nMay 30, 2008 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : denial of service\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-6712 CVE-2008-1615 CVE-2008-2136 CVE-2008-2137\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may\nlead to a denial of service. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2007-6712\n\n Johannes Bauer discovered an integer overflow condition in the hrtimer\n subsystem on 64-bit systems. This can be exploited by local users to\n trigger a denial of service (DoS) by causing the kernel to execute an\n infinite loop.\n\nCVE-2008-1615\n\n Jan Kratochvil reported a local denial of service condition that\n permits local users on systems running the amd64 flavor kernel\n to cause a system crash.\n\nCVE-2008-2136\n\n Paul Harks discovered a memory leak in the Simple Internet Transition\n (SIT) code used for IPv6 over IPv4 tunnels. This can be exploited\n by remote users to cause a denial of service condition.\n\nCVE-2008-2137\n\n David Miller and Jan Lieskovsky discovered issues with the virtual\n address range checking of mmaped regions on the sparc architecture\n that may be exploited by local users to cause a denial of service.\n\nFor the stable distribution (etch), this problem has been fixed in version\n2.6.18.dfsg.1-18etch5.\n\nThis updated advisory adds the linux-2.6 build for s390 and the fai-kernels\nbuild for powerpc which were not yet available at the time of DSA-1588-1.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\nuser-mode-linux packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 4.0 (etch)\n fai-kernels 1.17+etch.18etch5\n user-mode-linux 2.6.18-1um-2etch.18etch5\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch5.dsc\n Size/MD5 checksum: 5672 70da3d3fa9c813c51429d8b5d3b2e8ea\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5.dsc\n Size/MD5 checksum: 740 94f5cb267a06c1dec878da90b9f1dd83\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch5.diff.gz\n Size/MD5 checksum: 5351147 abe5e0484f16f812708afc484e161bc5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5.diff.gz\n Size/MD5 checksum: 17351 2f7dba888df3958188615ea041eca743\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5.tar.gz\n Size/MD5 checksum: 55660 0538ff4f7178e76ea127ebef056d6b06\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5.dsc\n Size/MD5 checksum: 892 be5c0a2ad62acc5172513a9ce287c94c\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 41462358 4a72841c24a18efce23193d77f367fe1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 3718002 4f526d410be4803e0caa37b49447f4d2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 1083076 615903cc33714c0cfa8dbcc48772a939\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 3589354 d3f8c0a58d10ba994aca59ce80317fe8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 54650 0ec7b128e82da0898223888f4fa07e53\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch5_all.deb\n Size/MD5 checksum: 1592544 f1b06a865148d3ecc897f6f898b9f56a\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 54138 e7252716146d76ec712aa139287db245\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23532610 9e2eba932bf5b4cbf909da8be17025f0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 54106 b537043ae0a9552a4e6c2d94cf2c2800\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 268424 dbbb97dee4c3070f9cd0172bcdc49ef4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 3027930 4c8fd619b7f8bb0f50e1bf0609e37a20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 268084 6464e53b77d391c0417013c3b270c59f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23463090 48ec7662494774ee942a6252fd44e07f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 3052820 51f401e43b054813abfbe1c422713370\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 269742 5c26e5083d2a86ea8ce9c80873fb0d3e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23845162 28d1de6a26fd663eeb2e3977923575c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 23484076 c04d5474a002c0c6872b0c0779499e00\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch5_alpha.deb\n Size/MD5 checksum: 267482 537e40c1b92217edb912b680b30f8cd8\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54108 f51956cb9e9c4fcce9d2852cc304c8de\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54134 07e4c8015b83da692bf2128f73966043\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 16950720 269a05ec2a25fd5e6ce7df4cb5a998c6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3396124 8f57552a6dc82815c1e0881f3d827c20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3227466 a28c80ec87bb6b6a7534c36e9a01a8b4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 16906784 c8ba6e5505966c0cbd559e07dc1a95ee\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54082 a3e4fb024f6242b1761565cdb1a27bab\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 1682832 5bb35f10ad153f7a0e64d0560f36b14b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3251476 a8994a53f8082ac755c5153f21645cb6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274250 b632fc76029cda382920bbf17dc70c76\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 3421192 b41a836c46e5fb252989a41785d1374f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274730 2483995f136e52562556017c2f0d4a96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274044 0d460826b9c6fac02574482db7914bd6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 15355064 384131032d56063c896019e39e037a96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 274730 da10935f2b25722252c68761e5065405\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 54094 292e8525fc3f29d5166365da794cfaef\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 1651262 d538be2c0dda417622040c33f34cd237\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch5_amd64.deb\n Size/MD5 checksum: 15366488 a3ad9046c3f774dd5097e6982ffe39fa\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_amd64.deb\n Size/MD5 checksum: 5960836 ccceae60cac558233545c4c4cdbe409e\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 54180 fbd9dae1ecda050a0b0734b04db35501\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 7924540 fcc6f7d63d622745a55c4bd9fa066560\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 239248 e9e3b3e13071c64cc7e6f2dd7e15cfdb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 54140 f38cd11a11adfb18ea0aa4de1b08ea39\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 4587314 01782ba5f8d91bee1d77302e9a6a9e61\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 3410452 448786f55f94315700e03bb93b454621\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 234064 c0e792fcc328bedc6583179e5156266e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 7566024 d0423054e62d157a7fc10ad2e27e07a9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 204142 b4a419a3a28fb963c5279d9e9b125705\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 5009344 5613d609c1c046f2b2ba72c6c890c486\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 198814 12c93d0b1d0f0d61ecaf5bfebcf8eb3a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 233122 5bc42539dc40aaa1d81507b5f5a9bf83\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch5_arm.deb\n Size/MD5 checksum: 8870920 3a45be48b3293a9cbe193b0db5ab2d96\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 10996540 34a482a7404b6e48cc4202a3c031e39c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 11398886 13d0d088bbd0e90ba1ade33ee2ded031\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 54136 be5be650e3800c63cedec99e2c7823fa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 11804256 cb47826af75d4ad2e3006ce8ea6ea493\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 195920 3883151884f603b502ed741945ffe3dd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 10548980 c6bf62e7a77bac7a9f13e88934a7edd8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 196764 53581705559a0ff4812e5622633ad987\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 197038 03b0dd0d144eddf69e9cbf4ae9b3c187\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 54114 b399acd2935e12d8580bac5075aca833\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 3021520 2d524cf038836529a4b5b98b527fb2c3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch5_hppa.deb\n Size/MD5 checksum: 197926 929a482ee6043c8913e0a02297975d75\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 281128 96055c189ea53e2d36ef2ba928112fda\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 14279136 50f18a8d2410f33d2fa6b3d913d333c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54098 bc1b6debe849f30326190420aaf3bcf8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16336566 f0da95e8ce638a5246ad4d814f5fde09\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16375886 6d7a589bdf348d2b883b12dc59d821dc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 280108 03ecf352b9f9808cfad169da68bae00d\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_i386.deb\n Size/MD5 checksum: 5504676 89f5fa03885ee4f737461182eabd709b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3168146 107659ec75db011516e29d898c3bc63b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 272402 ed55cb5a5a38b9b98ea99afda45fa179\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 283546 645d7a6511ed1edd8d939bcf23a06db0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16404516 342d98b58ac8d8e4e66923a4ce993463\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 280800 53a9b58e467b80f51e9164099ec88e18\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16836824 56389bee0ae2c10099f7e19760c7b89f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 277982 6242067c054616623741facb41be96b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54098 4845efdb09aea41ef938c090530335d6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3148840 26b1b0193f25d457db81ed3893c0d1de\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16467076 aa6cc19fdd8d3c4688ae4ea2c35e667b\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54084 30945bdfc901629b6f1df13c704e70a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 272478 0563e7854cbbe484cbe7ba042c89b19c\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch5_i386.deb\n Size/MD5 checksum: 25587444 e2c0ff4dc80f241a41f27e415497462c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 1326822 d6eccf90389e1f5fd41653ef2da4060a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3170850 4d2061539468c3788a8032e5e27aadfb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 14289748 1e8a50868e7dee3bcf4ed7e8469c20ff\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 272122 ac3985bf454e339c3a02ee17a4a4104c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 1299688 f3a4ef71801a826f1da151fd12e4be57\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 281326 2b142556dc07fa41dada942fcf36cc8e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16190240 8a63f6a2ac3b6334cbacb99129c76a9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 3054490 