{"id": "RHSA-2013:0496", "hash": "2d88887a847f93f3a9a882a8915a467b", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:0496) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-02-21T05:00:00", "modified": "2018-06-06T20:24:24", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2013:0496", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4508", "CVE-2012-4542", "CVE-2013-0190", "CVE-2013-0309", "CVE-2013-0310", "CVE-2013-0311"], "lastseen": "2019-08-13T18:45:51", "history": [{"bulletin": {"id": "RHSA-2013:0496", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:0496) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-02-21T05:00:00", "modified": "2017-03-03T17:34:12", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2013:0496", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4508", "CVE-2013-0190", "CVE-2013-0311", "CVE-2012-4542", "CVE-2013-0310", "CVE-2013-0309"], "lastseen": "2017-03-10T13:18:48", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 6.6, "modified": "2017-03-10T13:18:48"}}, "objectVersion": "1.4", "affectedPackage": [{"arch": "x86_64", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "python-perf-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "python-perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-devel-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "python-perf-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "python-perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "perf-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-debug-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-debug", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "python-perf-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "python-perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-debug-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-debug", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "perf-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "perf-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "src", "packageFilename": "kernel-2.6.32-358.el6.src.rpm", "OSVersion": "6", "packageName": "kernel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-headers-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-headers", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-devel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-debug-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-debug-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-debug", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-kdump-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-kdump-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "noarch", "packageFilename": "kernel-doc-2.6.32-358.el6.noarch.rpm", "OSVersion": "6", "packageName": "kernel-doc", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo-common-x86_64", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "python-perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "perf-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-kdump-devel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-kdump-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-headers-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-headers", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-devel-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-headers", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-debug", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-bootwrapper-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-bootwrapper", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-debug-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo-common-s390x", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-debug-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "python-perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "python-perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-kdump-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-kdump", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-headers-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-headers", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "packageName": "kernel-debug-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo-common-ppc64", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-debug-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "python-perf-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "perf-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "s390x", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "packageName": "kernel-debug-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "ppc64", "packageFilename": "python-perf-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "packageName": "python-perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "perf-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "perf", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-debug-debuginfo", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-358.el6.noarch.rpm", "OSVersion": "6", "packageName": "kernel-firmware", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-debuginfo-common-i686", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}, {"arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "packageName": "kernel-debug-devel", "OS": "RedHat", "packageVersion": "2.6.32-358.el6", "operator": "lt"}]}, "lastseen": "2017-03-10T13:18:48", "differentElements": ["modified"], "edition": 1}, {"bulletin": {"id": "RHSA-2013:0496", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:0496) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-02-21T05:00:00", "modified": "2017-11-24T18:38:39", "cvss": {"vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 6.6}, "href": "https://access.redhat.com/errata/RHSA-2013:0496", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4508", "CVE-2012-4542", "CVE-2013-0190", "CVE-2013-0309", "CVE-2013-0310", "CVE-2013-0311"], "lastseen": "2017-12-25T20:05:16", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"arch": "i686", "packageFilename": "perf-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo-common-i686", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "src", "packageFilename": "kernel-2.6.32-358.el6.src.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo-common-x86_64", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "python-perf-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "python-perf-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-debug-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-headers-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-358.el6.noarch.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-firmware", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "perf-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-devel-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.i686.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "noarch", "packageFilename": "kernel-doc-2.6.32-358.el6.noarch.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-doc", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "perf-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-358.el6.x86_64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo-common-ppc64", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "python-perf-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-bootwrapper-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-bootwrapper", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-debug-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-devel-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "kernel-headers-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "ppc64", "packageFilename": "perf-2.6.32-358.el6.ppc64.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo-common-s390x", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-kdump-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-kdump-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "perf-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "python-perf-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-devel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-headers-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-kdump-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-kdump", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-debug-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "kernel-kdump-devel-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "kernel-kdump-devel", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}, {"arch": "s390x", "packageFilename": "perf-2.6.32-358.el6.s390x.rpm", "OSVersion": "6", "operator": "lt", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "OS": "RedHat"}]}, "lastseen": "2017-12-25T20:05:16", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "RHSA-2013:0496", "hash": "2dc76d734105c03207b541a7fb57ccb5", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:0496) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-02-21T05:00:00", "modified": "2018-06-06T20:24:24", "cvss": {"vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 6.6}, "href": "https://access.redhat.com/errata/RHSA-2013:0496", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4508", "CVE-2012-4542", "CVE-2013-0190", "CVE-2013-0309", "CVE-2013-0310", "CVE-2013-0311"], "lastseen": "2018-06-12T21:10:48", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debuginfo-common-i686", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "src", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debuginfo-common-x86_64", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "kernel-firmware", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-firmware-2.6.32-358.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "kernel-doc", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-doc-2.6.32-358.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debuginfo-common-ppc64", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-bootwrapper", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-bootwrapper-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debuginfo-common-s390x", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-kdump-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-kdump-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-kdump", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-kdump-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-kdump-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-kdump-devel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.s390x.rpm", "operator": "lt"}]}, "lastseen": "2018-06-12T21:10:48", "differentElements": ["affectedPackage"], "edition": 3}, {"bulletin": {"id": "RHSA-2013:0496", "hash": "3773b1d3c979d85b6e7cd39c67ab89d1", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:0496) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-02-21T05:00:00", "modified": "2018-06-06T20:24:24", "cvss": {"vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 6.6}, "href": "https://access.redhat.com/errata/RHSA-2013:0496", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4508", "CVE-2012-4542", "CVE-2013-0190", "CVE-2013-0309", "CVE-2013-0310", "CVE-2013-0311"], "lastseen": "2018-12-11T19:43:04", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "nessus", "idList": ["ORACLELINUX_ELSA-2013-0496.NASL", "REDHAT-RHSA-2013-0496.NASL", "CENTOS_RHSA-2013-0496.NASL", "REDHAT-RHSA-2013-0579.NASL", "UBUNTU_USN-1719-1.NASL", "REDHAT-RHSA-2013-0882.NASL", "UBUNTU_USN-1720-1.NASL", "F5_BIGIP_SOL15746.NASL", "F5_BIGIP_SOL15732.NASL", "ALA_ALAS-2013-154.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:881682", "OPENVAS:1361412562310123696", "OPENVAS:1361412562310881682", "OPENVAS:1361412562310123694", "OPENVAS:1361412562310841312", "OPENVAS:841312", "OPENVAS:1361412562310841371", "OPENVAS:1361412562310123629", "OPENVAS:841316", "OPENVAS:841326"]}, {"type": "centos", "idList": ["CESA-2013:0496"]}, {"type": "cve", "idList": ["CVE-2012-4542", "CVE-2012-4508", "CVE-2013-0310", "CVE-2013-0309", "CVE-2013-0190", "CVE-2013-0311"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0496", "ELSA-2013-2507", "ELSA-2013-2504"]}, {"type": "f5", "idList": ["SOL15746", "SOL15732"]}, {"type": "redhat", "idList": ["RHSA-2013:0579", "RHSA-2013:0882", "RHSA-2013:1519", "RHSA-2013:0928", "RHSA-2013:1783"]}, {"type": "ubuntu", "idList": ["USN-1719-1", "USN-1720-1", "USN-1725-1", "USN-1728-1", "USN-1768-1", "USN-1769-1", "USN-1774-1", "USN-1563-1", "USN-1558-1", "USN-1554-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29044", "SECURITYVULNS:VULN:12888"]}, {"type": "seebug", "idList": ["SSV:60638"]}, {"type": "xen", "idList": ["XSA-40"]}, {"type": "amazon", "idList": ["ALAS-2013-154"]}, {"type": "threatpost", "idList": ["THREATPOST:598790503ACCB1E7323D4862D42346C2"]}], "modified": "2018-12-11T19:43:04"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T19:43:04", "differentElements": ["cvss"], "edition": 4}, {"bulletin": {"id": "RHSA-2013:0496", "hash": "f87b71d65b8d661d87bc02e2bd9dbb6e", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:0496) Important: Red Hat Enterprise Linux 6 kernel update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n", "published": "2013-02-21T05:00:00", "modified": "2018-06-06T20:24:24", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2013:0496", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4508", "CVE-2012-4542", "CVE-2013-0190", "CVE-2013-0309", "CVE-2013-0310", "CVE-2013-0311"], "lastseen": "2019-05-29T14:34:24", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T14:34:24"}, "dependencies": {"references": [{"type": "nessus", "idList": ["CENTOS_RHSA-2013-0496.NASL", "REDHAT-RHSA-2013-0496.NASL", "ORACLELINUX_ELSA-2013-0496.NASL", "REDHAT-RHSA-2013-0579.NASL", "UBUNTU_USN-1719-1.NASL", "REDHAT-RHSA-2013-0882.NASL", "UBUNTU_USN-1720-1.NASL", "F5_BIGIP_SOL15732.NASL", "F5_BIGIP_SOL15746.NASL", "FEDORA_2013-0952.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881682", "OPENVAS:1361412562310123696", "OPENVAS:881682", "OPENVAS:1361412562310123694", "OPENVAS:841312", "OPENVAS:1361412562310841312", "OPENVAS:841371", "OPENVAS:1361412562310123629", "OPENVAS:1361412562310841371", "OPENVAS:1361412562310120236"]}, {"type": "centos", "idList": ["CESA-2013:0496"]}, {"type": "cve", "idList": ["CVE-2012-4542", "CVE-2012-4508", "CVE-2013-0310", "CVE-2013-0309", "CVE-2013-0311", "CVE-2013-0190"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0496", "ELSA-2013-2507", "ELSA-2013-2504", "ELSA-2013-2520"]}, {"type": "f5", "idList": ["SOL15746", "SOL15732", "F5:K21914362"]}, {"type": "redhat", "idList": ["RHSA-2013:0579", "RHSA-2013:0882", "RHSA-2013:0928", "RHSA-2013:1519", "RHSA-2013:1783"]}, {"type": "ubuntu", "idList": ["USN-1719-1", "USN-1720-1", "USN-1725-1", "USN-1728-1", "USN-1774-1", "USN-1768-1", "USN-1769-1", "USN-1558-1", "USN-1554-1", "USN-1563-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29044", "SECURITYVULNS:VULN:12888"]}, {"type": "seebug", "idList": ["SSV:60638"]}, {"type": "xen", "idList": ["XSA-40"]}, {"type": "amazon", "idList": ["ALAS-2013-154"]}, {"type": "threatpost", "idList": ["THREATPOST:598790503ACCB1E7323D4862D42346C2"]}], "modified": "2019-05-29T14:34:24"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}]}, "lastseen": "2019-05-29T14:34:24", "differentElements": ["affectedPackage"], "edition": 5}], "viewCount": 1, "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2019-08-13T18:45:51"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:881682", "OPENVAS:1361412562310123696", "OPENVAS:1361412562310881682", "OPENVAS:1361412562310123694", "OPENVAS:1361412562310841312", "OPENVAS:841312", "OPENVAS:1361412562310841371", "OPENVAS:1361412562310123629", "OPENVAS:841371", "OPENVAS:1361412562310120236"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2013-0496.NASL", "CENTOS_RHSA-2013-0496.NASL", "REDHAT-RHSA-2013-0496.NASL", "REDHAT-RHSA-2013-0579.NASL", "UBUNTU_USN-1719-1.NASL", "REDHAT-RHSA-2013-0882.NASL", "UBUNTU_USN-1720-1.NASL", "F5_BIGIP_SOL15746.NASL", "F5_BIGIP_SOL15732.NASL", "ALA_ALAS-2013-154.NASL"]}, {"type": "centos", "idList": ["CESA-2013:0496"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0496", "ELSA-2013-2507", "ELSA-2013-2504"]}, {"type": "cve", "idList": ["CVE-2012-4542", "CVE-2012-4508", "CVE-2013-0310", "CVE-2013-0309", "CVE-2013-0311", "CVE-2013-0190"]}, {"type": "f5", "idList": ["SOL15746", "SOL15732", "F5:K21914362"]}, {"type": "redhat", "idList": ["RHSA-2013:0579", "RHSA-2013:0882", "RHSA-2013:0928", "RHSA-2013:1519", "RHSA-2013:1783"]}, {"type": "ubuntu", "idList": ["USN-1719-1", "USN-1720-1", "USN-1725-1", "USN-1728-1", "USN-1769-1", "USN-1768-1", "USN-1774-1", "USN-1558-1", "USN-1554-1", "USN-1563-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29044", "SECURITYVULNS:VULN:12888"]}, {"type": "seebug", "idList": ["SSV:60638"]}, {"type": "xen", "idList": ["XSA-40"]}, {"type": "amazon", "idList": ["ALAS-2013-154"]}, {"type": "threatpost", "idList": ["THREATPOST:598790503ACCB1E7323D4862D42346C2"]}], "modified": "2019-08-13T18:45:51"}, "vulnersScore": 7.1}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-kdump-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-kdump-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-kdump-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-kdump-devel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debuginfo-common-ppc64", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "src", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-bootwrapper", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-bootwrapper-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "kernel-firmware", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-firmware-2.6.32-358.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debuginfo-common-s390x", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-devel-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-debug", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-kdump", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-kdump-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debuginfo-common-i686", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "perf-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-devel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-devel-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "python-perf-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "kernel-debuginfo-common-x86_64", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-358.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "ppc64", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "kernel-headers", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-headers-2.6.32-358.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "kernel", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-2.6.32-358.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "noarch", "packageName": "kernel-doc", "packageVersion": "2.6.32-358.el6", "packageFilename": "kernel-doc-2.6.32-358.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "s390x", "packageName": "python-perf", "packageVersion": "2.6.32-358.el6", "packageFilename": "python-perf-2.6.32-358.el6.s390x.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}

{"nessus": [{"lastseen": "2019-02-21T01:18:39", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM guest could use this flaw to crash the host or, potentially, escalate their privileges on the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the Linux kernel handled the failed iret (interrupt return) instruction notification from the Xen hypervisor. An unprivileged user in a 32-bit para-virtualized guest could use this flaw to crash the guest. (CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE memory ranges when transparent hugepages were in use. A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options were validated when set from user mode. A local user able to set CIPSO IP options on the socket could use this flaw to crash the system. (CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements.\nRefer to the Red Hat Enterprise Linux 6.4 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2013-0496.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65134", "published": "2013-03-10T00:00:00", "title": "CentOS 6 : kernel (CESA-2013:0496)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0496 and \n# CentOS Errata and Security Advisory 2013:0496 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65134);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:30\");\n\n script_cve_id(\"CVE-2012-4508\", \"CVE-2012-4542\", \"CVE-2013-0190\", \"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\");\n script_bugtraq_id(56238, 57433, 58046, 58052, 58053, 58088);\n script_xref(name:\"RHSA\", value:\"2013:0496\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2013:0496)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues, address\nseveral hundred bugs, and add numerous enhancements are now available\nas part of the ongoing support and maintenance of Red Hat Enterprise\nLinux version 6. This is the fourth regular update.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A race condition was found in the way asynchronous I/O and\nfallocate() interacted when using the ext4 file system. A local,\nunprivileged user could use this flaw to expose random data from an\nextent whose data blocks have not yet been written, and thus contain\ndata from a deleted file. (CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled\ndescriptors that spanned multiple regions. A privileged guest user in\na KVM guest could use this flaw to crash the host or, potentially,\nescalate their privileges on the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not\naccommodate commands that overlap across device classes. A privileged\nguest user could potentially use this flaw to write arbitrary data to\na LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in\nthe Linux kernel handled the failed iret (interrupt return)\ninstruction notification from the Xen hypervisor. An unprivileged user\nin a 32-bit para-virtualized guest could use this flaw to crash the\nguest. (CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local,\nunprivileged user could use this flaw to crash the system.\n(CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP\noptions were validated when set from user mode. A local user able to\nset CIPSO IP options on the socket could use this flaw to crash the\nsystem. (CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508,\nand Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream\nacknowledges Dmitry Monakhov as the original reporter of\nCVE-2012-4508. The CVE-2012-4542 issue was discovered by Paolo Bonzini\nof Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements.\nRefer to the Red Hat Enterprise Linux 6.4 Release Notes for\ninformation on the most significant of these changes, and the\nTechnical Notes for further information, both linked to in the\nReferences.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these\nupdated packages, which correct these issues, and fix the bugs and add\nthe enhancements noted in the Red Hat Enterprise Linux 6.4 Release\nNotes and Technical Notes. The system must be rebooted for this update\nto take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019361.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0c25d69\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-February/000553.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f33b762\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-358.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:40", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM guest could use this flaw to crash the host or, potentially, escalate their privileges on the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the Linux kernel handled the failed iret (interrupt return) instruction notification from the Xen hypervisor. An unprivileged user in a 32-bit para-virtualized guest could use this flaw to crash the guest. (CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE memory ranges when transparent hugepages were in use. A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options were validated when set from user mode. A local user able to set CIPSO IP options on the socket could use this flaw to crash the system. (CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements.\nRefer to the Red Hat Enterprise Linux 6.4 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.", "modified": "2018-11-26T00:00:00", "id": "REDHAT-RHSA-2013-0496.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65171", "published": "2013-03-10T00:00:00", "title": "RHEL 6 : kernel (RHSA-2013:0496)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0496. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65171);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/26 11:02:15\");\n\n script_cve_id(\"CVE-2012-4508\", \"CVE-2012-4542\", \"CVE-2013-0190\", \"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\");\n script_bugtraq_id(56238, 57433, 58046, 58052, 58053, 58088);\n script_xref(name:\"RHSA\", value:\"2013:0496\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2013:0496)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues, address\nseveral hundred bugs, and add numerous enhancements are now available\nas part of the ongoing support and maintenance of Red Hat Enterprise\nLinux version 6. This is the fourth regular update.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A race condition was found in the way asynchronous I/O and\nfallocate() interacted when using the ext4 file system. A local,\nunprivileged user could use this flaw to expose random data from an\nextent whose data blocks have not yet been written, and thus contain\ndata from a deleted file. (CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled\ndescriptors that spanned multiple regions. A privileged guest user in\na KVM guest could use this flaw to crash the host or, potentially,\nescalate their privileges on the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not\naccommodate commands that overlap across device classes. A privileged\nguest user could potentially use this flaw to write arbitrary data to\na LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in\nthe Linux kernel handled the failed iret (interrupt return)\ninstruction notification from the Xen hypervisor. An unprivileged user\nin a 32-bit para-virtualized guest could use this flaw to crash the\nguest. (CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local,\nunprivileged user could use this flaw to crash the system.\n(CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP\noptions were validated when set from user mode. A local user able to\nset CIPSO IP options on the socket could use this flaw to crash the\nsystem. (CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508,\nand Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream\nacknowledges Dmitry Monakhov as the original reporter of\nCVE-2012-4508. The CVE-2012-4542 issue was discovered by Paolo Bonzini\nof Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements.\nRefer to the Red Hat Enterprise Linux 6.4 Release Notes for\ninformation on the most significant of these changes, and the\nTechnical Notes for further information, both linked to in the\nReferences.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these\nupdated packages, which correct these issues, and fix the bugs and add\nthe enhancements noted in the Red Hat Enterprise Linux 6.4 Release\nNotes and Technical Notes. The system must be rebooted for this update\nto take effect.\"\n );\n # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5caa05f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0309\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0496\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:19:41", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2013:0496 :\n\nUpdated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM guest could use this flaw to crash the host or, potentially, escalate their privileges on the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the Linux kernel handled the failed iret (interrupt return) instruction notification from the Xen hypervisor. An unprivileged user in a 32-bit para-virtualized guest could use this flaw to crash the guest. (CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE memory ranges when transparent hugepages were in use. A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options were validated when set from user mode. A local user able to set CIPSO IP options on the socket could use this flaw to crash the system. (CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements.\nRefer to the Red Hat Enterprise Linux 6.4 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.", "modified": "2018-07-18T00:00:00", "id": "ORACLELINUX_ELSA-2013-0496.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68739", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2013-0496)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0496 and \n# Oracle Linux Security Advisory ELSA-2013-0496 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68739);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2012-4508\", \"CVE-2012-4542\", \"CVE-2013-0190\", \"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\");\n script_bugtraq_id(46616, 52687, 53233, 53414, 53615, 53668, 53965, 53971, 54279, 54365, 54367, 54702, 54763, 55151, 55361, 55878, 56238, 56346, 56414, 57433, 58046, 58052, 58053, 58088);\n script_xref(name:\"RHSA\", value:\"2013:0496\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2013-0496)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0496 :\n\nUpdated kernel packages that fix multiple security issues, address\nseveral hundred bugs, and add numerous enhancements are now available\nas part of the ongoing support and maintenance of Red Hat Enterprise\nLinux version 6. This is the fourth regular update.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A race condition was found in the way asynchronous I/O and\nfallocate() interacted when using the ext4 file system. A local,\nunprivileged user could use this flaw to expose random data from an\nextent whose data blocks have not yet been written, and thus contain\ndata from a deleted file. (CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled\ndescriptors that spanned multiple regions. A privileged guest user in\na KVM guest could use this flaw to crash the host or, potentially,\nescalate their privileges on the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not\naccommodate commands that overlap across device classes. A privileged\nguest user could potentially use this flaw to write arbitrary data to\na LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in\nthe Linux kernel handled the failed iret (interrupt return)\ninstruction notification from the Xen hypervisor. An unprivileged user\nin a 32-bit para-virtualized guest could use this flaw to crash the\nguest. (CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local,\nunprivileged user could use this flaw to crash the system.\n(CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP\noptions were validated when set from user mode. A local user able to\nset CIPSO IP options on the socket could use this flaw to crash the\nsystem. (CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508,\nand Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream\nacknowledges Dmitry Monakhov as the original reporter of\nCVE-2012-4508. The CVE-2012-4542 issue was discovered by Paolo Bonzini\nof Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements.\nRefer to the Red Hat Enterprise Linux 6.4 Release Notes for\ninformation on the most significant of these changes, and the\nTechnical Notes for further information, both linked to in the\nReferences.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these\nupdated packages, which correct these issues, and fix the bugs and add\nthe enhancements noted in the Red Hat Enterprise Linux 6.4 Release\nNotes and Technical Notes. The system must be rebooted for this update\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003297.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-358.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-358.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-358.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-358.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-358.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-358.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-358.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-358.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:41", "bulletinFamily": "scanner", "description": "An updated rhev-hypervisor6 package that fixes three security issues, various bugs, and adds an enhancement is now available.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges on the host. (CVE-2013-0311)\n\nIt was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed-through as read-only. (CVE-2012-4542)\n\nIt was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS amplification attacks. (CVE-2012-3411)\n\nThe CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis updated package provides updated components that include fixes for several security issues. These issues had no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers :\n\nCVE-2012-3955 (dhcp issue)\n\nCVE-2011-4355 (gdb issue)\n\nCVE-2012-4508, CVE-2013-0190, CVE-2013-0309, and CVE-2013-0310 (kernel issues)\n\nCVE-2012-5536 (openssh issue)\n\nCVE-2011-3148 and CVE-2011-3149 (pam issues)\n\nCVE-2013-0157 (util-linux-ng issue)\n\nThis updated Red Hat Enterprise Virtualization Hypervisor package also fixes the following bugs :\n\n* Previously, the Administration Portal would always display the option to upgrade the Red Hat Enterprise Virtualization Hypervisor ISO regardless of whether or not the selected host was up-to-date. Now, the VDSM version compatibility is considered and the upgrade message only displays if there is an upgrade relevant to the host available.