f549787f1b48cf4a7bf5cad359776e72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 16506826 4e0ef2228324c2fc14365a5aaeda0e30\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch5_i386.deb\n Size/MD5 checksum: 54160 8a5f9200a579604b5b44609549d0fec3\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 54132 9c4710a3f9fe303d8fb91b1bc2f26aba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 255602 502b77e416d4146085c986e3f044ef65\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 255496 a1e152ea44a76c0376c0c5308e7eb73f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 28013686 e3a9f2c0f65dbb32ddaef4279f46a02d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 54116 e91729e3a1d6c9e036b34a07d5322ea1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 28181240 a977c1726724712c52209f9448f4a430\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_ia64.deb\n Size/MD5 checksum: 3082082 d279733263714c558f68651a532950d0\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 54134 22a4791eab8c910e616d157866d53025\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 167044 70a9e850f5b589307c11d793d1ae6402\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 3413738 bacb0e69b1b775b8c107817388179890\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 187064 c5e7a3e6da64281a67676b1f574da751\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 54186 24256be3de335798d64096467935c740\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 8308966 ddf5ee18359c5814b7becca4bb6db245\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 15677882 5ae00f56b380829aa0a497776b0135f8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 154386 e901acfcbcc3b5549c30bbe7ce710cc6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 6125594 e396b15e9dcab593e4320236d7ac1572\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 15652934 8abfb40f359d54ac15854b782f8198bc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 9075546 c7bda747c97bd58ecf70afa6fb71a02a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 186748 16d2e8cce7839f20fbf5baa65f07094e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch5_mips.deb\n Size/MD5 checksum: 162974 f9993e3f13a281a749a77e83a2c706cf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 15053122 38c50780f0382abf544339b0423c86b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 54160 813b1edc195ae4a98f7c458e432e89ba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 3350138 d4ffd93599f61d99b2f50ed87d31144d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 9863398 71469c0b29659c83f2f4996de5ae855b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 155774 bb807178ae81678f4cea5b64bcd8e0f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 15030230 802e7f15ae2a00d4a3fd99f8d37e48f8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 182630 a9e57a79ab1530af02e9b61b81606fa9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 178290 bb9edbbf330c0b465ad37e0e5499b2b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 54106 3abe49b4366693a69c50a899f3f7eeea\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 150042 64a877e7e1680dd1a69317d87888621a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 5941952 71641a79aa2f9869e4608b0df2cc78cc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 182772 e01dad553ee807ba9bd8b4f12275e79d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 155828 d95e8387335c55a5ded2340e8fec68f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 6027796 c1cc067bcd418ae935e8f4a39e96dc78\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch5_mipsel.deb\n Size/MD5 checksum: 5926602 baf4afb27b59a0b9ef8b548a3f1a80f3\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 3392458 d0e49a4a623d77420317f8e6cec301a6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 229438 bf578fa343cc77237329c34882b4d038\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 18294080 cb7f16ec55e918534e9042e7e0c5ef7c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 3414806 3a901290719800285b63c53e7b9d4109\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 15157308 f605138dd137eb4374139ec0cf79351a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 251522 4f8ef89f851229849bc5a3bc5b19c82b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 252312 e3c7462faede8715dd91b566a58f9b68\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 16969642 0607cea9945592510f5d3fb9f928c68e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 252654 a1a124efec56637b9dfa87c8cd9550cc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 245866 6745e27544fab3eb5aba4a97ebf0fd9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 16402670 d3b6fdc36ccd744cc0c8956be6176e0b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 17016920 e24f260fac43e592708bb9ba1e707c16\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 253460 8cf63cbc53c6272a748d33b1bd98dfb2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 18349664 4222693f7730b0e6833541ba79afd50e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 253334 e3314d10a9e3160c79a497967f44fbbd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 54160 2b3e2ac3e9367055f4e7669e56583beb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 54112 3199cd9481a91d0def2d149bc0b59c4e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch5_powerpc.deb\n Size/MD5 checksum: 16626546 e09c228686cb96ce5e56a142a6366e13\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch5_powerpc.deb\n Size/MD5 checksum: 3366930 17db3e15c6d8cf2d8aca17939ca4cc22\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 143830 1b86a1ffa2bf8b743ef2608433a01d19\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 5402208 c05f1464684c5755dfd5c5e91b3cf2d8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 2943090 da0829d97b73d6a03242822237d00694\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 54106 fc387ee63680dc3a38ffd915fecc2fd8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 1438980 c6e90fb394da315b633c09be3f4aa53b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 2966156 d6a5e7edfa9424a613a4da2f54b487c4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 5619846 bebebe67bf3bceefd8730dcb19b8fc0a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 144730 7e2da310413f3224915663349e37f752\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 143378 bb59c0b53f875d201529ae52d310ba56\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 5661458 90e536af2b788da136062798aa933d30\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-18etch5_s390.deb\n Size/MD5 checksum: 54126 ea1dc6ca830658f681a3ce6b66cfc58b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 3190524 3e8e5ea3e72da553d2716dd73f0a5fb7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 10647606 9ec3d7c71c0a503b4294aa780a9fdd09\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 54110 f011e208c98ce3aeeaf9dd00ad82b6dd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 6411008 58c2219a0c20105cf239e323da2e0340\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 165004 ebcd3a274a921148a884d50eb71fb2c5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 194096 ce1428b814293647a6e00c947270b813\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 195024 4c4ff026f91be55c689b43a19060620d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 10692826 1053f11e2d543a6c56f9f80f31dc28af\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 54140 46c81fa9576fa5e3ac9200115527f02a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 195748 32499d6fc1f632ec879464002dceb221\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 3168216 d78356180bcbe48cc6ac77a980e08e9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch5_sparc.deb\n Size/MD5 checksum: 10391204 8cb2fa5bd484dff88cab8741035128df\n\n These changes will probably be included in the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2008-05-30T21:46:36", "published": "2008-05-30T21:46:36", "id": "DEBIAN:DSA-1588-2:B9B84", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00169.html", "title": "[SECURITY] [DSA 1588-2] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-30T02:21:54", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1381-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nOctober 2nd, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : several\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093\n\nSeveral local vulnerabilities have been discovered in the Linux kernel\nthat may lead to a denial of service or the execution of arbitrary\ncode. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2006-5755\n\n The NT bit maybe leaked into the next task which can local attackers\n to cause a Denial of Service (crash) on systems which run the &#x27;amd64&#x27;\n flavour kernel. The stable distribution (&#x27;etch&#x27;) was not believed to\n be vulnerable to this issue at the time of release, however Bastian\n Blank discovered that this issue still applied to the &#x27;xen-amd64&#x27; and\n &#x27;xen-vserver-amd64&#x27; flavours, and is resolved by this DSA.\n\nCVE-2007-4133\n\n Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\n local users to trigger a BUG_ON() call in exit_mmap.\n\nCVE-2007-4573\n\n Wojciech Purczynski discovered a vulnerability that can be exploited\n by a local user to obtain superuser privileges on x86_64 systems.\n This resulted from improper clearing of the high bits of registers\n during ia32 system call emulation. This vulnerability is relevant\n to the Debian amd64 port as well as users of the i386 port who run\n the amd64 linux-image flavour.\n\n DSA-1378 resolved this problem for the &#x27;amd64&#x27; flavour kernels, but\n Tim Wickberg and Ralf Hemmenst\u00c3dt reported an outstanding issue with\n the &#x27;xen-amd64&#x27; and &#x27;xen-vserver-amd64&#x27; issues that is resolved by\n this DSA.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nThese problems have been fixed in the stable distribution in version \n2.6.18.dfsg.1-13etch4.\n\nAt the time of this DSA, only the build for the amd64 architecture is\navailable. Due to the severity of the amd64-specific issues, we are\nreleasing an incomplete update. This advisory will be updated once\nother architecture builds become available.\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc\n Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz\n Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ etch/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 15, "modified": "2007-10-03T00:00:00", "published": "2007-10-03T00:00:00", "id": "DEBIAN:DSA-1381-1:B1830", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00152.html", "title": "[SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:30:32", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1381-2 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nOctober 12th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : several\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093\n\nSeveral local vulnerabilities have been discovered in the Linux kernel\nthat may lead to a denial of service or the execution of arbitrary\ncode. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2006-5755\n\n The NT bit maybe leaked into the next task which can local attackers\n to cause a Denial of Service (crash) on systems which run the &#x27;amd64&#x27;\n flavour kernel. The stable distribution (&#x27;etch&#x27;) was not believed to\n be vulnerable to this issue at the time of release, however Bastian\n Blank discovered that this issue still applied to the &#x27;xen-amd64&#x27; and\n &#x27;xen-vserver-amd64&#x27; flavours, and is resolved by this DSA.\n\nCVE-2007-4133\n\n Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\n local users to trigger a BUG_ON() call in exit_mmap.\n\nCVE-2007-4573\n\n Wojciech Purczynski discovered a vulnerability that can be exploited\n by a local user to obtain superuser privileges on x86_64 systems.\n This resulted from improper clearing of the high bits of registers\n during ia32 system call emulation. This vulnerability is relevant\n to the Debian amd64 port as well as users of the i386 port who run\n the amd64 linux-image flavour.\n\n DSA-1378 resolved this problem for the &#x27;amd64&#x27; flavour kernels, but\n Tim Wickberg and Ralf Hemmenst\u00c3dt reported an outstanding issue with\n the &#x27;xen-amd64&#x27; and &#x27;xen-vserver-amd64&#x27; issues that is resolved by\n this DSA.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nThese problems have been fixed in the stable distribution in version \n2.6.18.dfsg.1-13etch4.\n\nThis is an update to DSA-1381-1 which included only amd64 binaries for\nlinux-2.6. Builds for all other architectures are now available, as well as\nrebuilds of ancillary packages that make use of the included linux source.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 4.0 (etch)\n fai-kernels 1.17+etch.13etch4\n kernel-patch-openvz 028.18.1etch5\n user-mode-linux 2.6.18-1um-2etch.13etch4\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4.dsc\n Size/MD5 checksum: 740 6dd1d21aea0566d84f12a4dcffa7d791\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4.tar.gz\n Size/MD5 checksum: 54614 886f8a7388d3063b30cbab365c9fd4cb\n http://security.debian.org/pool/updates/main/k/kernel-patch-openvz/kernel-patch-openvz_028.18.1etch5.dsc\n Size/MD5 checksum: 588 409655afa6a2969a5a2fae79c767c9cc\n http://security.debian.org/pool/updates/main/k/kernel-patch-openvz/kernel-patch-openvz_028.18.1etch5.tar.gz\n Size/MD5 checksum: 1578706 5a8084827360750b14648d5b997647e4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc\n Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz\n Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.13etch4.dsc\n Size/MD5 checksum: 892 7e1a9aca25b3277719874aeaec5e4ee9\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.13etch4.diff.gz\n Size/MD5 checksum: 14585 240a656f82ad1593324edc9a8a4c1370\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-openvz/kernel-patch-openvz_028.18.1etch5_all.deb\n Size/MD5 checksum: 1583630 db89389fec39e4a856cda780fed0b728\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 3025068 73b98089604d45b4e34debad53a7ec93\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 51410 6b4c0bfb818554208be3f9d6f73001eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-alpha_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 51454 05b5524672491f412fdfd9023122a73b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-alpha-generic_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 264304 4db07fccf48036f262196db448122749\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-alpha-legacy_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 264650 90cf3d0b7632bfe5842f46129d116552\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-alpha-smp_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 263718 a8322f28c2d12ff79207fc41cabcb33c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 3049086 4654cb1e62077ffb3f8e8563560f5c41\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-alpha_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 265108 7a1d22acc4f23fc3e90a675362123d44\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-alpha-generic_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23485516 6883ad14986b1e0aff2b619ea5f539c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-alpha-legacy_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23464768 84ff8937d7a9a5149319d73f68f84b2b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-alpha-smp_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23839988 7bbd0790ba73299826b1cc9d377096f5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-alpha_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23529978 a657aeab02b7b31e9e84dee7385e1f99\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4_amd64.deb\n Size/MD5 checksum: 5954146 54c67b5839f1b77ab8fbad0992881f46\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 3407364 f4f146f2fc47b3e4735c5573026dc219\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 51428 23eeb0e5e48e4e1aaa86d34c56d22d7e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-arm_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 51472 173dfc6307b31dcb9e6c6ad0e10d857a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-footbridge_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 230506 969f06fec9ab5b8865aced3cee9466cf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-iop32x_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 231032 a44db3ae062cfd0a55724b5f8eb5840f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-ixp4xx_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 236006 fac614b131423f3aac4f5929cb1b4210\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-rpc_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 195608 1fa746211f6b1a06b2a381f44fa6ea9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-s3c2410_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 200820 0fdebc68ba162f78fae0a5d013b0d671\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-footbridge_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 7556486 aef8840fc034e37a3bac3a8ec506f8b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-iop32x_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 7914620 3e2d3b73ac9ff21b36c963fef6fbac32\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-ixp4xx_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 8853810 e1df6094cf944c4ddd3696d2fac13dda\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-rpc_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 4579622 498effbf28a88fdc9ebe47a33c711b6a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s3c2410_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 5003752 52305b4a34dc1a77ddd6aaa47370176b\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 2965090 85d54d6c0d233c2b41b4b2fa6b258613\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 51524 69a8212893df07526b6b4934f0ddc1f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-hppa_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 51552 f609ed50c4d0b850679a0fbcfe842ed0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 189156 ce7c28e8eb2814e3ae57eeaf727cdf7d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 190072 a4b883240aaa377bf504cfbd1dedf592\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc64_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 189798 2c4f651075d727301c8d980520b469f6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc64-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 190518 359439df087ee5657484ccc0c212dddc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 10498964 89b3c4a8a1e248f537cbd19492fa809a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 10940750 ba06ca7732dfbd11885530113adb9503\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc64_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 11346730 88376e832d7108b10f642e30c62d486f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc64-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 11752568 46f4bb8a4b9ce9b6f18044a02bb0f9a1\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4_i386.deb\n Size/MD5 checksum: 5500882 34b990b6e91c480d2775d89e32ce437d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3165366 da8e35820741f11bb6294fdbcc744703\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-486_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 279522 329b2d702f32b3ad48bcb46d01f5314c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 276154 1b9448c7bd3bde437ab6a938064873f2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-686-bigmem_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 276660 ca56f56b7a8976014f98def299592fd4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51520 ded0b906ba23835ab08bcd9c50f86485\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-i386_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51572 ca29d913506d4605c548b40f09142e82\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 269976 318af48160923c29422b31d73f91ade4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 275906 8d7f6f03ca00393f3965dcdfcda00774\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3051664 1c1d62ef7db29003ad4f1da99a24b65f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 275268 de725a7b4623d4219793b20be56db881\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 275234 eda8fbe5a6db4c9b64883ef2834ac829\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3145888 12bcb2f8010a245ae7af452beb1cc290\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 270752 2db897f2a802eeac160af8c267b9c6eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3168122 85b2b60232ede47e610634ccd71bbca1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 271024 6da5e709b3c9923966197d95c4b23610\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-486_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16170710 9109283c0e49d2968b5f36af7958b671\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16319840 6b800f593454b8683d0f8cfd169fc96a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-686-bigmem_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16385948 4498832b220546242c2a3ac1190fa2e1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16816550 409ac0482522377d01a9d28bf31beeb0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16451472 fcfc3df511cdb7264dd4346e2ba2c3f6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16360708 2a35e8f6dc5c09730e3465ede7fc04e0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16489340 a4834981ad3f1b2971d06900efb7a3e8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 1297094 1140c4de7a2041e507b9cc4b3eb985c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 1324284 e0c75d7db0af2edd6f01ffcde6c05773\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 14259342 3a401200f009a80f6fd7a7f7e74e2c45\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 14273216 0b06968bd3d0125595fda63d641ed24a\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51496 