\n(BZ#853092)\n\n* An out of date version of libvirt was included in the Red Hat Enterprise Virtualization Hypervisor 6.4 package. As a result, virtual machines with supported CPU models were not being properly parsed by libvirt and failed to start. A more recent version of libvirt has been included in this updated hypervisor package. Virtual machines now start normally. (BZ#895078)\n\nAs well, this update adds the following enhancement :\n\n* Hypervisor packages now take advantage of the installonlypkg function provided by yum. This allows for multiple versions of the hypervisor package to be installed on a system concurrently without making changes to the yum configuration as was previously required.\n(BZ#863579)\n\nThis update includes the ovirt-node build from RHBA-2013:0556 :\n\nhttps://rhn.redhat.com/errata/RHBA-2013-0556.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues and adds this enhancement.", "modified": "2018-12-20T00:00:00", "id": "REDHAT-RHSA-2013-0579.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78950", "published": "2014-11-08T00:00:00", "title": "RHEL 6 : rhev-hypervisor6 (RHSA-2013:0579)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0579. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78950);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/12/20 11:08:45\");\n\n script_cve_id(\"CVE-2012-3411\", \"CVE-2012-4542\", \"CVE-2013-0311\");\n script_bugtraq_id(54353, 58053, 58088);\n script_xref(name:\"RHSA\", value:\"2013:0579\");\n\n script_name(english:\"RHEL 6 : rhev-hypervisor6 (RHSA-2013:0579)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated rhev-hypervisor6 package that fixes three security issues,\nvarious bugs, and adds an enhancement is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: A subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nA flaw was found in the way the vhost kernel module handled\ndescriptors that spanned multiple regions. A privileged guest user\ncould use this flaw to crash the host or, potentially, escalate their\nprivileges on the host. (CVE-2013-0311)\n\nIt was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user\ncould potentially use this flaw to write arbitrary data to a LUN that\nis passed-through as read-only. (CVE-2012-4542)\n\nIt was discovered that dnsmasq, when used in combination with certain\nlibvirtd configurations, could incorrectly process network packets\nfrom network interfaces that were intended to be prohibited. A remote,\nunauthenticated attacker could exploit this flaw to cause a denial of\nservice via DNS amplification attacks. (CVE-2012-3411)\n\nThe CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis updated package provides updated components that include fixes\nfor several security issues. These issues had no security impact on\nRed Hat Enterprise Virtualization Hypervisor itself, however. The\nsecurity fixes included in this update address the following CVE\nnumbers :\n\nCVE-2012-3955 (dhcp issue)\n\nCVE-2011-4355 (gdb issue)\n\nCVE-2012-4508, CVE-2013-0190, CVE-2013-0309, and CVE-2013-0310 (kernel\nissues)\n\nCVE-2012-5536 (openssh issue)\n\nCVE-2011-3148 and CVE-2011-3149 (pam issues)\n\nCVE-2013-0157 (util-linux-ng issue)\n\nThis updated Red Hat Enterprise Virtualization Hypervisor package also\nfixes the following bugs :\n\n* Previously, the Administration Portal would always display the\noption to upgrade the Red Hat Enterprise Virtualization Hypervisor ISO\nregardless of whether or not the selected host was up-to-date. Now,\nthe VDSM version compatibility is considered and the upgrade message\nonly displays if there is an upgrade relevant to the host available.\n(BZ#853092)\n\n* An out of date version of libvirt was included in the Red Hat\nEnterprise Virtualization Hypervisor 6.4 package. As a result, virtual\nmachines with supported CPU models were not being properly parsed by\nlibvirt and failed to start. A more recent version of libvirt has been\nincluded in this updated hypervisor package. Virtual machines now\nstart normally. (BZ#895078)\n\nAs well, this update adds the following enhancement :\n\n* Hypervisor packages now take advantage of the installonlypkg\nfunction provided by yum. This allows for multiple versions of the\nhypervisor package to be installed on a system concurrently without\nmaking changes to the yum configuration as was previously required.\n(BZ#863579)\n\nThis update includes the ovirt-node build from RHBA-2013:0556 :\n\nhttps://rhn.redhat.com/errata/RHBA-2013-0556.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised\nto upgrade to this updated package, which fixes these issues and adds\nthis enhancement.\"\n );\n # https://rhn.redhat.com/errata/RHBA-2013-0556.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHBA-2013:0556\"\n );\n # https://access.redhat.com/knowledge/articles/11258\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/11258\"\n );\n # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5caa05f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4542\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rhev-hypervisor6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0579\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-6.4-20130221.0.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhev-hypervisor6\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:29", "bulletinFamily": "scanner", "description": "It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages.\nAn untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. (CVE-2012-2669)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1719-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64617", "published": "2013-02-13T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1719-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1719-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64617);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-2669\", \"CVE-2012-4508\", \"CVE-2013-0190\");\n script_bugtraq_id(56238, 56734, 57433);\n script_xref(name:\"USN\", value:\"1719-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1719-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that hypervkvpd, which is distributed in the Linux\nkernel, was not correctly validating the origin on Netlink messages.\nAn untrusted local user can cause a denial of service of Linux guests\nin Hyper-V virtualization environments. (CVE-2012-2669)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4\nfilesystem that can expose stale data. An unprivileged user could\nexploit this flaw to cause an information leak. (CVE-2012-4508)\n\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux\nkernel. An unprivileged user in a 32bit PVOPS guest can cause the\nguest kernel to crash, or operate erroneously. (CVE-2013-0190).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1719-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-31-generic\", pkgver:\"3.0.0-31.48~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-31-generic-pae\", pkgver:\"3.0.0-31.48~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-31-server\", pkgver:\"3.0.0-31.48~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-31-virtual\", pkgver:\"3.0.0-31.48~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:58", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM (Kernel-based Virtual Machine) guest could use this flaw to crash the host or, potentially, escalate their privileges on the host.\n(CVE-2013-0311, Important)\n\n* A flaw was found in the way the KVM subsystem handled guests attempting to run with the X86_CR4_OSXSAVE CPU feature flag set. On hosts without the XSAVE CPU feature, a local, unprivileged user could use this flaw to crash the host system. (The 'grep --color xsave /proc/cpuinfo' command can be used to verify if your system has the XSAVE CPU feature.) (CVE-2012-4461, Moderate)\n\n* It was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user able to mount and unmount a tmpfs file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1767, Low)\n\nRed Hat would like to thank Jon Howell for reporting CVE-2012-4461.\nCVE-2012-4542 was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, when open(2) system calls were processed, the GETATTR routine did not check to see if valid attributes were also returned.\nAs a result, the open() call succeeded with invalid attributes instead of failing in such a case. This update adds the missing check, and the open() call succeeds only when valid attributes are returned.\n(BZ#960409)\n\n* Previously, the fsync(2) system call incorrectly returned the EIO (Input/Output) error instead of the ENOSPC (No space left on device) error. This was due to incorrect error handling in the page cache.\nThis problem has been fixed and the correct error value is now returned. (BZ#960418)\n\n* In the RPC code, when a network socket backed up due to high network traffic, a timer was set causing a retransmission, which in turn could cause an even larger amount of network traffic to be generated. To prevent this problem, the RPC code now waits for the socket to empty instead of setting the timer. (BZ#960423)\n\n* This update fixes a number of bugs in the be2iscsi driver for ServerEngines BladeEngine 2 Open iSCSI devices. (BZ#955502)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2013-0882.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66705", "published": "2013-05-31T00:00:00", "title": "RHEL 6 : kernel (RHSA-2013:0882)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0882. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66705);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:52\");\n\n script_cve_id(\"CVE-2012-4461\", \"CVE-2012-4542\", \"CVE-2013-0311\", \"CVE-2013-1767\");\n script_bugtraq_id(56414, 58053, 58088, 58177);\n script_xref(name:\"RHSA\", value:\"2013:0882\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2013:0882)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.2 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the vhost kernel module handled\ndescriptors that spanned multiple regions. A privileged guest user in\na KVM (Kernel-based Virtual Machine) guest could use this flaw to\ncrash the host or, potentially, escalate their privileges on the host.\n(CVE-2013-0311, Important)\n\n* A flaw was found in the way the KVM subsystem handled guests\nattempting to run with the X86_CR4_OSXSAVE CPU feature flag set. On\nhosts without the XSAVE CPU feature, a local, unprivileged user could\nuse this flaw to crash the host system. (The 'grep --color xsave\n/proc/cpuinfo' command can be used to verify if your system has the\nXSAVE CPU feature.) (CVE-2012-4461, Moderate)\n\n* It was found that the default SCSI command filter does not\naccommodate commands that overlap across device classes. A privileged\nguest user could potentially use this flaw to write arbitrary data to\na LUN that is passed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local\nuser able to mount and unmount a tmpfs file system could use this flaw\nto cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2013-1767, Low)\n\nRed Hat would like to thank Jon Howell for reporting CVE-2012-4461.\nCVE-2012-4542 was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, when open(2) system calls were processed, the GETATTR\nroutine did not check to see if valid attributes were also returned.\nAs a result, the open() call succeeded with invalid attributes instead\nof failing in such a case. This update adds the missing check, and the\nopen() call succeeds only when valid attributes are returned.\n(BZ#960409)\n\n* Previously, the fsync(2) system call incorrectly returned the EIO\n(Input/Output) error instead of the ENOSPC (No space left on device)\nerror. This was due to incorrect error handling in the page cache.\nThis problem has been fixed and the correct error value is now\nreturned. (BZ#960418)\n\n* In the RPC code, when a network socket backed up due to high network\ntraffic, a timer was set causing a retransmission, which in turn could\ncause an even larger amount of network traffic to be generated. To\nprevent this problem, the RPC code now waits for the socket to empty\ninstead of setting the timer. (BZ#960423)\n\n* This update fixes a number of bugs in the be2iscsi driver for\nServerEngines BladeEngine 2 Open iSCSI devices. (BZ#955502)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1767\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0882\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"perf-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"perf-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"python-perf-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"python-perf-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-220.38.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:29", "bulletinFamily": "scanner", "description": "It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages.\nAn untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. (CVE-2012-2669)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. (CVE-2012-5532)\n\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1720-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64618", "published": "2013-02-13T00:00:00", "title": "Ubuntu 11.10 : linux vulnerabilities (USN-1720-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1720-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64618);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-2669\", \"CVE-2012-4508\", \"CVE-2012-5532\", \"CVE-2013-0190\");\n script_bugtraq_id(56238, 56710, 56734, 57433);\n script_xref(name:\"USN\", value:\"1720-1\");\n\n script_name(english:\"Ubuntu 11.10 : linux vulnerabilities (USN-1720-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that hypervkvpd, which is distributed in the Linux\nkernel, was not correctly validating the origin on Netlink messages.\nAn untrusted local user can cause a denial of service of Linux guests\nin Hyper-V virtualization environments. (CVE-2012-2669)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4\nfilesystem that can expose stale data. An unprivileged user could\nexploit this flaw to cause an information leak. (CVE-2012-4508)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the\nLinux kernel, was not correctly validating source addresses of netlink\npackets. An untrusted local user can cause a denial of service by\ncausing hypervkvpd to exit. (CVE-2012-5532)\n\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux\nkernel. An unprivileged user in a 32bit PVOPS guest can cause the\nguest kernel to crash, or operate erroneously. (CVE-2013-0190).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1720-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-31-generic\", pkgver:\"3.0.0-31.48\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-31-generic-pae\", pkgver:\"3.0.0-31.48\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-31-server\", pkgver:\"3.0.0-31.48\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-31-virtual\", pkgver:\"3.0.0-31.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:38", "bulletinFamily": "scanner", "description": "block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.(CVE-2012-4542)", "modified": "2019-01-04T00:00:00", "id": "F5_BIGIP_SOL15746.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78696", "published": "2014-10-28T00:00:00", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (SOL15746)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL15746.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78696);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2012-4542\");\n script_bugtraq_id(58088);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (SOL15746)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly\nconsider the SCSI device class during authorization of SCSI commands,\nwhich allows local users to bypass intended access restrictions via an\nSG_IO ioctl call that leverages overlapping opcodes.(CVE-2012-4542)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K15746\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL15746.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL15746\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.4.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:22:38", "bulletinFamily": "scanner", "description": "The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging Kernel-base Virtual Machine (KVM) guest OS privileges.", "modified": "2019-01-04T00:00:00", "id": "F5_BIGIP_SOL15732.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78660", "published": "2014-10-24T00:00:00", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (SOL15732)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL15732.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78660);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2013-0311\");\n script_bugtraq_id(58053);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (SOL15732)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The translate_desc function in drivers/vhost/vhost.c in the Linux\nkernel before 3.7 does not properly handle cross-region descriptors,\nwhich allows guest OS users to obtain host OS privileges by leveraging\nKernel-base Virtual Machine (KVM) guest OS privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K15732\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL15732.