f517e965c35f6b850678088d29741dc4\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51510 46c0d9815c13f36668c46565c82f5dac\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.13etch4_i386.deb\n Size/MD5 checksum: 25581732 39fc9a71734345a268001c668cc515e1\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 3079236 a4638eccc104fc8c61966eac89a18deb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 51516 fd1c5d4d5487b8432df36711e51dd655\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-ia64_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 51542 4f886289d99750be07d1ab6ed9c88f75\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-itanium_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 252570 974a03c2e115156ff57847e6776dc438\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-mckinley_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 252544 6c039f749900e30cec4f1746b6f0acc9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-itanium_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 28007402 6299af0cd9fee918dc384cf8f711a00f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-mckinley_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 28177850 f877dd23c8eff90e7bb6c3a39fbcfcd8\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 3347246 7fbe627505d90cbd62218a18014f7e20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 51526 f0ccbbecc78db4ea8038dccd33df8477\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-mips_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 51572 f2f537ae2a1f6627d435e769e86d4fbb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 146994 21364f39fc4880f9270ef133fdcb7794\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r4k-ip22_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 157492 2e47f78046bcaa166da991809be35ae7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r5k-ip32_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 161744 62d0fe8e33c7f10d7d547dad25c0f3ab\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 180416 f94a5020e5238a7e64e88fe562d70860\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 180084 4041fea235b4152a45ffc4b160762a86\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 6091242 d577eb7d6dcd2dc0a69d05149483a953\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r4k-ip22_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 8271564 23d398483ff138b6491033c37c403cae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r5k-ip32_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 9039450 eea022877f831c0a18d2a410d64f563a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 15637442 b405dad922461f2f3222ec5c4d8a037f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 15607876 b1f1f38893955a8b094a4810dcaea9cf\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 3347390 558a640988696187cefd9f8e14a92065\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 51524 933f69c20738341d7a2452afc7db91cb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-mipsel_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 51582 7b00aa29821ad438977c0dbd4ec0287c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 147114 8600c8ce1b9c638b85afd6ac21e76842\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r3k-kn02_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 153250 a6b9937ef3f786bef498f5c369b0d00d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r4k-kn04_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 153286 c6e8a5db9e1e8a56253fd37face7946c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r5k-cobalt_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 175422 fd74b2b5ab09550132e1921823d62831\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 180244 825dceb4306471d260e39affdff163b0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 180136 d31f477892e5b04411f9cfc62e08f3a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 6025518 adfee8cd9e64705fc709f028b4fc2a17\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r3k-kn02_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 5937772 4dca97a5b95b72b7267679d268ff629f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r4k-kn04_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 5922552 87a2fdc06ba3bbdf6e20567a86b38cb8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r5k-cobalt_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 9858294 ebc487d04ce63659d6911e446c45c6a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 15053180 c721161996bfb8ba997c953c9e73ec8a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 15021258 3614d048fc8af68bc555858dbecce769\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4_powerpc.deb\n Size/MD5 checksum: 3364372 0f765a61bef198aaf3ac3b30f77a8567\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 3389590 aab3e60601c4a6d0a72d11754ba056b1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 51526 88bffdc4698d42a1d85874ef5b13d714\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 51580 8b0e141d6b8ac75fbbccb9fd36943c8e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 248506 ce7f8ae35564cc5d97f9caa194835844\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc-miboot_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 226300 235f2fecca146c366ec5c1e34f5a04cf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc-smp_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 248866 6c7d90c1044851b6e708b2ccfb981853\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 249206 0290d0dfb75b421a2935851692636cd1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-prep_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 244256 3c6cf4f09ff614603b012ebbe482a15a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 3411920 edfc95ee1df72f739b32ffb7a069fdf4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 249132 155392e599b178cec9d8af983e335db1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 249934 1b799b09fe208d308c23fd6f5a7a4cde\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 16624172 afe39ff92b464bb3a39473b02c4329b1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc-miboot_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 15151294 c5ace72ce905c1283cf7a94a8c920d72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc-smp_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 16961188 765b828b2c0b14cefbf46f871f162970\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 18291464 aebaa9b09032be8f562da28e522b9c0d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-prep_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 16397186 2a54060107b11d0164688acc2ba8de1c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 17009942 36ccae1eb7d14dc8c27b2740b8f35481\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 18341830 2efaade92def4590bcd87b795cdb8f57\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 2940424 c7f344ef4cb526aa545d03a5f9526849\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 51522 44760992fd3f18e5408902893325cf20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-s390_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 51542 93d575c0a46c3c1b58b95aabfab3fdc8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-s390_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 140032 face1dcfd1a3375c03e92d9fa7bfde52\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 140490 43f1ff5cb4388a0c6c8d55beea438a4c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 2963482 3c8d8fd99d59bdab8123b4ccf0a71b16\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 141450 513f1c6678c58d94bf49d3992a431dd2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s390_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 5399154 d8c384e5aeab253abdc36c5b50655a88\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s390-tape_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 1435992 33ffcb2539743c0c3f3051ddf7adee8b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 5614894 58799b2825fcc98b92a64c097bfa946c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 5659660 39eaba8923b1eba78f2ccdf615adcf64\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 3165560 e5c0b823ae957939f7709d0ca3d31a64\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 51530 6ab2303072194e3f673c90cfc0cf8781\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-sparc_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 51562 08ea17efc9d32d1c2fc26ad53824a221\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sparc32_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 162930 581248a51779959e78652ea9fc2c9ead\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 191876 f099a319d56bb3c964ec539a13306f0e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sparc64-smp_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 192598 473d3ba3db45b0badc18a384b11488a4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 3187862 5def64dd7a1ba241347108892210f357\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 193026 6adb99608f6c1a5109556ffe5697c485\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sparc32_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 6406814 08420a3fc961165cb6dc7976d0fcaa75\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 10353400 776cb8fee970fcb02649127deb43d753\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sparc64-smp_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 10610728 a102932dd3087e8d03882e483ecd2890\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 10656188 6a6e62e1f1b56d4a7ca33ef925e6aa0a\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ etch/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 20, "modified": "2007-10-12T00:00:00", "published": "2007-10-12T00:00:00", "id": "DEBIAN:DSA-1381-2:956ED", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00159.html", "title": "[SECURITY] [DSA 1381-2] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:11:20", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3272", "CVE-2007-6282", "CVE-2008-2826", "CVE-2008-0598", "CVE-2008-2729", "CVE-2008-2931", "CVE-2008-3275", "CVE-2008-2812"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1630-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nAug 21, 2008 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : denial of service/information leak\nProblem type : several\nDebian-specific: no\nCVE Id(s) : CVE-2007-6282 CVE-2008-0598 CVE-2008-2729 CVE-2008-2812\n CVE-2008-2826 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may\nlead to a denial of service or arbitrary code execution. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2007-6282\n\n Dirk Nehring discovered a vulnerability in the IPsec code that allows\n remote users to cause a denial of service by sending a specially crafted\n ESP packet.\n\nCVE-2008-0598\n\n Tavis Ormandy discovered a vulnerability that allows local users to access\n uninitialized kernel memory, possibly leaking sensitive data. This issue\n is specific to the amd64-flavour kernel images.\n\nCVE-2008-2729\n\n Andi Kleen discovered an issue where uninitialized kernel memory\n was being leaked to userspace during an exception. This issue may allow\n local users to gain access to sensitive data. Only the amd64-flavour\n Debian kernel images are affected.\n\nCVE-2008-2812\n\n Alan Cox discovered an issue in multiple tty drivers that allows\n local users to trigger a denial of service (NULL pointer dereference)\n and possibly obtain elevated privileges.\n\nCVE-2008-2826\n\n Gabriel Campana discovered an integer overflow in the sctp code that\n can be exploited by local users to cause a denial of service.\n\nCVE-2008-2931\n\n Miklos Szeredi reported a missing privilege check in the do_change_type()\n function. This allows local, unprivileged users to change the properties\n of mount points.\n\nCVE-2008-3272\n\n Tobias Klein reported a locally exploitable data leak in the\n snd_seq_oss_synth_make_info() function. This may allow local users\n to gain access to sensitive information.\n\nCVE-2008-3275\n\n Zoltan Sogor discovered a coding error in the VFS that allows local users\n to exploit a kernel memory leak resulting in a denial of service.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-22etch2.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\nuser-mode-linux packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 4.0 (etch)\n fai-kernels 1.17+etch.22etch2\n user-mode-linux 2.6.18-1um-2etch.22etch2\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-22etch2.diff.gz\n Size/MD5 checksum: 5378366 80a876fbcded8984ff47308cf2ece776\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2.dsc\n Size/MD5 checksum: 740 080fa46e372743186c973658347ceee1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.22etch2.dsc\n Size/MD5 checksum: 892 30580beb633eb4806c40d659f552cd88\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-22etch2.dsc\n Size/MD5 checksum: 5672 780d93329a4cedaad9d0539c1cc400ac\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.22etch2.diff.gz\n Size/MD5 checksum: 18180 2b9bbd3f4bcc3852320fc60d6947607e\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2.tar.gz\n Size/MD5 checksum: 56550 01fd54902e7ac7c3035c5176f1deae3c\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb\n Size/MD5 checksum: 3718952 804c3adc75403db743f603fd1dc44fa2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\n Size/MD5 checksum: 41460250 9fda57df0d76f6300b162c0765a87e32\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\n Size/MD5 checksum: 1632622 6d644a3a0502065b7a9faa9a7efdb8f4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\n Size/MD5 checksum: 1087372 8ff719e7a81edaa38b5eca31a7aaee02\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\n Size/MD5 checksum: 3590476 b803de0252e4f027567c5c13db4afe0a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-22etch2_all.deb\n Size/MD5 checksum: 55722 a4dd6ba664f85780bbe1ebf7f3a77b25\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 23464338 df80e9f9afac5942ec8cd73c8fa2acd3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 55150 c752933d6628e0ebe75dbe47f29ad4e2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 268952 128bea32232629d3255799ddc83da7b3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 269648 7617546d15e940343cbe381dfecae010\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 3053804 f72f8a710f0a4da22bc8fd431d9195ee\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 268368 5c248dbb5e31cc30d4148196b1f5cef0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 55180 2a8a3e402015cf1908906180eb6f8a5f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 23846050 ba3b97267e75c3d8027627b2a3ece5fb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 23485982 9ea2f705c0a99080425de75c48c66904\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 269242 1edcca9164f4eecd392897903269c1e2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_alpha.deb\n Size/MD5 checksum: 3028978 253a048a7d3ccdf823b8e28b47e5f849\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2_amd64.deb\n Size/MD5 checksum: 5961854 67e6d9bddf32e6ff37f15a37f9aa2b04\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 55174 94bc1ab70d46a153205059b1ba2fbd9e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 279498 bf0107981fe6a603a9b72be5e94190bb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 16909690 0d7e343ec621b05fb565ed0c4b355c9e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 3252530 97dc43477d90cae8fd6b4033781ce589\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 277930 b719a1156f14a870b6f0fed9fcac0e26\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 55146 865ab31e1451d19f5374492c7b5cec02\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 55152 811c0ed6f63166536426b3a30a0ae6a0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 1652318 1e02b1e5c1315c6775efd5a3ebb8eba0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 3228660 b3491a01820796609c57ff0ca45cd991\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 1684052 214c87ec095a47ddb16cb5a0386385d0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 15370528 6429150ddfdc20c94f5dd9223ce1eefa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 16955552 08dbcfaeb394f720be04b43584cc2dca\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 277636 0c1dd9ed04830cef72a2799682cdb373\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 3422414 a66a5347a66c224513912f23df6e7811\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 3397342 d69524c251013eca5cb9c2fc6ac49f08\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 278800 f808d9f0b51671184647976e61673ef7\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 55126 dcc26a10c820fe676abf6d0a8f733190\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-22etch2_amd64.deb\n Size/MD5 checksum: 15356684 ca635c5a74fde0c121ac8ad0dca7f3bc\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 240724 05944f6adaed3622fdbf4fa94d9e37c1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 55194 cfb4019acf8ce2b9eca9a06cde8fa6d8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 200112 db009d7e4d83679ea6bf62352e8cbe27\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 7925520 1488da3529714a8490790357b2a28d34\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 235346 8bac39d6ded885fc5247046c1a0f5c1c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 205074 8fa04e311cd6e56aa2749d4146056c77\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 55234 060e1f4e0b26b2fb42fe0be4d8078952\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 3411494 cfe4f5b7273940720e2bc1e945631f1c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 4588214 42d8698407235b46507cf2d7b992c09c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 234198 35c06e74a9f26ab8217ea98df7c01a9b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 7567632 3e4a444afcf3df3e510e2c5000a4b684\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 5010844 a3a1c62fbe80192e80bcaac498036e92\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb\n Size/MD5 checksum: 8872222 e1a64be9bdc5246dd1d9ef666eb0a311\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 11805014 e45047cea390fd98d4a55557414b578e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 55184 397ca7761578ce779b6ef9bacc372ffb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 10551992 1d693cdd06bb4dee92a25cd886817522\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 55158 15e7aa685aea41e29ac6c76825e99ad6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 199066 5aaf2ce6a96449673f8a8f48f36cf841\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 11400554 53c5eca027dc1015bf6423cbe65536cd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 10998698 050980b34cbc925f0842c161828aa1f7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 197944 1d45f1fe804821cc7b8aa80b0dec4f36\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 3022526 52b6702172ceb2064dde03ea3cacca7a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 198152 556e2b16e2988976dac562f1baad15a9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-22etch2_hppa.deb\n Size/MD5 checksum: 197130 298d3e069a1f6996685c4a5a8bc1bada\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16377614 74d1938921db193d10a0ff798fe7c005\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 272450 5468ca009d328fc890a6ab771ab20968\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16471330 35ea40d0f873d6c8ff819a62239623ac\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 280452 b055d4305ed580aa9603c3ff5b8c48ef\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16838150 45beacafd1a4902c055c41bd7711586a\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.22etch2_i386.deb\n Size/MD5 checksum: 25589346 bf03c496e08b7d40f52f602011c07560\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16406940 0225f98fb843e23225875943b5179aa1\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 55132 28a33a24ebdcdcad85d335499397c88c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 55196 16b6e16eefaeb5891ab4ba7f832d0ed3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 3169128 eb405a8b5c8b6d815c95f73262a99af1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 55144 3d96d807e874865af58831720adb4486\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 3055432 a496fea546da3a21748b444ffd6836ec\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 272846 c58bde7235a1f1ac5c8145dc1ae9346b\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 55140 eee1bdfac4bbecc919d0151b2e23d24c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 14292444 19fe5544166f396830fef3a1b4e4626f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 280608 496144bbb1d620644189d012b9d6ea70\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 282902 f4145bd74ab9467b1af36da46b7666ef\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 279034 26430131dc00922da7c9b034c191eaf1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 272230 871474e9b227166f527391aa064ec971\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2_i386.deb\n Size/MD5 checksum: 5505296 9da61c3c82edf996a6324ebd4517251c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 3149672 c6cbb32f47b75db7d63a6fcf84e0df38\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 3171866 333ceba6af38b86e41a1db10fc764319\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 281062 c0c403aedd560ad15fb7d90c54ce3145\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16192240 a4a3d514e989d64042c46d3ad8d0b0ae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 278950 9de592d811e51eeb07ebe193f8734d15\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16337664 a367c6561e7cf8ff701a731d8072dca2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 1328006 c5089d6b0fa44ce46fdbbd17140cb9c6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 16509906 c8894d32a5f39e7512d2db9de74ddf3c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 1300920 9c42c8356ab3a07b89f2d95f47de5303\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-22etch2_i386.deb\n