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL15732\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.4.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF4\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.4.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.5.0-11.6.0\",\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\",\"10.0.0-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.4.1HF5\",\"11.4.0HF8\",\"11.3.0HF10\",\"11.2.1HF12\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.3.0HF10\",\"11.2.1HF12\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\",\"10.0.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.3.0HF10\",\"11.2.1HF12\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:19:58", "bulletinFamily": "scanner", "description": "The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.", "modified": "2018-04-18T00:00:00", "id": "ALA_ALAS-2013-154.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=69713", "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : kernel / nvidia (ALAS-2013-154)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-154.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69713);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2013-0190\");\n script_xref(name:\"ALAS\", value:\"2013-154\");\n\n script_name(english:\"Amazon Linux AMI : kernel / nvidia (ALAS-2013-154)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23\nand other versions, when running a 32-bit PVOPS guest, allows local\nusers to cause a denial of service (guest crash) by triggering an iret\nfault, leading to use of an incorrect stack pointer and stack\ncorruption.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-154.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel nvidia' to update your system. You will need to\nreboot your system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nvidia-kmod-3.2.37-2.47.amzn1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-3.2.37-2.47.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"nvidia-313.18-2012.09.0.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"nvidia-kmod-3.2.37-2.47.amzn1-313.18-2012.09.0.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:38:00", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:1361412562310881682", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881682", "title": "CentOS Update for kernel CESA-2013:0496 centos6", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2013:0496 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019361.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881682\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:02:55 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-4508\", \"CVE-2012-4542\", \"CVE-2013-0190\", \"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2013:0496\");\n script_name(\"CentOS Update for kernel CESA-2013:0496 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A race condition was found in the way asynchronous I/O and fallocate()\n interacted when using the ext4 file system. A local, unprivileged user\n could use this flaw to expose random data from an extent whose data blocks\n have not yet been written, and thus contain data from a deleted file.\n (CVE-2012-4508, Important)\n\n * A flaw was found in the way the vhost kernel module handled descriptors\n that spanned multiple regions. A privileged guest user in a KVM guest could\n use this flaw to crash the host or, potentially, escalate their privileges\n on the host. (CVE-2013-0311, Important)\n\n * It was found that the default SCSI command filter does not accommodate\n commands that overlap across device classes. A privileged guest user could\n potentially use this flaw to write arbitrary data to a LUN that is\n passed-through as read-only. (CVE-2012-4542, Moderate)\n\n * A flaw was found in the way the xen_failsafe_callback() function in the\n Linux kernel handled the failed iret (interrupt return) instruction\n notification from the Xen hypervisor. An unprivileged user in a 32-bit\n para-virtualized guest could use this flaw to crash the guest.\n (CVE-2013-0190, Moderate)\n\n * A flaw was found in the way pmd_present() interacted with PROT_NONE\n memory ranges when transparent hugepages were in use. A local, unprivileged\n user could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n * A flaw was found in the way CIPSO (Common IP Security Option) IP options\n were validated when set from user mode. A local user able to set CIPSO IP\n options on the socket could use this flaw to crash the system.\n (CVE-2013-0310, Moderate)\n\n Red Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\n Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\n Dmitry Monakhov as the original reporter of CVE-2012-4508. The\n CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\n This update also fixes several hundred bugs and adds enhancements. Refer to\n the Red Hat Enterprise Linux 6.4 Release Notes for information on the most\n significant of these changes, and the Technical Notes for further\n information, both linked to in the References.\n\n All Red Hat Enterprise Linux 6 users are advised to install these updated\n packages, which correct these issues, and fix the bugs and add the\n enhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\n Technical Notes. The system must be rebooted for this update to take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:03", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2013-0496", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123696", "title": "Oracle Linux Local Check: ELSA-2013-0496", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0496.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123696\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:21 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0496\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0496 - Oracle Linux 6 kernel security and bugfix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0496\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0496.html\");\n script_cve_id(\"CVE-2012-4508\", \"CVE-2013-0190\", \"CVE-2012-4542\", \"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~358.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:51:49", "bulletinFamily": "scanner", "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2013-03-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881682", "id": "OPENVAS:881682", "title": "CentOS Update for kernel CESA-2013:0496 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2013:0496 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A race condition was found in the way asynchronous I/O and fallocate()\n interacted when using the ext4 file system. A local, unprivileged user\n could use this flaw to expose random data from an extent whose data blocks\n have not yet been written, and thus contain data from a deleted file.\n (CVE-2012-4508, Important)\n \n * A flaw was found in the way the vhost kernel module handled descriptors\n that spanned multiple regions. A privileged guest user in a KVM guest could\n use this flaw to crash the host or, potentially, escalate their privileges\n on the host. (CVE-2013-0311, Important)\n \n * It was found that the default SCSI command filter does not accommodate\n commands that overlap across device classes. A privileged guest user could\n potentially use this flaw to write arbitrary data to a LUN that is\n passed-through as read-only. (CVE-2012-4542, Moderate)\n \n * A flaw was found in the way the xen_failsafe_callback() function in the\n Linux kernel handled the failed iret (interrupt return) instruction\n notification from the Xen hypervisor. An unprivileged user in a 32-bit\n para-virtualized guest could use this flaw to crash the guest.\n (CVE-2013-0190, Moderate)\n \n * A flaw was found in the way pmd_present() interacted with PROT_NONE\n memory ranges when transparent hugepages were in use. A local, unprivileged\n user could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n \n * A flaw was found in the way CIPSO (Common IP Security Option) IP options\n were validated when set from user mode. A local user able to set CIPSO IP\n options on the socket could use this flaw to crash the system.\n (CVE-2013-0310, Moderate)\n \n Red Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\n Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\n Dmitry Monakhov as the original reporter of CVE-2012-4508. The\n CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n \n This update also fixes several hundred bugs and adds enhancements. Refer to\n the Red Hat Enterprise Linux 6.4 Release Notes for information on the most\n significant of these changes, and the Technical Notes for further\n information, both linked to in the References.\n \n All Red Hat Enterprise Linux 6 users are advised to install these updated\n packages, which correct these issues, and fix the bugs and add the\n enhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\n Technical Notes. The system must be rebooted for this update to take\n effect.\";\n\n\ntag_affected = \"kernel on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019361.html\");\n script_id(881682);\n script_version(\"$Revision: 6655 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:48:58 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:02:55 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-4508\", \"CVE-2012-4542\", \"CVE-2013-0190\", \"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2013:0496\");\n script_name(\"CentOS Update for kernel CESA-2013:0496 centos6 \");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~358.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:56", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2013-2507", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123694", "title": "Oracle Linux Local Check: ELSA-2013-2507", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-2507.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123694\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:20 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-2507\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-2507\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-2507.html\");\n script_cve_id(\"CVE-2013-0309\", \"CVE-2013-0310\", \"CVE-2013-0311\", \"CVE-2013-0228\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.17.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.17.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.17.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.17.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.17.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.17.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.17.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.17.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.17.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.17.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.17.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.17.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2018-01-23T13:09:45", "bulletinFamily": "scanner", "description": "Check for the Version of linux", "modified": "2018-01-23T00:00:00", "published": "2013-02-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841312", "id": "OPENVAS:841312", "title": "Ubuntu Update for linux USN-1720-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1720_1.nasl 8494 2018-01-23 06:57:55Z teissa $\n#\n# Ubuntu Update for linux USN-1720-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that hypervkvpd, which is distributed in the Linux\n kernel, was not correctly validating the origin on Netlink messages. An\n untrusted local user can cause a denial of service of Linux guests in\n Hyper-V virtualization environments. (CVE-2012-2669)\n\n Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem\n that can expose stale data. An unprivileged user could exploit this flaw to\n cause an information leak. (CVE-2012-4508)\n \n Florian Weimer discovered that hypervkvpd, which is distributed in the\n Linux kernel, was not correctly validating source addresses of netlink\n packets. An untrusted local user can cause a denial of service by causing\n hypervkvpd to exit. (CVE-2012-5532)\n \n Andrew Cooper of Citrix reported a Xen stack corruption in the Linux\n kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest\n kernel to crash, or operate erroneously. (CVE-2013-0190)\";\n\n\ntag_affected = \"linux on Ubuntu 11.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1720-1/\");\n script_id(841312);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-15 11:25:03 +0530 (Fri, 15 Feb 2013)\");\n script_cve_id(\"CVE-2012-2669\", \"CVE-2012-4508\", \"CVE-2012-5532\", \"CVE-2013-0190\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1720-1\");\n script_name(\"Ubuntu Update for linux USN-1720-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-generic\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-generic-pae\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-omap\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-powerpc\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-powerpc-smp\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-powerpc64-smp\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-server\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-virtual\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:17", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-02-15T00:00:00", "id": "OPENVAS:1361412562310841312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841312", "title": "Ubuntu Update for linux USN-1720-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1720_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1720-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1720-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841312\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-15 11:25:03 +0530 (Fri, 15 Feb 2013)\");\n script_cve_id(\"CVE-2012-2669\", \"CVE-2012-4508\", \"CVE-2012-5532\", \"CVE-2013-0190\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1720-1\");\n script_name(\"Ubuntu Update for linux USN-1720-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.10\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 11.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that hypervkvpd, which is distributed in the Linux\n kernel, was not correctly validating the origin on Netlink messages. An\n untrusted local user can cause a denial of service of Linux guests in\n Hyper-V virtualization environments. (CVE-2012-2669)\n\n Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem\n that can expose stale data. An unprivileged user could exploit this flaw to\n cause an information leak. (CVE-2012-4508)\n\n Florian Weimer discovered that hypervkvpd, which is distributed in the\n Linux kernel, was not correctly validating source addresses of netlink\n packets. An untrusted local user can cause a denial of service by causing\n hypervkvpd to exit. (CVE-2012-5532)\n\n Andrew Cooper of Citrix reported a Xen stack corruption in the Linux\n kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest\n kernel to crash, or operate erroneously. (CVE-2013-0190)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-generic\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-generic-pae\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-omap\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-powerpc\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-powerpc-smp\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-powerpc64-smp\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-server\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-31-virtual\", ver:\"3.0.0-31.48\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:07", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2013-2523", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123629", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123629", "title": "Oracle Linux Local Check: ELSA-2013-2523", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-2523.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123629\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:06:29 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-2523\");\n script_tag(name:\"insight\", value:\"ELSA-2013-2523 - Unbreakable Enterprise kernel security and bugfix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-2523\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-2523.html\");\n script_cve_id(\"CVE-2012-4542\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.23.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.23.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.23.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.23.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.23.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.23.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.23.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.23.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.23.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.23.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.23.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.23.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-26T11:10:30", "bulletinFamily": "scanner", "description": "Check for the Version of linux-ti-omap4", "modified": "2018-01-25T00:00:00", "published": "2013-03-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841371", "id": "OPENVAS:841371", "title": "Ubuntu Update for linux-ti-omap4 USN-1774-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1774_1.nasl 8526 2018-01-25 06:57:37Z teissa $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1774-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Andrew Cooper of Citrix reported a Xen stack corruption in the Linux\n kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest\n kernel to crash, or operate erroneously. (CVE-2013-0190)\n\n A failure to validate input was discovered in the Linux kernel's Xen\n netback (network backend) driver. A user in a guest OS may exploit this\n flaw to cause a denial of service to the guest OS and other guest domains.\n (CVE-2013-0216)\n\n A memory leak was discovered in the Linux kernel's Xen netback (network\n backend) driver. A user in a guest OS could trigger this flaw to cause a\n denial of service on the system. (CVE-2013-0217)\n\n A flaw was discovered in the Linux kernel Xen PCI backend driver. If a PCI\n device is assigned to the guest OS, the guest OS could exploit this flaw to\n cause a denial of service on the host. (CVE-2013-0231)\n\n Tommi Rantala discovered a flaw in the a flaw the Linux kernels handling of\n datagrams packets when the MSG_PEEK flag is specified. An unprivileged\n local user could exploit this flaw to cause a denial of service (system\n hang). (CVE-2013-0290)\n\n A flaw was discovered in the Linux kernel's vhost driver used to accelerate\n guest networking in KVM based virtual machines. A privileged guest user\n could exploit this flaw to crash the host system. (CVE-2013-0311)\";\n\n\ntag_affected = \"linux-ti-omap4 on Ubuntu 12.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1774-1/\");\n script_id(841371);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-22 10:41:42 +0530 (Fri, 22 Mar 2013)\");\n script_cve_id(\"CVE-2013-0190\", \"CVE-2013-0216\", \"CVE-2013-0217\", \"CVE-2013-0231\",\n \"CVE-2013-0290\", \"CVE-2013-0311\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:H/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1774-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1774-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of linux-ti-omap4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-221-omap4\", ver:\"3.5.0-221.31\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:11", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-03-22T00:00:00", "id": "OPENVAS:1361412562310841371", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841371", "title": "Ubuntu Update for linux-ti-omap4 USN-1774-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1774_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1774-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1774-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841371\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-22 10:41:42 +0530 (Fri, 22 Mar 2013)\");\n script_cve_id(\"CVE-2013-0190\", \"CVE-2013-0216\", \"CVE-2013-0217\", \"CVE-2013-0231\",\n \"CVE-2013-0290\", \"CVE-2013-0311\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:H/Au:S/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1774-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1774-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.10\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Andrew Cooper of Citrix reported a Xen stack corruption in the Linux\n kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest\n kernel to crash, or operate erroneously. (CVE-2013-0190)\n\n A failure to validate input was discovered in the Linux kernel's Xen\n netback (network backend) driver. A user in a guest OS may exploit this\n flaw to cause a denial of service to the guest OS and other guest domains.\n (CVE-2013-0216)\n\n A memory leak was discovered in the Linux kernel's Xen netback (network\n backend) driver. A user in a guest OS could trigger this flaw to cause a\n denial of service on the system. (CVE-2013-0217)\n\n A flaw was discovered in the Linux kernel Xen PCI backend driver. If a PCI\n device is assigned to the guest OS, the guest OS could exploit this flaw to\n cause a denial of service on the host. (CVE-2013-0231)\n\n Tommi Rantala discovered a flaw in the a flaw the Linux kernels handling of\n datagrams packets when the MSG_PEEK flag is specified. An unprivileged\n local user could exploit this flaw to cause a denial of service (system\n hang). (CVE-2013-0290)\n\n A flaw was discovered in the Linux kernel's vhost driver used to accelerate\n guest networking in KVM based virtual machines. A privileged guest user\n could exploit this flaw to crash the host system. (CVE-2013-0311)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-221-omap4\", ver:\"3.5.0-221.31\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.5, "vector": "AV:A/AC:H/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120236", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120236", "title": "Amazon Linux Local Check: ALAS-2013-154", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2013-154.nasl 6577 2017-07-06 13:43:46Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120236\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:21:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2013-154\");\n script_tag(name:\"insight\", value:\"The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel nvidia to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-154.html\");\n script_cve_id(\"CVE-2013-0190\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.2.37~2.47.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:0496\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM guest could\nuse this flaw to crash the host or, potentially, escalate their privileges\non the host. (CVE-2013-0311, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A flaw was found in the way the xen_failsafe_callback() function in the\nLinux kernel handled the failed iret (interrupt return) instruction\nnotification from the Xen hypervisor. An unprivileged user in a 32-bit\npara-virtualized guest could use this flaw to crash the guest.\n(CVE-2013-0190, Moderate)\n\n* A flaw was found in the way pmd_present() interacted with PROT_NONE\nmemory ranges when transparent hugepages were in use. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2013-0309, Moderate)\n\n* A flaw was found in the way CIPSO (Common IP Security Option) IP options\nwere validated when set from user mode. A local user able to set CIPSO IP\noptions on the socket could use this flaw to crash the system.\n(CVE-2013-0310, Moderate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nAndrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges\nDmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several hundred bugs and adds enhancements. Refer to\nthe Red Hat Enterprise Linux 6.4 Release Notes for information on the most\nsignificant of these changes, and the Technical Notes for further\ninformation, both linked to in the References.\n\nAll Red Hat Enterprise Linux 6 users are advised to install these updated\npackages, which correct these issues, and fix the bugs and add the\nenhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and\nTechnical Notes. The system must be rebooted for this update to take\neffect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/019361.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-February/000553.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0496.html", "modified": "2013-03-09T00:40:59", "published": "2013-02-27T19:35:40", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-February/000553.html", "id": "CESA-2013:0496", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.", "modified": "2013-06-21T03:13:00", "id": "CVE-2012-4542", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4542", "published": "2013-02-28T19:55:00", "title": "CVE-2012-4542", "type": "cve", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:12:25", "bulletinFamily": "NVD", "description": "Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.", "modified": "2014-01-08T04:32:00", "id": "CVE-2012-4508", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4508", "published": "2012-12-21T11:47:00", "title": "CVE-2012-4508", "type": "cve", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:12:59", "bulletinFamily": "NVD", "description": "The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.\nPer https://access.redhat.com/security/cve/CVE-2013-0310\r\n\"This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.\"", "modified": "2019-04-22T17:48:00", "id": "CVE-2013-0310", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0310", "published": "2013-02-22T00:55:00", "title": "CVE-2013-0310", "type": "cve", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:59", "bulletinFamily": "NVD", "description": "arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.\nPer https://access.redhat.com/security/cve/CVE-2013-0309 \"This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.\"", "modified": "2019-04-22T17:48:00", "id": "CVE-2013-0309", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0309", "published": "2013-02-22T00:55:00", "title": "CVE-2013-0309", "type": "cve", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:12:59", "bulletinFamily": "NVD", "description": "The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.\nPer https://access.redhat.com/security/cve/CVE-2013-0311\r\n\"This issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6.\"", "modified": "2019-04-22T17:48:00", "id": "CVE-2013-0311", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0311", "published": "2013-02-22T00:55:00", "title": "CVE-2013-0311", "type": "cve", "cvss": {"score": 6.5, "vector": "AV:A/AC:H/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:59", "bulletinFamily": "NVD", "description": "The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.", "modified": "2013-03-08T04:11:00", "id": "CVE-2013-0190", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0190", "published": "2013-02-13T01:55:00", "title": "CVE-2013-0190", "type": "cve", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:48", "bulletinFamily": "unix", "description": " [2.6.32-358.el6] \r\n- [fs] Fix sget() race with failing mount (Eric Sandeen) [883276] \r\n \n[2.6.32-357.el6] \r\n- [virt] xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests (Andrew Jones) [896050] {CVE-2013-0190} \r\n- [block] sg_io: use different default filters for each device class (Paolo Bonzini) [875361] {CVE-2012-4542} \r\n- [block] sg_io: prepare for adding per-device-type filters (Paolo Bonzini) [875361] {CVE-2012-4542} \r\n- [virt] virtio-blk: Don't free ida when disk is in use (Asias He) [870344] \r\n- [netdrv] mlx4: Remove FCS bytes from packet length (Doug Ledford) [893707] \r\n- [net] netfilter: nf_ct_reasm: fix conntrack reassembly expire code (Amerigo Wang) [726807] \r\n \n[2.6.32-356.el6] \r\n- [char] ipmi: use a tasklet for handling received messages (Prarit Bhargava) [890160] \r\n- [char] ipmi: handle run_to_completion properly in deliver_recv_msg() (Prarit Bhargava) [890160] \r\n- [usb] xhci: Reset reserved command ring TRBs on cleanup (Don Zickus) [843520] \r\n- [usb] xhci: handle command after aborting the command ring (Don Zickus) [874541] \r\n- [usb] xhci: cancel command after command timeout (Don Zickus) [874541] \r\n- [usb] xhci: add aborting command ring function (Don Zickus) [874541] \r\n- [usb] xhci: add cmd_ring_state (Don Zickus) [874541] \r\n- [usb] xhci: Fix Null pointer dereferencing with non-DMI systems (Don Zickus) [874542] \r\n- [usb] xhci: Intel Panther Point BEI quirk (Don Zickus) [874542] \r\n- [usb] xhci: Increase XHCI suspend timeout to 16ms (Don Zickus) [874542] \r\n- [powerpc] Revert: pseries/iommu: remove default window before attempting DDW manipulation (Steve Best) [890454] \r\n- [serial] 8250_pnp: add Intermec CV60 touchscreen device (Mauro Carvalho Chehab) [894445] \r\n- [char] ipmi: apply missing hunk from upstream commit 2407d77a (Tony Camuso) [882787] \r\n- [acpi] Fix broken kernel build if CONFIG_ACPI_DEBUG is enabled (Lenny Szubowicz) [891948] \r\n- [scsi] qla2xxx: Test and clear FCPORT_UPDATE_NEEDED atomically (Chad Dupuis) [854736] \r\n- [mm] vmalloc: remove guard page from between vmap blocks (Johannes Weiner) [873737] \r\n- [mm] vmalloc: vmap area cache (Johannes Weiner) [873737] \r\n- [fs] vfs: prefer EEXIST to EROFS when creating on an RO filesystem (Eric Sandeen) [878091] \r\n- [scsi] qla2xxx: change queue depth ramp print to debug print (Rob Evers) [893113] \r\n- [fs] nfs: Fix umount when filelayout DS is also the MDS (Steve Dickson) [895194] \r\n- [fs] nfs/pnfs: add set-clear layoutdriver interface (Steve Dickson) [895194] \r\n- [fs] nfs: Don't call nfs4_deviceid_purge_client() unless we're NFSv4.1 (Steve Dickson) [895194] \r\n- [fs] nfs: Wait for session recovery to finish before returning (Steve Dickson) [895176] \r\n- [mm] compaction: validate pfn range passed to isolate_freepages_block (Johannes Weiner) [889456 890498] \r\n- [drm] nouveau: ensure legacy vga is re-enabled during POST (Ben Skeggs) [625441] \r\n- [netdrv] be2net: Remove stops to further access to BE NIC on UE bits (Ivan Vecera) [894344] \r\n- [virt] kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set (Petr Matousek) [862904] {CVE-2012-4461} \r\n \n[2.6.32-355.el6] \r\n- [netdrv] qlge: remove NETIF_F_TSO6 flag (Amerigo Wang) [891839] \r\n- [fs] ext3: Remove BKL from ext3_put_super() and ext3_remount() (Carlos Maiolino) [885945] \r\n- [lib] switch the protection of percpu_counter list to spinlock (Carlos Maiolino) [885945] \r\n- [virt] hv: Add Hyper-V balloon driver (Jason Wang) [885572] \r\n- [mm] export a function to get vm committed memory (Jason Wang) [885572] \r\n- [drm] nouveau: extend prevent display switching issues by disabling pageflip (Ben Skeggs) [853226] \r\n- [netdrv] mlx4: Fix advertisement of wrong PF context behaviour (Alex Williamson) [894060] \r\n \n[2.6.32-354.el6] \r\n- [char] ipmi: add new kernel options to prevent automatic ipmi init (Tony Camuso) [877177] \r\n- [usb] xhci: New system added for Compliance Mode Patch on SN65LVPE502CP (Don Zickus) [856709] \r\n- [x86] quirks: Mark Haswell HDMI Audio as unsupported (Prarit Bhargava) [883428] \r\n- [scsi] bfa: fix crash in bfa_cb_ioim_done when performing failover/failback tests (Vijay Guvva) [878618] \r\n- [fs] autofs4: Fix sparse warning: context imbalance in autofs4_d_automount() different lock contexts for basic block (Ian Kent) [876795] \r\n- [fs] jbd, jbd2: don't wake kjournald unnecessarily (Eric Sandeen) [886318] \r\n- [scsi] qla4xxx: v5.03.00.00.06.04-k2 (Rob Evers) [890727] \r\n- [scsi] qla4xxx: Correct the validation to check in get_sys_info mailbox (Rob Evers) [890727] \r\n- [scsi] qla4xxx: Pass correct function param to qla4_8xxx_rd_direct (Rob Evers) [890727] \r\n- [scsi] qla4xxx: v5.03.00.00.06.04-k1 (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: update copyrights in LICENSE.qla4xxx (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Disable generating pause frames for ISP83XX (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Fix double clearing of risc_intr for ISP83XX (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: IDC implementation for Loopback (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Fix panic while rmmod (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Fail probe_adapter if IRQ allocation fails (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Prevent MSI/MSI-X falling back to INTx for ISP82XX (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Update idc reg in case of PCI AER (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Fix double IDC locking in qla4_8xxx_error_recovery (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Clear interrupt while unloading driver for ISP83XX (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Print correct IDC version (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: Added new mbox cmd to pass driver version to FW (Chad Dupuis) [878048] \r\n- [scsi] qla4xxx: fix various printk and comment typos (Chad Dupuis) [878048] \r\n- [fs] autofs4: use simple_empty() for empty directory check (Ian Kent) [876795] \r\n- [fs] autofs4: dont clear DCACHE_NEED_AUTOMOUNT on rootless mount (Ian Kent) [876795] \r\n- [fs] gfs2: Fix race in gfs2_rs_alloc (Abhijith Das) [878476] \r\n- [fs] xfs: fix broken error handling in xfs_vm_writepage (Dave Chinner) [874539] \r\n- [drm] radeon: force rn50 chip to always report connected on analog output (Jerome Glisse) [892723] \r\n- [sound] alsa: add support for Teradici 2200 host card audio (Jaroslav Kysela) [890581] \r\n- [md] dm-raid: Fix RAID10's check for sufficient redundancy (Jonathan E Brassow) [889358] \r\n- [scsi] hpsa: update version number to 3.2.0 (Tomas Henzl) [891935] \r\n- [netdrv] cxgb4: Initialize data structures before using (Steve