Size/MD5 checksum: 14281014 32f281f475d4ee1f2d67dd029231ea46\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 256640 e96b0df79e67e6049d8feeb73e63f287\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 55174 c93847739b57f47faacaf642de4ab6c1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 256732 af4ee0bbafe50ce27d875243fe626ab9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 28181368 dff959a14317741919a7a46d73c273a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 55146 9f30373190856528f752d21d66a88053\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 28014200 d290bc90985342dfe3b348d3e1d07922\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_ia64.deb\n Size/MD5 checksum: 3083012 cbb353d4e8cb3a2bfc4dbf43f4427344\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 8311782 6b24a125c1b553bd4f69d830f2d19eaa\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 6124616 ab5d97cb43f8e7d0f7cfebe2db2416df\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 55190 1cd7be3bb06e63ecf67e6c5c175aa201\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 187898 a74c79e4b6de9312c1a531b7d1c04e06\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 164036 58db324ddfe7d1b3f7086c67091c1ae3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 15654946 4c99171f6b6e8e0b06d88f65244f5a5c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 155578 71edf3d7d29b414ee8fe9c26d98afe2f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 15680482 79ca37454bab6d11c4af5621e3963e87\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 168240 0eafb18463f917510d3110c74786742d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 3415314 94c72a62a2c3c52535c3ef4936400ad9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 9077040 581d6744c0c10ec63b06b5d058e44a87\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 55236 7c94ce0a6b000ba9abcc0bf8272e033c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb\n Size/MD5 checksum: 188208 2356f7b9cf66b0694b1b7bb07e9e1df0\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 3351164 f15965863479e2b0eab136c912b25ebd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 183690 e20c71f57188bc8458abb4dc212402f3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 156886 65c9aec3009d7ace0550bee15d0bd34c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 151270 92419bb4255d3989eef1b3d2e616e5a5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 9864388 2aa86c68a6c8ac36e8dc22aafcac34fb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 183862 262a4f1a05c00b6c2752733101d2bb4b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 6030536 1199eb8f7b6a9b4ff1a32ebccfcd7074\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 5944692 205d02fd233142d8058874e6ead00e94\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 156854 1f02416baf0082238418bba97eb8aa4f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 15028044 00f2ad06dfa6c908036349c35a5a8e39\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 55154 6b6f4c17287d5e053d716a742cb738a0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 179462 e5497abf20a5461319d8f1d7c37d19b3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 15057484 ea8ab2c273fbc3d282d0120cdbbe5c34\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 55208 f3bfa65fa08c4ad552aef1536bdd1fcc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-22etch2_mipsel.deb\n Size/MD5 checksum: 5928064 cad7b6b3653d205a39e876a508d4ddaf\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.22etch2_powerpc.deb\n Size/MD5 checksum: 3367890 ad1ad713d488f9e0e0669e1293f1ccd3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 254026 ae831a11ed61a4b52bb7a3043eb2f265\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 16628466 1b10ecc3a4095b9f0e9cd6fa0c544308\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 3415704 ea230f1f09a4e8341e7bb24ebd037dd3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 15160062 e41656dd2782d44ec9487138dc694722\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 17017000 04153c3611b94ae5044868407f1eaa96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 255324 60960ac1262f6d8eabcd96d9789b27bc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 253678 e1a1fcc0865698fca0aa46cc02c0e38d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 18295838 01cb70246fc9027dc9097964d0a7c06d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 253858 a30720b97122274208888b564c0548b5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 18354880 c82075e19802e915551cd25b04f72c76\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 3393390 246ebdc0ce319ab1b8c0022b1b69fd1d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 246546 855a95e124dcd81d26d06fced8ff9cda\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 16406142 59c2543679159905e0d16445d7f5b66d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 231148 96bb009cbc3c1c9fc00a4f84a4aa9cd5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 55156 94c052eb19ce469aabc0a9a71860f861\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 16971942 c230eb342210e9f9376783e013216695\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 252866 4b2bf2f6783bb456b5c003df3e1ea1f5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-22etch2_powerpc.deb\n Size/MD5 checksum: 55206 209887bf65d555135cde2cb7b1ef0b7b\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 55168 ba80b3fe0aa1ffdc92825578c4a0a8e2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 5620988 555c4bd0a4b245f267dc324c9b39d695\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 144604 bd539fa6955b9ea80a38046b1097ea6e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 145888 80f3dcbc19b2076e6a37ac8f48f1c687\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 5403802 9bfc6e49de7faecc3ae013efd8a5ff85\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 2944158 7a37040db97a3a43817eea570ca29554\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 5663004 f3b7384004cd0c0c6a0478865300b9f8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 55146 fd4df49a7d2116c1b1eb0f38211c196c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 145096 7e0bfcc155246d4b7cb8ee00d9a370ba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 1440072 437e3a46bda63f1ba5bb2d0b970a669f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_s390.deb\n Size/MD5 checksum: 2967228 a32e5147c0f741a5300c6122aade4377\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 10394174 30c3164de023288678eda955e7088e89\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 166138 da9c686e82839dbecfc4d2f8d5d6ff8f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 6412488 738092d091284463d88dcce9bc0d683e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 10694332 aa5d657822ad30eb7edf2eca35644e09\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 196630 b349a6dd56888b772577075f21229498\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 195534 c7b2e3ee30ba33f0a207fa11a5f08916\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 197330 5e9f1ad14b5b10c6012b09dcfa93acb5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 10647804 5bab66c5cdaa22683425b4e101fea4e0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 55156 da09f09d5c47ce3cd8666b7ba98b9a08\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 3191596 f6aee8879affc350feb8706cdffb95da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 3169298 a6ad7bd3b6ba9d573f47c21f45b9f660\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-22etch2_sparc.deb\n Size/MD5 checksum: 55184 322a273cbddb53db9fdb143229104384\n\n These changes will probably be included in the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 7, "modified": "2008-08-21T16:40:28", "published": "2008-08-21T16:40:28", "id": "DEBIAN:DSA-1630-1:8E4BC", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00216.html", "title": "[SECURITY] [DSA 1630-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:47:03", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5966", "CVE-2007-6282", "CVE-2007-6712", "CVE-2008-1615", "CVE-2008-2136", "CVE-2008-2148", "CVE-2008-2372", "CVE-2008-2729", "CVE-2008-2826"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* the possibility of a timeout value overflow was found in the Linux kernel\nhigh-resolution timers functionality, hrtimer. This could allow a local\nunprivileged user to execute arbitrary code, or cause a denial of service\n(kernel panic). (CVE-2007-5966, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel IPsec\nprotocol implementation, due to improper handling of fragmented ESP\npackets. When an attacker controlling an intermediate router fragmented\nthese packets into very small pieces, it would cause a kernel crash on the\nreceiving node during packet reassembly. (CVE-2007-6282, Important)\n\n* on 64-bit architectures, the possibility of a timer-expiration value\noverflow was found in the Linux kernel high-resolution timers\nfunctionality, hrtimer. This could allow a local unprivileged user to set\nup a large interval value, forcing the timer expiry value to become\nnegative, causing a denial of service (kernel hang). \n(CVE-2007-6712, Important)\n\n* on AMD64 architectures, the possibility of a kernel crash was discovered\nby testing the Linux kernel process-trace ability. This could allow a local\nunprivileged user to cause a denial of service (kernel crash).\n(CVE-2008-1615, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a local\nunprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* a flaw was found in the Linux kernel utimensat system call. File\npermissions were not checked when UTIME_NOW and UTIME_OMIT combinations\nwere used. This could allow a local unprivileged user to modify file times\nof arbitrary files, possibly leading to a denial of service.\n(CVE-2008-2148, Important)\n\n* a security flaw was found in the Linux kernel memory copy routines, when\nrunning on certain AMD64 architectures. If an unsuccessful attempt to copy\nkernel memory from source to destination memory locations occurred, the\ncopy routines did not zero the content at the destination memory location.\nThis could allow a local unprivileged user to view potentially sensitive\ndata. (CVE-2008-2729, Important)\n\n* Gabriel Campana discovered a possible integer overflow flaw in the Linux \nkernel Stream Control Transmission Protocol (SCTP) implementation. This\ndeficiency could lead to privilege escalation. (CVE-2008-2826, Important)\n\n* a deficiency was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to make a large number of calls\nto the get_user_pages function, possibly causing a denial of service.\n(CVE-2008-2372, Low)\n\nAlso, these updated packages fix the following bugs:\n\n* gdb set orig_rax to 0x00000000ffffffff, which is recognized by the\nupstream kernel as \"-1\", but not by the Red Hat Enterprise MRG kernel.\n\n* if the POSIX timer was programmed to fire immediately, the timer's\nsignal was sometimes not delivered (timer does not fire).\n\n* rwlock caused crashes and application hangs.\n\n* running oprofile caused system panics.\n\n* threads releasing a mutex may have received an EPERM error.\n\n* booting the RT kernel with the \"nmi_watchdog=2\" kernel option caused a\nkernel panic, and an \"Unable to handle kernel paging request\" error.\n\n* \"echo 0 > /sys/devices/system/cpu/cpu1/online\" caused crashes.\n\n* a crash on a JTC machine.\n\n* added a new \"FUTEX_WAIT_BITSET\" system call, identical to FUTEX_WAIT,\nthat accepts absolute time as a timeout.\n\nRed Hat Enterprise MRG 1.0 users are advised to upgrade to these updated\npackages, which contain backported patches to resolve these issues.", "modified": "2019-03-22T23:44:15", "published": "2008-08-26T04:00:00", "id": "RHSA-2008:0585", "href": "https://access.redhat.com/errata/RHSA-2008:0585", "type": "redhat", "title": "(RHSA-2008:0585) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:47:07", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0504", "CVE-2007-6282", "CVE-2008-0007", "CVE-2008-1375", "CVE-2008-1615", "CVE-2008-1669"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code has been found in the Linux kernel open file\ndescriptors control mechanism, fcntl. This could allow a local unprivileged\nuser to simultaneously execute code, which would otherwise be protected\nagainst parallel execution. As well, a race condition when handling locks\nin the Linux kernel fcntl functionality, may have allowed a process\nbelonging to a local unprivileged user to gain re-ordered access to the\ndescriptor table. (CVE-2008-1669, Important)\n\n* on AMD64 architectures, the possibility of a kernel crash was discovered\nby testing the Linux kernel process-trace ability. This could allow a local\nunprivileged user to cause a denial of service (kernel crash).\n(CVE-2008-1615, Important)\n\n* the absence of a protection mechanism when attempting to access a\ncritical section of code, as well as a race condition, have been found\nin the Linux kernel file system event notifier, dnotify. This could allow a\nlocal unprivileged user to get inconsistent data, or to send arbitrary\nsignals to arbitrary system processes. (CVE-2008-1375, Important)\n\nRed Hat would like to thank Nick Piggin for responsibly disclosing the\nfollowing issue:\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A local\nunprivileged user could use this flaw to gain read or write access to\narbitrary kernel memory, or possibly cause a kernel crash.\n(CVE-2008-0007, Important)\n\n* the possibility of a kernel crash was found in the Linux kernel IPsec\nprotocol implementation, due to improper handling of fragmented ESP\npackets. When an attacker controlling an intermediate router fragmented\nthese packets into very small pieces, it would cause a kernel crash on the\nreceiving node during packet reassembly. (CVE-2007-6282, Important)\n\n* a flaw in the MOXA serial driver could allow a local unprivileged user\nto perform privileged operations, such as replacing firmware.\n(CVE-2005-0504, Important)\n\nAs well, these updated packages fix the following bugs:\n\n* multiple buffer overflows in the neofb driver have been resolved. It was\nnot possible for an unprivileged user to exploit these issues, and as such,\nthey have not been handled as security issues.\n\n* a kernel panic, due to inconsistent detection of AGP aperture size, has\nbeen resolved.\n\n* a race condition in UNIX domain sockets may have caused \"recv()\" to\nreturn zero. In clustered configurations, this may have caused unexpected\nfailovers.\n\n* to prevent link storms, network link carrier events were delayed by up to\none second, causing unnecessary packet loss. Now, link carrier events are\nscheduled immediately.\n\n* a client-side race on blocking locks caused large time delays on NFS file\nsystems.\n\n* in certain situations, the libATA sata_nv driver may have sent commands\nwith duplicate tags, which were rejected by SATA devices. This may have\ncaused infinite reboots.\n\n* running the \"service network restart\" command may have caused networking\nto fail.\n\n* a bug in NFS caused cached information about directories to be stored\nfor too long, causing wrong attributes to be read.\n\n* on systems with a large highmem/lowmem ratio, NFS write performance may\nhave been very slow when using small files.\n\n* a bug, which caused network hangs when the system clock was wrapped\naround zero, has been resolved.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated\npackages, which contain backported patches to resolve these issues.", "modified": "2017-09-08T12:19:18", "published": "2008-05-07T04:00:00", "id": "RHSA-2008:0237", "href": "https://access.redhat.com/errata/RHSA-2008:0237", "type": "redhat", "title": "(RHSA-2008:0237) Important: kernel security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-01T10:04:53", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5093", "CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3272", "CVE-2008-3528", "CVE-2008-4210"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation. This\ncould have allowed a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\nkernel, a local unprivileged user could cause a denial of service by\nreading from or writing into a padding area in the user_regs_struct32\nstructure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear\nthe setuid and setgid bits. This could have allowed a local unprivileged\nuser to obtain access to privileged information. (CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open Sound\nSystem (OSS) implementation. This deficiency could have led to an\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux kernel's\nPWC USB video driver. A local unprivileged user could have used this flaw\nto bring the kernel USB subsystem into the busy-waiting state.\n(CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service issue when\nread or write operations were performed. (CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs:\n\n* when using the CIFS \"forcedirectio\" option, appending to an open file on\na CIFS share resulted in that file being overwritten with the data to be\nappended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was present\non a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when trying\nto load the aacraid driver and printed the following error message:\n\"aac_srb: aac_fib_send failed with status: 8195\".\n\n* due to an mpt driver regression, when RAID 1 was configured on Primergy\nsystems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\nduring boot.\n\n* the mpt driver produced a large number of extraneous debugging messages\nwhen performing a \"Host reset\" operation.\n\n* due to a regression in the sym driver, the kernel panicked when a SCSI\nhot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in\naccordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These are\naddressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative count\nof used blocks.\n\n* reading /proc/self/mem incorrectly returned \"Invalid argument\" instead of\n\"input/output error\" due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was\nremoved while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash during\nthe creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated\npackages, which contain backported patches to correct these issues.", "modified": "2017-09-08T11:55:07", "published": "2008-11-19T05:00:00", "id": "RHSA-2008:0972", "href": "https://access.redhat.com/errata/RHSA-2008:0972", "type": "redhat", "title": "(RHSA-2008:0972) Important: kernel security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-5093"], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6</a>\nVendor Specific News/Changelog Entry: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6\n[Secunia Advisory ID:26994](https://secuniaresearch.flexerasoftware.com/advisories/26994/)\n[Secunia Advisory ID:28170](https://secuniaresearch.flexerasoftware.com/advisories/28170/)\nOther Advisory URL: http://www.debian.org/security/2007/dsa-1381\nOther Advisory URL: http://www.ubuntu.com/usn/usn-558-1\nMail List Post: http://marc.info/?l=linux-kernel&amp;m=118873457814808&amp;w=2\nMail List Post: http://marc.info/?l=linux-kernel&amp;m=118880154122548&amp;w=2\n[CVE-2007-5093](https://vulners.com/cve/CVE-2007-5093)\nBugtraq ID: 25504\n", "edition": 1, "modified": "2007-08-31T20:21:30", "published": "2007-08-31T20:21:30", "href": "https://vulners.com/osvdb/OSVDB:39233", "id": "OSVDB:39233", "title": "Linux Kernel Philips USB Webcam (pwc) Driver Disconnect Method Local DoS", "type": "osvdb", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-08T23:33:59", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2136", "CVE-2007-6282", "CVE-2008-2826", "CVE-2008-0598", "CVE-2007-6712", "CVE-2008-2137", "CVE-2008-1615", "CVE-2008-2365", "CVE-2008-2729", "CVE-2008-2358", "CVE-2008-2750", "CVE-2008-2148", "CVE-2008-1673"], "description": "Dirk Nehring discovered that the IPsec protocol stack did not correctly \nhandle fragmented ESP packets. A remote attacker could exploit this to \ncrash the system, leading to a denial of service. (CVE-2007-6282)\n\nJohannes Bauer discovered that the 64bit kernel did not correctly handle \nhrtimer updates. A local attacker could request a large expiration value \nand cause the system to hang, leading to a denial of service. \n(CVE-2007-6712)\n\nTavis Ormandy discovered that the ia32 emulation under 64bit kernels did \nnot fully clear uninitialized data. A local attacker could read private \nkernel memory, leading to a loss of privacy. (CVE-2008-0598)\n\nJan Kratochvil discovered that PTRACE did not correctly handle certain \ncalls when running under 64bit kernels. A local attacker could exploit this \nto crash the system, leading to a denial of service. (CVE-2008-1615)\n\nWei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT \ndid not correctly handle certain length values. Remote attackers could \nexploit this to execute arbitrary code or crash the system. (CVE-2008-1673)\n\nPaul Marks discovered that the SIT interfaces did not correctly manage \nallocated memory. A remote attacker could exploit this to fill all \navailable memory, leading to a denial of service. (CVE-2008-2136)\n\nDavid Miller and Jan Lieskovsky discovered that the Sparc kernel did not \ncorrectly range-check memory regions allocated with mmap. A local attacker \ncould exploit this to crash the system, leading to a denial of service. \n(CVE-2008-2137)\n\nThe sys_utimensat system call did not correctly check file permissions in \ncertain situations. A local attacker could exploit this to modify the file \ntimes of arbitrary files which could lead to a denial of service. \n(CVE-2008-2148)\n\nBrandon Edwards discovered that the DCCP system in the kernel did not \ncorrectly check feature lengths. A remote attacker could exploit this to \nexecute arbitrary code. (CVE-2008-2358)\n\nA race condition was discovered between ptrace and utrace in the kernel. A \nlocal attacker could exploit this to crash the system, leading to a denial \nof service. (CVE-2008-2365)\n\nThe copy_to_user routine in the kernel did not correctly clear memory \ndestination addresses when running on 64bit kernels. A local attacker could \nexploit this to gain access to sensitive kernel memory, leading to a loss \nof privacy. (CVE-2008-2729)\n\nThe PPP over L2TP routines in the kernel did not correctly handle certain \nmessages. A remote attacker could send a specially crafted packet that \ncould crash the system or execute arbitrary code. (CVE-2008-2750)\n\nGabriel Campana discovered that SCTP routines did not correctly check for \nlarge addresses. A local user could exploit this to allocate all available \nmemory, leading to a denial of service. (CVE-2008-2826)", "edition": 5, "modified": "2008-07-15T00:00:00", "published": "2008-07-15T00:00:00", "id": "USN-625-1", "href": "https://ubuntu.com/security/notices/USN-625-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:37:25", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5501", "CVE-2007-4849", "CVE-2007-4133", "CVE-2007-5093", "CVE-2007-4567", "CVE-2007-4997", "CVE-2006-6058", "CVE-2007-5500"], "description": "The minix filesystem did not properly validate certain filesystem values. \nIf a local attacker could trick the system into attempting to mount a \ncorrupted minix filesystem, the kernel could be made to hang for long \nperiods of time, resulting in a denial of service. (CVE-2006-6058)\n\nCertain calculations in the hugetlb code were not correct. A local \nattacker could exploit this to cause a kernel panic, leading to a denial \nof service. (CVE-2007-4133)\n\nEric Sesterhenn and Victor Julien discovered that the hop-by-hop IPv6 \nextended header was not correctly validated. If a system was configured \nfor IPv6, a remote attacker could send a specially crafted IPv6 packet \nand cause the kernel to panic, leading to a denial of service. This \nwas only vulnerable in Ubuntu 7.04. (CVE-2007-4567)\n\nPermissions were not correctly stored on JFFS2 ACLs. For systems using \nACLs on JFFS2, a local attacker may gain access to private files. \n(CVE-2007-4849)\n\nChris Evans discovered that the 802.11 network stack did not correctly \nhandle certain QOS frames. A remote attacker on the local wireless network \ncould send specially crafted packets that would panic the kernel, resulting \nin a denial of service. (CVE-2007-4997)\n\nThe Philips USB Webcam driver did not correctly handle disconnects. \nIf a local attacker tricked another user into disconnecting a webcam \nunsafely, the kernel could hang or consume CPU resources, leading to \na denial of service. (CVE-2007-5093)\n\nScott James Remnant discovered that the waitid function could be made \nto hang the system. A local attacker could execute a specially crafted \nprogram which would leave the system unresponsive, resulting in a denial \nof service. (CVE-2007-5500)\n\nIlpo J\u00e4rvinen discovered that it might be possible for the TCP stack \nto panic the kernel when receiving a crafted ACK response. Only Ubuntu \n7.10 contained the vulnerable code, and it is believed not to have \nbeen exploitable. (CVE-2007-5501)\n\nWhen mounting the same remote NFS share to separate local locations, the \nfirst location's mount options would apply to all subsequent mounts of the \nsame NFS share. In some configurations, this could lead to incorrectly \nconfigured permissions, allowing local users to gain additional access \nto the mounted share. (<https://launchpad.net/bugs/164231>)", "edition": 68, "modified": "2007-12-19T00:00:00", "published": "2007-12-19T00:00:00", "id": "USN-558-1", "href": "https://ubuntu.com/security/notices/USN-558-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:28:01", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6417", "CVE-2008-0001", "CVE-2007-4133", "CVE-2007-6151", "CVE-2006-7229", "CVE-2007-5093", "CVE-2007-4997", "CVE-2007-6206", "CVE-2006-6058", "CVE-2007-6063", "CVE-2007-5500"], "description": "The minix filesystem did not properly validate certain filesystem \nvalues. If a local attacker could trick the system into attempting \nto mount a corrupted minix filesystem, the kernel could be made to \nhang for long periods of time, resulting in a denial of service. \n(CVE-2006-6058)\n\nAlexander Schulze discovered that the skge driver does not properly \nuse the spin_lock and spin_unlock functions. Remote attackers could \nexploit this by sending a flood of network traffic and cause a denial \nof service (crash). (CVE-2006-7229)\n\nHugh Dickins discovered that hugetlbfs performed certain prio_tree \ncalculations using HPAGE_SIZE instead of PAGE_SIZE. A local user \ncould exploit this and cause a denial of service via kernel panic. \n(CVE-2007-4133)\n\nChris Evans discovered an issue with certain drivers that use the \nieee80211_rx function. Remote attackers could send a crafted 802.11 \nframe and cause a denial of service via crash. (CVE-2007-4997)\n\nAlex Smith discovered an issue with the pwc driver for certain webcam \ndevices. A local user with physical access to the system could remove \nthe device while a userspace application had it open and cause the USB \nsubsystem to block. (CVE-2007-5093)\n\nScott James Remnant discovered a coding error in ptrace. Local users \ncould exploit this and cause the kernel to enter an infinite loop. \n(CVE-2007-5500)\n\nVenustech AD-LAB discovered a buffer overflow in the isdn net \nsubsystem. This issue is exploitable by local users via crafted input \nto the isdn_ioctl function. (CVE-2007-6063)\n\nIt was discovered that the isdn subsystem did not properly check for \nNULL termination when performing ioctl handling. A local user could \nexploit this to cause a denial of service. (CVE-2007-6151)\n\nBlake Frantz discovered that when a root process overwrote an existing \ncore file, the resulting core file retained the previous core file's \nownership. Local users could exploit this to gain access to sensitive \ninformation. (CVE-2007-6206)\n\nHugh Dickins discovered the when using the tmpfs filesystem, under \nrare circumstances, a kernel page may be improperly cleared. A local \nuser may be able to exploit this and read sensitive kernel data or \ncause a denial of service via crash. (CVE-2007-6417)\n\nBill Roman discovered that the VFS subsystem did not properly check \naccess modes. A local user may be able to gain removal privileges \non directories. (CVE-2008-0001)", "edition": 5, "modified": "2008-02-14T00:00:00", "published": "2008-02-14T00:00:00", "id": "USN-578-1", "href": "https://ubuntu.com/security/notices/USN-578-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:32:29", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5501", "CVE-2007-6417", "CVE-2008-0001", "CVE-2007-4849", "CVE-2007-3107", "CVE-2007-6151", "CVE-2007-5093", "CVE-2007-4567", "CVE-2007-4997", "CVE-2007-6206", "CVE-2007-5966", "CVE-2006-6058", "CVE-2007-6063", "CVE-2007-5500"], "description": "The minix filesystem did not properly validate certain filesystem \nvalues. If a local attacker could trick the system into attempting \nto mount a corrupted minix filesystem, the kernel could be made to \nhang for long periods of time, resulting in a denial of service. \nThis was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2006-6058)\n\nThe signal handling on PowerPC systems using HTX allowed local users \nto cause a denial of service via floating point corruption. This was \nonly vulnerable in Ubuntu 6.10 and 7.04. (CVE-2007-3107)\n\nThe Linux kernel did not properly validate the hop-by-hop IPv6 \nextended header. Remote attackers could send a crafted IPv6 packet \nand cause a denial of service via kernel panic. This was only \nvulnerable in Ubuntu 7.04. (CVE-2007-4567)\n\nThe JFFS2 filesystem with ACL support enabled did not properly store \npermissions during inode creation and ACL setting. Local users could \npossibly access restricted files after a remount. This was only \nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-4849)\n\nChris Evans discovered an issue with certain drivers that use the \nieee80211_rx function. Remote attackers could send a crafted 802.11 \nframe and cause a denial of service via crash. This was only \nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-4997)\n\nAlex Smith discovered an issue with the pwc driver for certain webcam \ndevices. A local user with physical access to the system could remove \nthe device while a userspace application had it open and cause the USB \nsubsystem to block. This was only vulnerable in Ubuntu 7.04. \n(CVE-2007-5093)\n\nScott James Remnant discovered a coding error in ptrace. Local users \ncould exploit this and cause the kernel to enter an infinite loop. \nThis was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-5500)\n\nIt was discovered that the Linux kernel could dereference a NULL \npointer when processing certain IPv4 TCP packets. A remote attacker \ncould send a crafted TCP ACK response and cause a denial of service \nvia crash. This was only vulnerable in Ubuntu 7.10. (CVE-2007-5501)\n\nWarren Togami discovered that the hrtimer subsystem did not properly \ncheck for large relative timeouts. A local user could exploit this and \ncause a denial of service via soft lockup. (CVE-2007-5966)\n\nVenustech AD-LAB discovered a buffer overflow in the isdn net \nsubsystem. This issue is exploitable by local users via crafted input \nto the isdn_ioctl function. (CVE-2007-6063)\n\nIt was discovered that the isdn subsystem did not properly check for \nNULL termination when performing ioctl handling. A local user could \nexploit this to cause a denial of service. (CVE-2007-6151)\n\nBlake Frantz discovered that when a root process overwrote an existing \ncore file, the resulting core file retained the previous core file's \nownership. Local users could exploit this to gain access to sensitive \ninformation. (CVE-2007-6206)\n\nHugh Dickins discovered the when using the tmpfs filesystem, under \nrare circumstances, a kernel page may be improperly cleared. A local \nuser may be able to exploit this and read sensitive kernel data or \ncause a denial of service via crash. (CVE-2007-6417)\n\nBill Roman discovered that the VFS subsystem did not properly check \naccess modes. A local user may be able to gain removal privileges on \ndirectories. (CVE-2008-0001)", "edition": 5, "modified": "2008-02-04T00:00:00", "published": "2008-02-04T00:00:00", "id": "USN-574-1", "href": "https://ubuntu.com/security/notices/USN-574-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5938", "CVE-2008-0600", "CVE-2008-1615", "CVE-2008-1669"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2008-05-17T22:21:35", "published": "2008-05-17T22:21:35", "id": "FEDORA:M4HMLUPW016064", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kernel-2.6.23.17-88.fc7", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}