Best) [885756] \r\n[2.6.32-353.el6] \r\n- [mm] pageattr: prevent PSE and GLOABL leftovers to confuse pmd/pte_present and pmd_huge (Andrea Arcangeli) [878877] \r\n- [fs] gfs2: Fix FITRIM argument handling (Abhijith Das) [866932] \r\n- [fs] gfs2: Require user to provide argument for FITRIM (Abhijith Das) [866932] \r\n- [fs] exec: do not leave bprm->interp on stack (Josh Poimboeuf) [880146] {CVE-2012-4530} \r\n- [fs] exec: use -ELOOP for max recursion depth (Josh Poimboeuf) [880146] {CVE-2012-4530} \r\n- [fs] btrfs: close exclusive opens with close_bdev_exclusive() (Zach Brown) [874505] \r\n- [kernel] sched_rt: Fix hang where umount is stuck in synchronize_sched_expedited (Larry Woodman) [814768] \r\n \n[2.6.32-352.el6] \r\n- [md] raid10: Do not call md_raid10_unplug_device while holding spinlock (Jonathan E Brassow) [886658] \r\n- [md] dm-thin: commit before gathering status (Mike Snitzer) [882426] \r\n- [md] dm-thin: cleanup dead code (Mike Snitzer) [882426] \r\n- [md] dm-thin: rename cell_defer_except to cell_defer_no_holder (Mike Snitzer) [882426] \r\n- [md] dm-thin: emit 'ignore_discard' in status if discards are disabled (Mike Snitzer) [882426] \r\n- [md] dm-thin: wake the worker when a discard is prepared (Mike Snitzer) [882426] \r\n- [md] dm-thin: fix race between simultaneous io and discards to same block (Mike Snitzer) [882426] \r\n- [md] dm-thin: replace calls to cell_release_singleton with cell_defer_except (Mike Snitzer) [882426] \r\n- [mm] Revert: ksm: numa awareness sysfs knob (Jarod Wilson) [743643] \r\n- [fs] gfs2: Reset rd_last_alloc when it reaches the end of the rgrp (Robert S Peterson) [882381] \r\n- [fs] gfs2: Stop looking for free blocks at end of rgrp (Robert S Peterson) [882381] \r\n- [drm] nouveau: cache ramcfg value for RAM_RESTRICT_ZM_GROUP (Ben Skeggs) [878384] \r\n- [drm] nouveau: disable use of tesla/fermi copy engines for buffer moves (Ben Skeggs) [878384] \r\n- [fs] xfs: fix direct IO nested transaction deadlock (Dave Chinner) [876426] \r\n \n[2.6.32-351.el6] \r\n- [kernel] ptrace-utrace: fix PTRACE_GETEVENTMSG(pid) in sub-namespace (Oleg Nesterov) [782330] \r\n- [scsi] mpt2sas: fix for driver fails EEH recovery from injected pci bus error (Tomas Henzl) [829149] \r\n- [mm] memcontrol: propagate LRU accounting state when splitting THP (Johannes Weiner) [881714] \r\n- [net] sctp: proc: protect bind_addr->address_list accesses with rcu_read_lock() (Thomas Graf) [706038] \r\n- [net] sctp: Add RCU protection to assoc->transport_addr_list (Thomas Graf) [706038] \r\n- [s390] zfcp: Adapt to new FC_PORTSPEED semantics (Hendrik Brueckner) [855128] \r\n- [virt] virtio_net: allow to change mac when iface is running (Jiri Pirko) [882868] \r\n- [virt] kvm: Minimal hyper-v support (Vadim Rozenfeld) [871350] \r\n- [fs] gfs2: Journal DLM lock has wrong label (Steven Whitehouse) [884822] \r\n- [mm] huge_memory: fix typo in transparent_hugepage sysfs symlink (Jeremy Eder) [887308] \r\n- [mm] ksm: numa awareness sysfs knob (Petr Holasek) [743643] \r\n- [fs] btrfs: handle IS_ERR(inode) in btrfs_lookup() (Zach Brown) [870944] \r\n- [kernel] sched: Add irq_{enter,exit}() to scheduler_ipi() (Stanislaw Gruszka) [836964] \r\n- [kernel] panic: fix a possible deadlock in panic() (Tatsuya Kitamura) [871939] \r\n \n[2.6.32-350.el6] \r\n- [powerpc] perf: power_pmu_start restores incorrect values, breaking frequency events (Jiri Olsa) [880525] \r\n- [netdrv] mlx4: Allow choosing flow steering mode (Doug Ledford) [885191] \r\n- [netdrv] mlx4: Adjustments to Flow Steering activation logic for SRIOV (Doug Ledford) [885191] \r\n- [netdrv] mlx4: Fix wrong error flow in the flow steering wrapper (Doug Ledford) [885191] \r\n- [netdrv] mlx4: Add QPN enforcement for flow steering rules set by VFs (Doug Ledford) [885191] \r\n- [infiniband] mlx4: 64-byte CQE/EQE support (Doug Ledford) [885191] \r\n- [netdrv] mlx4: Fix potential deadlock in mlx4_eq_int() (Doug Ledford) [885191] \r\n- [infiniband] mlx4: Fix spinlock order to avoid lockdep warnings (Doug Ledford) [885191] \r\n- [netdrv] mlx4: Removing reserve vectors (Doug Ledford) [885191] \r\n- [netdrv] mlx4: Fix double-release-range in tx-rings (Doug Ledford) [885191] \r\n- [infiniband] mlx4: Fix QP1 P_Key processing in the Primary Physical Function (PPF) (Doug Ledford) [885191] \r\n- [infiniband] mlx4: Synchronize cleanup of MCGs in MCG paravirtualization (Doug Ledford) [885191] \r\n- [net] bonding: Bonding driver does not consider the gso_max_size setting of slave devices (Ivan Vecera) [883643] \r\n- [net] tcp: Fix >4GB writes on 64-bit (Daniel Borkmann) [885238] \r\n- [net] bridge: skip forwarding delay if not using STP (Thomas Graf) [881682] \r\n- [fs] nfs: Fix open(O_TRUNC) and ftruncate() error handling (Steve Dickson) [884263] \r\n- [fs] nfsd: add proc file listing kernel's gss_krb5 enctypes (Steve Dickson) [877113] \r\n- [fs] nfs: add nfs_sb_deactive_async to avoid deadlock (Steve Dickson) [871968] \r\n- [fs] nfs: fix page dirtying in NFS DIO read codepath (Jeff Layton) [876514] \r\n- [fs] nfs: don't zero out the rest of the page if we hit the EOF on a DIO READ (Jeff Layton) [876514] \r\n- [fs] handle null sb in get_super_thawed (Eric Sandeen) [874521] \r\n- [scsi] Fix race when removing SCSI devices (Tomas Henzl) [820880] \r\n- [netdrv] be2net: enable GRO by default (Ivan Vecera) [849930] \r\n- [netdrv] igb: fix compile warning if CONFIG_IGB_PTP is not set (Stefan Assmann) [886519] \r\n- [netdrv] bnx2x: Prevent link flaps when booting from SAN (Michal Schmidt) [881068] \r\n- [netdrv] bnx2x: Activate LFA (Michal Schmidt) [881068] \r\n- [acpi] apei: Fixup common access width firmware bug (Prarit Bhargava) [880465] \r\n- [acpi] apei: Avoid too much error reporting in runtime (Prarit Bhargava) [880465] \r\n- [acpi] apei: Fix incorrect APEI register bit width check and usage (Prarit Bhargava) [880465] \r\n- [virt] vhost: fix length for cross region descriptor (Michael S. Tsirkin) [862265] \r\n- [fs] nfs: Use FS-Cache invalidation (David Howells) [699931] \r\n- [fs] cachefiles: Implement invalidation (David Howells) [699931] \r\n- [fs] vfs: Make more complete truncate operation available to CacheFiles (David Howells) [699931] \r\n- [fs] fscache: Provide proper invalidation (David Howells) [699931] \r\n- [fs] fscache: Fix operation state management and accounting (David Howells) [699931] \r\n- [fs] fscache: Make cookie relinquishment wait for outstanding reads (David Howells) [699931] \r\n- [fs] cachefiles: Make some debugging statements conditional (David Howells) [699931] \r\n- [fs] fscache: Check cookie is still correct in __fscache_read_or_alloc_pages() (David Howells) [699931] \r\n- [fs] fscache: Check that there are no read ops when cookie relinquished (David Howells) [699931] \r\n- [fs] cachefiles: Downgrade the requirements passed to the allocator (David Howells) [699931] \r\n- [fs] fscache: Validate page mapping pointer value (David Howells) [699931] \r\n- [fs] fscache: Fix the marking of cached pages (David Howells) [699931] \r\n- [fs] fscache: nfs_migrate_page() does not wait for FS-Cache to finish with a page (David Howells) [699931] \r\n- [fs] fscache: Fix __fscache_uncache_all_inode_pages()'s outer loop (David Howells) [699931] \r\n- [fs] fscache: Add a helper to bulk uncache pages on an inode (David Howells) [699931] \r\n- [scsi] qla2xxx: Ramp down queue depth for attached SCSI devices when driver resources are low (Chad Dupuis) [829739] \r\n- [scsi] qla2xxx: Determine the number of outstanding commands based on available resources (Chad Dupuis) [829739] \r\n- [s390] zfcp: return early from slave_destroy if slave_alloc returned early (Hendrik Brueckner) [878372] \r\n- [scsi] fcoe: fix fcoe enable on link toggle while it is still disabled (Neil Horman) [875271] \r\n- [scsi] Log thin provisioning threshold event (Ewan Milne) [847998] \r\n- [netdrv] qlge: NETIF_F_GRO needs to be part of hw_features instead of features (John Green) [849749] \r\n- [s390] qeth: set new mac even if old mac is gone (Hendrik Brueckner) [883458] \r\n- [s390] qeth: Fix IPA_CMD_QIPASSIST return code handling (Hendrik Brueckner) [882792] \r\n \n[2.6.32-349.el6] \r\n- [redhat] kabi: additional whitelist symbols for RHEL-6.4 (Jiri Olsa) [866427] \r\n \n[2.6.32-348.el6] \r\n- [ipc] mqueue: Prevent mq_send/receive memory corruption (Larry Woodman) [885030] \r\n- [fs] nfs: prevent delegreturn attr deadlock (David Jeffery) [870142] \r\n- [netdrv] tg3: Do not set TSS for 5719 and 5720 (John Feeney) [823371] \r\n- [scsi] lpfc: Update lpfc version for 8.3.5.86.1p driver release (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed setting sequential delivery bit in a service class that is not valid (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed boot from san failure when SLI4 FC device presented on the same PCI bus (Rob Evers) [877149] \r\n- [scsi] lpfc: Add LOGO support after ABTS compliance (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed not reporting logical link speed to SCSI midlayer when QoS not on (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed SCSI host create showing wrong link speed on SLI3 HBA ports (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed kernel warning on spinlock usage on some distributions (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed Linux generic firmware download on SLI4 devices with longer module names (Rob Evers) [877149] \r\n- [scsi] lpfc: Fix error with fabric service parameters causing performance issues (Rob Evers) [877149] \r\n- [scsi] lpfc: Fixed messages for misconfigured port errors (Rob Evers) [877149] \r\n- [scsi] lpfc: Fix FCP2 Retries for non-r/w commands (Rob Evers) [877149] \r\n- [scsi] lpfc: Fix incorrect comment in T10 DIF attributes (Rob Evers) [877149] \r\n- [scsi] lpfc: Correct missing queue destroy on function reset (Rob Evers) [877149] \r\n- [scsi] lpfc: Added checking BMBX register for RDY bit before writing the first address in (Rob Evers) [877149] \r\n- [scsi] lpfc: Misc changes to optimize critical path (Rob Evers) [877149] \r\n- [s390] qdio: fix kernel panic for zfcp 31-bit (Hendrik Brueckner) [878380] \r\n- [s390] zcrypt: msgType50 (RSA-CRT) fix (Hendrik Brueckner) [875977] \r\n- [netdrv] ixgbe: fix uninitialized event.type in ixgbe_ptp_check_pps_event (Andy Gospodarek) [884369] \r\n- [netdrv] ixgbe: (PTP) Fix PPS interrupt code (Andy Gospodarek) [884369] \r\n- [netdrv] ixgbe: Fix PTP X540 SDP alignment code for PPS signal (Andy Gospodarek) [884369] \r\n- [s390] zfcp: support for hardware data router (Hendrik Brueckner) [823016] \r\n- [s390] qdio: base support for hardware data router with zfcp (Hendrik Brueckner) [823016] \r\n- [s390] qdio: Split SBAL entry flags (Hendrik Brueckner) [823016] \r\n- [net] netfilter/ipset: Check and reject crazy /0 input parameters (Thomas Graf) [880920] \r\n- [kernel] kmod: make __request_module() killable (Oleg Nesterov) [819529] {CVE-2012-4398} \r\n- [kernel] kmod: introduce call_modprobe() helper (Oleg Nesterov) [819529] {CVE-2012-4398} \r\n- [kernel] usermodehelper: implement UMH_KILLABLE (Oleg Nesterov) [819529] {CVE-2012-4398} \r\n- [kernel] usermodehelper: introduce umh_complete(sub_info) (Oleg Nesterov) [819529] {CVE-2012-4398} \r\n- [kernel] call_usermodehelper: simplify/fix UMH_NO_WAIT case (Oleg Nesterov) [819529] {CVE-2012-4398} \r\n- [kernel] wait_for_helper: SIGCHLD from user-space can lead to use-after-free (Oleg Nesterov) [819529] {CVE-2012-4398} \r\n- [netdrv] qlge: Backport offload features to vlan interfaces (John Green) [849749] \r\n- [netdrv] igbvf: work around i350 erratum (Stefan Assmann) [870638] ", "modified": "2013-02-27T00:00:00", "published": "2013-02-27T00:00:00", "id": "ELSA-2013-0496", "href": "http://linux.oracle.com/errata/ELSA-2013-0496.html", "title": "Oracle Linux 6 kernel security and bugfix update", "type": "oraclelinux", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:57", "bulletinFamily": "unix", "description": " [2.6.39-400.17.1] \r\n- This is a fix on dlm_clean_master_list() (Xiaowei.Hu) \r\n- RDS: fix rds-ping spinlock recursion (jeff.liu) [Orabug: 16223050] \r\n- vhost: fix length for cross region descriptor (Michael S. Tsirkin) [Orabug: \r\n16387183] {CVE-2013-0311} \r\n- kabifix: block/scsi: Allow request and error handling timeouts to be \r\nspecified (Maxim Uvarov) \r\n- block/scsi: Allow request and error handling timeouts to be specified (Martin \r\nK. Petersen) [Orabug: 16372401] \r\n- [SCSI] Shorten the path length of scsi_cmd_to_driver() (Li Zhong) [Orabug: \r\n16372401] \r\n- Fix NULL dereferences in scsi_cmd_to_driver (Mark Rustad) [Orabug: 16372401] \r\n- SCSI: Fix error handling when no ULD is attached (Martin K. Petersen) \r\n[Orabug: 16372401] \r\n- Handle disk devices which can not process medium access commands (Martin K. \r\nPetersen) [Orabug: 16372401] \r\n- the ac->ac_allow_chain_relink=0 won't disable group relink (Xiaowei.Hu) \r\n[Orabug: 14842737] \r\n- pci: hotplug: fix null dereference in pci_set_payload() (Jerry Snitselaar) \r\n[Orabug: 16345420] \r\n \n[2.6.39-400.16.0] \r\n- epoll: prevent missed events on EPOLL_CTL_MOD (Eric Wong) [Orabug: 16363540] \r\n- rds: this resolved crash while removing rds_rdma module. orabug: 16268201 \r\n(Bang Nguyen) [Orabug: 16268201] \r\n- rds: scheduling while atomic on failover orabug: 16275095 (Bang Nguyen) \r\n[Orabug: 16268201] \r\n- SRP: Revert back to 2.6.39-400.8.0 code (Ajaykumar Hotchandani) [Orabug: \r\n16268201] \r\n- iSER: Revert back to 2.6.39-400.8.0 code (Ajaykumar Hotchandani) [Orabug: \r\n16268201] \r\n \n[2.6.39-400.15.0] \r\n- x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS. (Jan \r\nBeulich) {CVE-2013-0228} \r\n- xen-blkfront: drop the use of llist_for_each_entry_safe (Konrad Rzeszutek \r\nWilk) [Orabug: 16263164] \r\n- Revert 'xen PVonHVM: use E820_Reserved area for shared_info' (Konrad \r\nRzeszutek Wilk) [Orabug: 16297716] \r\n- Revert 'xen/PVonHVM: fix compile warning in init_hvm_pv_info' (Konrad \r\nRzeszutek Wilk) \r\n \n[2.6.39-400.14.0] \r\n- xfs: use shared ilock mode for direct IO writes by default (Dave Chinner) \r\n[Orabug: 16304938] \r\n- sched: fix divide by zero at {thread_group,task}_times (Stanislaw Gruszka) \r\n[Orabug: 15956690] \r\n- Revert 'Revert 'cgroup: notify_on_release may not be triggered in some \r\ncases'' (Maxim Uvarov) \r\n- xen_fmr: Verify XEN platform before running xen_fmr drivers (Yuval Shaia) \r\n[Orabug: 16302435] \r\n- rds: unregister IB event handler on shutdown (Bang Nguyen) [Orabug: 16302435] \r\n- rds: HAIP support child interface (Bang Nguyen) [Orabug: 16302435] \r\n- RDS HAIP misc fixes (Bang Nguyen) [Orabug: 16302435] \r\n- Ignore failover groups if HAIP is disabled (Bang Nguyen) [Orabug: 16302435] \r\n- RDS: RDS rolling upgrade (Saeed Mahameed) [Orabug: 16302435] \r\n- mlx4_core: use correct FMR number of clients according to PRM. (Saeed \r\nMahameed) [Orabug: 16302435] \r\n \n[2.6.39-400.13.0] \r\n- kmod: make __request_module() killable (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- kmod: introduce call_modprobe() helper (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- usermodehelper: implement UMH_KILLABLE (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- usermodehelper: introduce umh_complete(sub_info) (Oleg Nesterov) [Orabug: \r\n16286305] {CVE-2012-4398} \r\n- KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set \r\n(CVE-2012-4461) (Jerry Snitselaar) [Orabug: 16286290] {CVE-2012-4461} \r\n- exec: do not leave bprm->interp on stack (Kees Cook) [Orabug: 16286267] \r\n{CVE-2012-4530} \r\n- exec: use -ELOOP for max recursion depth (Kees Cook) [Orabug: 16286267] \r\n{CVE-2012-4530} \r\n- xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}() (Jan \r\nBeulich) [Orabug: 16243736] {CVE-2013-0231} \r\n- netback: correct netbk_tx_err to handle wrap around. (Ian Campbell) [Orabug: \r\n16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- xen/netback: free already allocated memory on failure in \r\nxen_netbk_get_requests (Ian Campbell) [Orabug: 16243309] {CVE-2013-0216 \r\nCVE-2013-0217} \r\n- xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop. (Ian \r\nCampbell) [Orabug: 16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- xen/netback: shutdown the ring if it contains garbage. (Ian Campbell) \r\n[Orabug: 16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- SCSI: scsi_remove_target: fix softlockup regression on hot remove (Dan \r\nWilliams) [Orabug: 16242926] \r\n \n[2.6.39-400.12.0] \r\n- IB: Add config options for Mellanox driver Xen FMR support. (Ajaykumar \r\nHotchandani) [Orabug: 16234102] \r\n- IB: Enable Xen FMR support for Mellanox driver. (Ajaykumar Hotchandani) \r\n[Orabug: 16234102] \r\n \n[2.6.39-400.11.0] \r\n- cnic: don't use weak dependencies for ipv6 (Jerry Snitselaar) [Orabug: \r\n16207564] \r\n- ext4: remove unaligned AIO warning printk (Eric Sandeen) [Orabug: 14096480] \r\n- SPEC: add block/net modules to list used by installer (Guru Anbalagane) \r\n[Orabug: 14224837] \r\n- dm mpath: add retain_attached_hw_handler feature (Mike Snitzer) [Orabug: \r\n16199397] \r\n- [SCSI] scsi_dh: add scsi_dh_attached_handler_name (Mike Snitzer) [Orabug: \r\n16199397] \r\n- xen/grant-table: Force to use v1 of grants. (Konrad Rzeszutek Wilk) [Oracle- \r\nbug: 16039922] \r\n- xen: netback: handle compound page fragments on transmit. (Ian Campbell) \r\n- xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests. \r\n(Andrew Cooper) {CVE-2013-0190} \r\n- xen/grant-table: correctly initialize grant table version 1 (Matt Wilson) \r\n \n[2.6.39-400.10.0] \r\n- btrfs: fix incompatible pointer warning (Jerry Snitselaar) \r\n- bnx2x: enable support for ethtool op get_rxfh_indir_size (Jerry Snitselaar) \r\n- Revert 'cgroup: notify_on_release may not be triggered in some cases' (Maxim \r\nUvarov) [Orabug: 16167473] \r\n- mlx4: disable build for i686 (Maxim Uvarov) \r\n \n[2.6.39-400.9.0] \r\n- mlx4_ib: alias_GUID, calculate slave port state in sa query handler \r\n(Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- RDS: Fixes warning while rds-info. spin_lock_irqsave() is changed to \r\nspin_lock_bh(). (Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- mlx4_en: handle HCA events correctly (Ajaykumar Hotchandani) [Orabug: \r\n15997083] \r\n- ixgbevf fix typo in Makefile (Maxim Uvarov) [Orabug: 16168292] \r\n- [patch3/3] kernel config: Mellanox OFED R2, 0080 release (Ajaykumar \r\nHotchandani) [Orabug: 15997083] \r\n- [patch2/3] RDS merge for UEK2 (Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- [patch1/3] Merge for Mellanox OFED R2, 0080 release (Ajaykumar Hotchandani) \r\n[Orabug: 15997083] \r\n \n[2.6.39-400.8.0] \r\n- git-changelog: don't print debug info (Maxim Uvarov) \r\n- spec: remove not used firmwares (Maxim Uvarov) [Orabug: 16048277] \r\n \n[2.6.39-400.7.0] \r\n- git-changelog: search for bug # in merge commit (Maxim Uvarov) \r\n- be2iscsi: Bump the driver version (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix Unrecoverable Error Detection (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix for MBX timeout issue (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix the copyright information (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix issue of displaying adapter family. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Fix Task Completion Event handling (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix session update context with V2 version. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Fix support for V2 version of WRB. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix support for handling CQ_CREATE V2 version. (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix max EQ supported by the driver. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix driver support for an adapter. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix return value and typo. (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix kernel panic in blk_iopoll disable mode. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Issue an FLR when driver is loaded (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Display driver name and version in device attribute (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix max supported EQ count to 8. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix memory leak in control path of driver (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Display Completion Event string instead of Opcode (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix the issue with soft reset. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- netxen: update to qlogic 4.0.80 (Sritej Velaga) [Orabug: 16025025] \r\n- qlge: update to qlogic 1.00.00.31 (Sritej Velaga) [Orabug: 16025042] \r\n- qlcnic: Update to 5.1.27.35 (Sritej Velaga) [Orabug: 16024990] \r\n- [SCSI] scsi_dh_alua: Add fusionio ION LUNs to scsi_dh_alua device list (Mike \r\nChristie) [Orabug: 16081231] \r\n- bonding: fixup typo in rlb mode of bond and bridge fix (Guru Anbalagane) \r\n[Orabug: 16069448] \r\n- qla4xxx: Updated driver version to 5.03.00.01.06.02-uek2 (Tej Parkash) \r\n[Orabug: 16067337] \r\n- qla4xxx: Correct the validation to check in get_sys_info mailbox (Nilesh \r\nJavali) [Orabug: 16067337] \r\n- qla4xxx: Pass correct function param to qla4_8xxx_rd_direct (Vikas Chaudhary) \r\n[Orabug: 16067337] \r\n- qla4xxx: Fix memory corruption issue in qla4xxx_get_ep_fwdb. (Manish \r\nRangankar) [Orabug: 16067337] \r\n- qla4xxx: Allow reset in link down case (Harish Zunjarrao) [Orabug: 16067337] \r\n- qla4xxx: Fix MBOX intr switching from polling to intr mode for ISP83XX (Vikas \r\nChaudhary) [Orabug: 16067337] \r\n- [SCSI] hpsa: change confusing message to be more clear (Mike Miller) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: retry commands completing with status of UNSOLICITED_ABORT \r\n(Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: use ioremap_nocache instead of ioremap (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: fix incorrect abort diagnostic message (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: dial down lockup detection during firmware flash (Stephen M. \r\nCameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: add new RAID level '1(ADM)' (Mike Miller) [Orabug: 14793661] \r\n- [SCSI] hpsa: factor out hpsa_free_irqs_and_disable_msix (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: refine interrupt handler locking for greater concurrency (Matt \r\nGates) [Orabug: 14793661] \r\n- [SCSI] hpsa: use multiple reply queues (Matt Gates) [Orabug: 14793661] \r\n- [SCSI] hpsa: factor out tail calls to next_command() in \r\nprocess_(non)indexed_cmd() (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: do aborts two ways (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: add abort error handler function (Stephen M. Cameron) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: remove unused parameter from finish_cmd (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: do not give up retry of driver cmds after only 3 retries \r\n(Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: retry driver initiated commands on busy status (Matt Bondurant) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: suppress excessively chatty error messages (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: enable bus master bit after pci_enable_device (Stephen M. \r\nCameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: do not skip disabled devices (Stephen M. Cameron) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: call pci_disable_device on driver unload (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: factor out driver name (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: gen8plus Smart Array IDs (Mike Miller) [Orabug: 14793661] \r\n \n[2.6.39-400.6.0] \r\n- qla3xxx: Ensure request/response queue addr writes to the registers (Joe Jin) \r\n[Orabug: 14614290] \r\n- tcp: fix tcp_trim_head() (Eric Dumazet) [Orabug: 14810429] \r\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) \r\n[Orabug: 16020976 Bug-db: 14798] {CVE-2012-5517} \r\n- Divide by zero in TCP congestion control Algorithm. (Jesper Dangaard Brouer) \r\n[Orabug: 16020656 Bug-db: 14798] {CVE-2012-4565} \r\n- Fix length of buffer copied in __nfs4_get_acl_uncached (Sachin Prabhu) [Bug- \r\ndb: 14798] {CVE-2012-2375} \r\n- Avoid reading past buffer when calling GETACL (Sachin Prabhu) [Bug-db: 14798] \r\n{CVE-2012-2375} \r\n- Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [Bug-db: 14798] \r\n{CVE-2012-2375} \r\n- Merge tag 'v2.6.39-400#bug16011154' of git://ca-git.us.oracle.com/linux- \r\nsnits-public (Maxim Uvarov) [Orabug: 16011154] \r\n- qla2xxx: Update the driver version to 8.04.00.11.39.0-k. (Saurav Kashyap) \r\n- qla2xxx: Obtain loopback iteration count from bsg request. (Joe Carnuccio) \r\n- qla2xxx: Update the FTP site references in the driver sources. (Giridhar \r\nMalavali) \r\n- qla2xxx: Debug ID corrections. (Chad Dupuis) \r\n- qla2xxx: Reject loopback request if one is already in progress. (Chad Dupuis) \r\n- qla2xxx: Print ignore message when thermal is not supported. (Joe Carnuccio) \r\n- qla2xxx: Avoid null pointer dereference in shutdown routine. (Masanari Iida) \r\n- qla2xxx: Get VPD information from common location for CNA. (Saurav Kashyap) \r\n- qla2xxx: Correct race in loop_state assignment during reset handling. (Andrew \r\nVasquez) \r\n- qla2xxx: Display that driver is operating in legacy interrupt mode. (Saurav \r\nKashyap) \r\n- qla2xxx: Free rsp_data even on error in qla2x00_process_loopback(). (Steve \r\nHodgson) \r\n- qla2xxx: Dont clear drv active on iospace config failure. (Saurav Kashyap) \r\n- qla2xxx: Fix typo in qla2xxx driver. (Masanari Iida) \r\n- qla2xxx: Update ql2xextended_error_logging parameter description with new \r\noption. (Chad Dupuis) \r\n- qla2xxx: Parameterize the link speed string conversion function. (Joe \r\nCarnuccio) \r\n- qla2xxx: Add 16Gb/s case to get port speed capability. (Joe Carnuccio) \r\n- qla2xxx: Move marking fcport online ahead of setting iiDMA speed. (Joe \r\nCarnuccio) \r\n- Merge tag 'v2.6.39-400.5.0#bugdb13826' of ca-git.us.oracle.com:linux-muvarov- \r\npublic (Maxim Uvarov) [Bug-db: 13826] \r\n- be2net: fix INTx ISR for interrupt behaviour on BE2 (Sathya Perla) \r\n- be2net: fix a possible events_get() race on BE2 (Sathya Perla) \r\n- net: Remove bogus dependencies on INET (Ben Hutchings) \r\n- be2net: remove adapter->eq_next_idx (Sathya Perla) \r\n- be2net: remove roce on lancer (Sathya Perla) \r\n- be2net: fix access to SEMAPHORE reg (Sathya Perla) \r\n- be2net: re-factor bar mapping code (Sathya Perla) \r\n- be2net: do not use sli_family to identify skyhawk-R chip (Sathya Perla) \r\n- be2net: fix wrong usage of adapter->generation (Sathya Perla) \r\n- be2net: remove LANCER A0 workaround (Sathya Perla) \r\n- be2net: Fix smatch warnings in be_main.c (Padmanabh Ratnakar) \r\n- be2net: Update driver version (Padmanabh Ratnakar) \r\n- be2net: Fix skyhawk VF PCI Device ID (Padmanabh Ratnakar) \r\n- be2net: Fix FW flashing on Skyhawk-R (Padmanabh Ratnakar) \r\n- be2net: Enabling Wake-on-LAN is not supported in S5 state (Padmanabh \r\nRatnakar) \r\n- be2net: Fix VF driver load on newer Lancer FW (Padmanabh Ratnakar) \r\n- be2net: Fix unnecessary delay in PCI EEH (Padmanabh Ratnakar) \r\n- be2net: Fix issues in error recovery due to wrong queue state (Padmanabh \r\nRatnakar) \r\n- be2net: Fix ethtool get_settings output for VF (Padmanabh Ratnakar) \r\n- be2net: Fix error messages while driver load for VFs (Padmanabh Ratnakar) \r\n- be2net: Fix configuring VLAN for VF for Lancer (Padmanabh Ratnakar) \r\n- be2net: Wait till resources are available for VF in error recovery (Padmanabh \r\nRatnakar) \r\n- be2net: Fix change MAC operation for VF for Lancer (Padmanabh Ratnakar) \r\n- be2net: Fix setting QoS for VF for Lancer (Padmanabh Ratnakar) \r\n- be2net: Fix driver load failure for different FW configs in Lancer (Padmanabh \r\nRatnakar) \r\n- be2net: create RSS rings even in multi-channel configs (Sathya Perla) \r\n- be2net: set maximal number of default RSS queues (Yuval Mintz) \r\n- be2net: Program secondary UC MAC address into MAC filter (Ajit Khaparde) \r\n- be2net: Remove code that stops further access to BE NIC based on UE bits \r\n(Ajit Khaparde) \r\n- be2net: fix vfs enumeration (Ivan Vecera) \r\n- be2net: fixup log messages (Sathya Perla) \r\n- be2net: cleanup code related to be_link_status_query() (Sathya Perla) \r\n- be2net: fix wrong handling of be_setup() failure in be_probe() (Sathya Perla) \r\n- be2net: remove type argument of be_cmd_mac_addr_query() (Sathya Perla) \r\n- Revert 'be2net: fix vfs enumeration' (David S. Miller) \r\n- be2net: fix vfs enumeration (Ivan Vecera) \r\n- be2net: use PCIe AER capability (Sathya Perla) \r\n- be2net: modify log msg for lack of privilege error (Vasundhara Volam) \r\n- be2net: fix FW default for VF tx-rate (Vasundhara Volam) \r\n- be2net: fix max VFs reported by HW (Vasundhara Volam) \r\n- netpoll: revert 6bdb7fe3104 and fix be_poll() instead (Amerigo Wang) \r\n- SPEC: OL5 kernel firmware rpm depends on all others firmwares (Maxim Uvarov) \r\n[Orabug: 15987332] \r\n \n[2.6.39-400.5.0] \r\n- x86, tsc: Fix SMI induced variation in quick_pit_calibrate() (Linus Torvalds) \r\n[Orabug: 13256166] \r\n- x86, tsc: Skip TSC synchronization checks for tsc=reliable (Suresh Siddha) \r\n[Orabug: 13256166] \r\n- bonding: rlb mode of bond should not alter ARP originating via bridge \r\n(zheng.li) [Orabug: 14650975] \r\n- Merge tag 'v2.6.39-400#rdac' of git://ca-git.us.oracle.com/linux-snits-public \r\n(Maxim Uvarov) \r\n- [SCSI] scsi_dh_rdac: Fix error path (Richard Weinberger) \r\n- [SCSI] scsi_dh_rdac: Adding NetApp as a brand name for rdac (Chauhan, Vijay) \r\n- Merge tag 'uek2-merge-400-3.8-fixes-tag' of git://ca-git.us.oracle.com/linux- \r\nkonrad-public (Maxim Uvarov) \r\n- xen-blkfront: handle bvecs with partial data (Roger Pau Monne) \r\n- xen-blkfront: implement safe version of llist_for_each_entry (Roger Pau \r\nMonne) \r\n- xen-blkback: implement safe iterator for the list of persistent grants (Roger \r\nPau Monne) \r\n- Merge tag 'uek2-merge-400-3.8-tag' of git://ca-git.us.oracle.com/linux- \r\nkonrad-public (Maxim Uvarov) \r\n- Merge tag 'uek2-merge-backport-3.8' of git://ca-git/linux-konrad-public into \r\nuek2-merge-400 (Konrad Rzeszutek Wilk) \r\n- xen: arm: implement remap interfaces needed for privcmd mappings. (Ian \r\nCampbell) \r\n- xen: correctly use xen_pfn_t in remap_domain_mfn_range. (Ian Campbell) \r\n- xen: arm: enable balloon driver (Ian Campbell) \r\n- xen: balloon: allow PVMMU interfaces to be compiled out (Ian Campbell) \r\n- xen: privcmd: support autotranslated physmap guests. (Mukesh Rathor) \r\n- xen: add pages parameter to xen_remap_domain_mfn_range (Ian Campbell) \r\n- xen/PVonHVM: fix compile warning in init_hvm_pv_info (Olaf Hering) \r\n- xen/acpi: Move the xen_running_on_version_or_later function. (Konrad \r\nRzeszutek Wilk) \r\n- xen/xenbus: Remove duplicate inclusion of asm/xen/hypervisor.h (Sachin Kamat) \r\n- xen/acpi: Fix compile error by missing decleration for xen_domain. (Konrad \r\nRzeszutek Wilk) \r\n- xen/acpi: revert pad config check in xen_check_mwait (Liu, Jinsong) \r\n- xen/acpi: ACPI PAD driver (Liu, Jinsong) \r\n- xen PVonHVM: use E820_Reserved area for shared_info (Olaf Hering) \r\n- xen-blkfront: free allocated page (Roger Pau Monne) \r\n- xen-blkback: move free persistent grants code (Roger Pau Monne) \r\n- xen/blkback: persistent-grants fixes (Roger Pau Monne) \r\n- xen/blkback: Persistent grant maps for xen blk drivers (Roger Pau Monne) \r\n- xen/blkback: Change xen_vbd's flush_support and discard_secure to have type \r\nunsigned int, rather than bool (Oliver Chick) \r\n- xen/blkback: use kmem_cache_zalloc instead of kmem_cache_alloc/memset (Wei \r\nYongjun) \r\n- xen/blkfront: Add WARN to deal with misbehaving backends. (Konrad Rzeszutek \r\nWilk) \r\n- llist-return-whether-list-is-empty-before-adding-in-llist_add-fix (Andrew \r\nMorton) \r\n- llist: Add back llist_add_batch() and llist_del_first() prototypes (Stephen \r\nRothwell) \r\n- llist: Remove cpu_relax() usage in cmpxchg loops (Peter Zijlstra) \r\n- llist: Add llist_next() (Peter Zijlstra) \r\n- llist: Return whether list is empty before adding in llist_add() (Huang Ying) \r\n- llist: Move cpu_relax() to after the cmpxchg() (Huang Ying) \r\n- llist: Remove the platform-dependent NMI checks (Ingo Molnar) \r\n- llist: Make some llist functions inline (Huang Ying) \r\n- lib, Add lock-less NULL terminated single list (Huang Ying) \r\n- xen/oprofile: Expose the oprofile_arch_exit_fnc pointer. (Konrad Rzeszutek \r\nWilk) \r\n- xen/oprofile: Switch from syscore_ops to platform_ops. (Konrad Rzeszutek \r\nWilk) \r\n- xen/oprofile: Fix compile issues when CONFIG_XEN is not defined. (Konrad \r\nRzeszutek Wilk) \r\n- xen/oprofile: The arch_ variants for init/exec weren't being called. (Konrad \r\nRzeszutek Wilk) \r\n- xen/oprofile: Compile fix (Konrad Rzeszutek Wilk) \r\n- xen/oprofile: Patch from Michael Petullo (Konrad Rzeszutek Wilk) \r\n \n[2.6.39-400.4.0] \r\n- Merge tag 'uek2-merge-400-3.7-tag' of git://ca-git.us.oracle.com/linux- \r\nkonrad-public (Maxim Uvarov) \r\n- Merge tag 'uek2-merge-backport-3.7' of git://ca-git/linux-konrad-public into \r\nuek2-merge-400 (Konrad Rzeszutek Wilk) \r\n- Revert 'xen/x86: Workaround 64-bit hypervisor and 32-bit initial domain.' and \r\n'xen/x86: Use memblock_reserve for sensitive areas.' (Konrad Rzeszutek Wilk) \r\n- xen/x86: Workaround 64-bit hypervisor and 32-bit initial domain. (Konrad \r\nRzeszutek Wilk) \r\n- xen/arm: Fix compile errors when drivers are compiled as modules (export \r\nmore). (Stefano Stabellini) \r\n- xen/arm: Fix compile errors when drivers are compiled as modules. (Konrad \r\nRzeszutek Wilk) \r\n- xen/generic: Disable fallback build on ARM. (Konrad Rzeszutek Wilk) \r\n- xen/hvm: If we fail to fetch an HVM parameter print out which flag it is. \r\n(Konrad Rzeszutek Wilk) \r\n- xen/hypercall: fix hypercall fallback code for very old hypervisors (Jan \r\nBeulich) \r\n- xen/arm: use the __HVC macro (Stefano Stabellini) \r\n- xen/xenbus: fix overflow check in xenbus_file_write() (Jan Beulich) \r\n- xen-kbdfront: handle backend CLOSED without CLOSING (David Vrabel) \r\n- xen-fbfront: handle backend CLOSED without CLOSING (David Vrabel) \r\n- xen/gntdev: don't leak memory from IOCTL_GNTDEV_MAP_GRANT_REF (David Vrabel) \r\n- x86: remove obsolete comment from asm/xen/hypervisor.h (Olaf Hering) \r\n- xen: dbgp: Fix warning when CONFIG_PCI is not enabled. (Ian Campbell) \r\n- USB EHCI/Xen: propagate controller reset information to hypervisor (Jan \r\nBeulich) \r\n- xen: arm: comment on why 64-bit xen_pfn_t is safe even on 32 bit (Ian \r\nCampbell) \r\n- xen: balloon: use correct type for frame_list (Ian Campbell) \r\n- xen/x86: don't corrupt %eip when returning from a signal handler (David \r\nVrabel) \r\n- xen: arm: make p2m operations NOPs (Ian Campbell) \r\n- xen: balloon: don't include e820.h (Ian Campbell) \r\n- xen: events: pirq_check_eoi_map is X86 specific (Ian Campbell) \r\n- xen: XENMEM_translate_gpfn_list was remove ages ago and is unused. (Ian \r\nCampbell) \r\n- xen: sysfs: include err.h for PTR_ERR etc (Ian Campbell) \r\n- xen: xenbus: quirk uses x86 specific cpuid (Ian Campbell) \r\n- xen/xenbus: Fix compile warning. (Konrad Rzeszutek Wilk) \r\n- xen/x86: remove duplicated include from enlighten.c (Wei Yongjun) \r\n- xen/pv-on-hvm kexec: add quirk for Xen 3.4 and shutdown watches. (Konrad \r\nRzeszutek Wilk) \r\n- xen/bootup: allow {read|write}_cr8 pvops call. (Konrad Rzeszutek Wilk) \r\n- xen/bootup: allow read_tscp call for Xen PV guests. (Konrad Rzeszutek Wilk) \r\n- xen pv-on-hvm: add pfn_is_ram helper for kdump (Olaf Hering) \r\n- xen/hvc: handle backend CLOSED without CLOSING (David Vrabel) \r\n- xen/xen_initial_domain: check that xen_start_info is initialized (Stefano \r\nStabellini) \r\n- xen: mark xen_init_IRQ __init (Stefano Stabellini) \r\n- xen/Makefile: fix dom-y build (Stefano Stabellini) \r\n- MAINTAINERS: add myself as Xen ARM maintainer (Stefano Stabellini) \r\n- xen/arm: compile netback (Stefano Stabellini) \r\n- xen/arm: compile blkfront and blkback (Stefano Stabellini) \r\n- xen/arm: implement alloc/free_xenballooned_pages with alloc_pages/kfree \r\n(Stefano Stabellini) \r\n- xen/arm: receive Xen events on ARM (Stefano Stabellini) \r\n- xen/arm: initialize grant_table on ARM (Stefano Stabellini) \r\n- xen/arm: get privilege status (Stefano Stabellini) \r\n- xen/arm: introduce CONFIG_XEN on ARM (Stefano Stabellini) \r\n- xen: do not compile manage, balloon, pci, acpi, pcpu and cpu_hotplug on ARM \r\n(Stefano Stabellini) \r\n- xen/tmem: cleanup (Jan Beulich) \r\n- xen: Add selfballoning memory reservation tunable. (Jana Saout) \r\n- xen: constify all instances of 'struct attribute_group' (Jan Beulich) \r\n- xen: Fix selfballooning and ensure it doesn't go too far (Dan Magenheimer) \r\n- xen: self-balloon needs module.h (Randy Dunlap) \r\n- xen/balloon: Fix compile errors - missing header files. (Konrad Rzeszutek \r\nWilk) \r\n- xen: tmem: self-ballooning and frontswap-selfshrinking (Dan Magenheimer) \r\n- xen: grant: use xen_pfn_t type for frame_list. (Ian Campbell) \r\n- xen: sysfs: fix build warning. (Ian Campbell) \r\n- xen/arm: Introduce xen_ulong_t for unsigned long (Stefano Stabellini) \r\n- xen: Introduce xen_pfn_t for pfn and mfn types (Stefano Stabellini) \r\n- xen/arm: Xen detection and shared_info page mapping (Stefano Stabellini) \r\n- docs: Xen ARM DT bindings (Stefano Stabellini) \r\n- xen/arm: empty implementation of grant_table arch specific functions (Stefano \r\nStabellini) \r\n- xen/arm: sync_bitops (Stefano Stabellini) \r\n- xen/arm: page.h definitions (Stefano Stabellini) \r\n- xen/arm: hypercalls (Stefano Stabellini) \r\n- arm: initial Xen support (Stefano Stabellini) \r\n- xen/vga: add the xen EFI video mode support (Jan Beulich) \r\n- xen: allow enable use of VGA console on dom0 (Jeremy Fitzhardinge) \r\n- xen/pcifront: Use Xen-SWIOTLB when initting if required. (Konrad Rzeszutek \r\nWilk) \r\n- xen/swiotlb: For early initialization, return zero on success. (Konrad \r\nRzeszutek Wilk) \r\n- xen/swiotlb: Use the swiotlb_late_init_with_tbl to init Xen-SWIOTLB late when \r\nPV PCI is used. (Konrad Rzeszutek Wilk) \r\n- xen/swiotlb: Move the error strings to its own function. (Konrad Rzeszutek \r\nWilk) \r\n- xen/swiotlb: Move the nr_tbl determination in its own function. (Konrad \r\nRzeszutek Wilk) \r\n- xen: Use correct masking in xen_swiotlb_alloc_coherent. (Ronny Hegewald) \r\n- xen/swiotlb: Use page alignment for early buffer allocation. (Konrad \r\nRzeszutek Wilk) \r\n- swiotlb: Expose swiotlb_nr_tlb function to modules (Konrad Rzeszutek Wilk) \r\n- xen-swiotlb: When doing coherent alloc/dealloc check before swizzling the \r\nMFNs. (Konrad Rzeszutek Wilk) \r\n- xen-swiotlb: fix printk and panic args (Randy Dunlap) \r\n- xen-swiotlb: Fix wrong panic. (Konrad Rzeszutek Wilk) \r\n- xen-swiotlb: Retry up three times to allocate Xen-SWIOTLB (Konrad Rzeszutek \r\nWilk) \r\n- swiotlb: add the late swiotlb initialization function with iotlb memory \r\n(Konrad Rzeszutek Wilk) \r\n- xen/swiotlb: With more than 4GB on 64-bit, disable the native SWIOTLB. \r\n(Konrad Rzeszutek Wilk) \r\n- xen/swiotlb: Simplify the logic. (Konrad Rzeszutek Wilk) \r\n- xen/gndev: Xen backend support for paged out grant targets V4. (Andres Lagar- \r\nCavilla) \r\n- xen/arm: compile and run xenbus (Stefano Stabellini) \r\n- xen: clear IRQ_NOAUTOEN and IRQ_NOREQUEST (Stefano Stabellini) \r\n- xen/events: fix unmask_evtchn for PV on HVM guests (Stefano Stabellini) \r\n- xen/privcmd: Correctly return success from IOCTL_PRIVCMD_MMAPBATCH (Mats \r\nPetersson) \r\n- xen/mmu: Use Xen specific TLB flush instead of the generic one. (Konrad \r\nRzeszutek Wilk) [Oracle-bug: 14630170] \r\n- xen/enlighten: Disable MWAIT_LEAF so that acpi-pad won't be loaded. (Konrad \r\nRzeszutek Wilk) \r\n- x86, amd, xen: Avoid NULL pointer paravirt references (Konrad Rzeszutek Wilk) \r\n- xen/setup: filter APERFMPERF cpuid feature out (Andre Przywara) \r\n- xen/enlighten: Expose MWAIT and MWAIT_LEAF if hypervisor OKs it. (Konrad \r\nRzeszutek Wilk) \r\n- xen/acpi: Fix potential memory leak", "modified": "2013-02-27T00:00:00", "published": "2013-02-27T00:00:00", "id": "ELSA-2013-2507", "href": "http://linux.oracle.com/errata/ELSA-2013-2507.html", "title": "Unbreakable Enterprise kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:48", "bulletinFamily": "unix", "description": "[2.6.32-300.39.4]\r\n- exec: do not leave bprm->interp on stack (Kees Cook) [Orabug: 16286741]\r\n {CVE-2012-4530}\r\n- exec: use -ELOOP for max recursion depth (Kees Cook) [Orabug: 16286741]\r\n {CVE-2012-4530}\r\n \n[2.6.32-300.39.3]\r\n- Xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests.\r\n (Frediano Ziglio) [Orabug: 16274192] {CVE-2013-0190}", "modified": "2013-02-06T00:00:00", "published": "2013-02-06T00:00:00", "id": "ELSA-2013-2504", "href": "http://linux.oracle.com/errata/ELSA-2013-2504.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:45", "bulletinFamily": "unix", "description": "[2.6.32-400.26.2]\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517}\n- ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}\n- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349}\n- dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827}\n- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774}\n- keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792}\n- KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798}\n- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796}\n- net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547}\n- atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}\n- xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}\n- xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537}\n- xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}\n- xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}", "modified": "2013-04-24T00:00:00", "published": "2013-04-24T00:00:00", "id": "ELSA-2013-2520", "href": "http://linux.oracle.com/errata/ELSA-2013-2520.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2016-09-26T17:22:52", "bulletinFamily": "software", "description": "Recommended action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2014-10-27T00:00:00", "published": "2014-10-27T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15746.html", "id": "SOL15746", "title": "SOL15746 - Linux kernel vulnerability CVE-2012-4542", "type": "f5", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:01", "bulletinFamily": "software", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists. \n \nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy. \n \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2015-05-27T00:00:00", "published": "2014-10-23T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15732.html", "id": "SOL15732", "title": "SOL15732 - Linux kernel vulnerability CVE-2013-0311", "type": "f5", "cvss": {"score": 6.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-10-21T22:58:00", "bulletinFamily": "software", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2019-06-15T01:01:00", "published": "2019-06-15T01:01:00", "id": "F5:K21914362", "href": "https://support.f5.com/csp/article/K21914362", "title": "Linux kernel vulnerability CVE-2013-7470", "type": "f5", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:57", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user could use this flaw\nto crash the host or, potentially, escalate their privileges on the host.\n(CVE-2013-0311)\n\nIt was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542)\n\nIt was discovered that dnsmasq, when used in combination with certain\nlibvirtd configurations, could incorrectly process network packets from\nnetwork interfaces that were intended to be prohibited. A remote,\nunauthenticated attacker could exploit this flaw to cause a denial of\nservice via DNS amplification attacks. (CVE-2012-3411)\n\nThe CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.\n\nThis updated package provides updated components that include fixes for\nseveral security issues. These issues had no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2012-3955 (dhcp issue)\n\nCVE-2011-4355 (gdb issue)\n\nCVE-2012-4508, CVE-2013-0190, CVE-2013-0309, and CVE-2013-0310 (kernel\nissues)\n\nCVE-2012-5536 (openssh issue)\n\nCVE-2011-3148 and CVE-2011-3149 (pam issues)\n\nCVE-2013-0157 (util-linux-ng issue)\n\nThis updated Red Hat Enterprise Virtualization Hypervisor package also\nfixes the following bugs:\n\n* Previously, the Administration Portal would always display the option to\nupgrade the Red Hat Enterprise Virtualization Hypervisor ISO regardless of\nwhether or not the selected host was up-to-date. Now, the VDSM version\ncompatibility is considered and the upgrade message only displays if there\nis an upgrade relevant to the host available. (BZ#853092)\n\n* An out of date version of libvirt was included in the Red Hat Enterprise\nVirtualization Hypervisor 6.4 package. As a result, virtual machines with\nsupported CPU models were not being properly parsed by libvirt and failed\nto start. A more recent version of libvirt has been included in this\nupdated hypervisor package. Virtual machines now start normally.\n(BZ#895078)\n\nAs well, this update adds the following enhancement:\n\n* Hypervisor packages now take advantage of the installonlypkg function\nprovided by yum. This allows for multiple versions of the hypervisor\npackage to be installed on a system concurrently without making changes to\nthe yum configuration as was previously required. (BZ#863579)\n\nThis update includes the ovirt-node build from RHBA-2013:0556:\n\n https://rhn.redhat.com/errata/RHBA-2013-0556.html\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues and adds this\nenhancement.\n", "modified": "2018-06-07T08:59:40", "published": "2013-02-28T05:00:00", "id": "RHSA-2013:0579", "href": "https://access.redhat.com/errata/RHSA-2013:0579", "type": "redhat", "title": "(RHSA-2013:0579) Important: rhev-hypervisor6 security, bug fix, and enhancement update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:49", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM\n(Kernel-based Virtual Machine) guest could use this flaw to crash the host\nor, potentially, escalate their privileges on the host. (CVE-2013-0311,\nImportant)\n\n* A flaw was found in the way the KVM subsystem handled guests attempting\nto run with the X86_CR4_OSXSAVE CPU feature flag set. On hosts without the\nXSAVE CPU feature, a local, unprivileged user could use this flaw to crash\nthe host system. (The \"grep --color xsave /proc/cpuinfo\" command can be\nused to verify if your system has the XSAVE CPU feature.) (CVE-2012-4461,\nModerate)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user\nable to mount and unmount a tmpfs file system could use this flaw to cause\na denial of service or, potentially, escalate their privileges.\n(CVE-2013-1767, Low)\n\nRed Hat would like to thank Jon Howell for reporting CVE-2012-4461.\nCVE-2012-4542 was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, when open(2) system calls were processed, the GETATTR\nroutine did not check to see if valid attributes were also returned. As a\nresult, the open() call succeeded with invalid attributes instead of\nfailing in such a case. This update adds the missing check, and the open()\ncall succeeds only when valid attributes are returned. (BZ#960409)\n\n* Previously, the fsync(2) system call incorrectly returned the EIO\n(Input/Output) error instead of the ENOSPC (No space left on device) error.\nThis was due to incorrect error handling in the page cache. This problem\nhas been fixed and the correct error value is now returned. (BZ#960418)\n\n* In the RPC code, when a network socket backed up due to high network\ntraffic, a timer was set causing a retransmission, which in turn could\ncause an even larger amount of network traffic to be generated. To prevent\nthis problem, the RPC code now waits for the socket to empty instead of\nsetting the timer. (BZ#960423)\n\n* This update fixes a number of bugs in the be2iscsi driver for\nServerEngines BladeEngine 2 Open iSCSI devices. (BZ#955502)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2015-04-24T14:17:46", "published": "2013-05-30T04:00:00", "id": "RHSA-2013:0882", "href": "https://access.redhat.com/errata/RHSA-2013:0882", "type": "redhat", "title": "(RHSA-2013:0882) Important: kernel security and bug fix update", "cvss": {"score": 6.5, "vector": "AV:A/AC:H/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:07", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the vhost kernel module handled descriptors\nthat spanned multiple regions. A privileged guest user in a KVM\n(Kernel-based Virtual Machine) guest could use this flaw to crash the host\nor, potentially, escalate their privileges on the host. (CVE-2013-0311,\nImportant)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were\nconverted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's\nFAT file system implementation. A local user able to mount a FAT file\nsystem with the \"utf8=1\" option could use this flaw to crash the system or,\npotentially, to escalate their privileges. (CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the\nbuffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine\nstate register (MSR) crossed a page boundary. A privileged guest user could\nuse this flaw to crash the host or, potentially, escalate their privileges,\nallowing them to execute arbitrary code at the host kernel level.\n(CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled guest\ntime updates when the GPA (guest physical address) the guest registered by\nwriting to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a\nmovable or removable memory region of the hosting user-space process (by\ndefault, QEMU-KVM) on the host. If that memory region is deregistered from\nKVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory\nreused, a privileged guest user could potentially use this flaw to escalate\ntheir privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced\nProgrammable Interrupt Controller). A missing validation check in the\nioapic_read_indirect() function could allow a privileged guest user to\ncrash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* It was found that the default SCSI command filter does not accommodate\ncommands that overlap across device classes. A privileged guest user could\npotentially use this flaw to write arbitrary data to a LUN that is\npassed-through as read-only. (CVE-2012-4542, Moderate)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user\nable to mount and unmount a tmpfs file system could use this flaw to cause\na denial of service or, potentially, escalate their privileges.\n(CVE-2013-1767, Low)\n\n* A format string flaw was found in the ext3_msg() function in the Linux\nkernel's ext3 file system implementation. A local user who is able to mount\nan ext3 file system could use this flaw to cause a denial of service or,\npotentially, escalate their privileges. (CVE-2013-1848, Low)\n\nRed Hat would like to thank Andrew Honig of Google for reporting the\nCVE-2013-1796, CVE-2013-1797, and CVE-2013-1798 issues. The CVE-2012-4542\nissue was discovered by Paolo Bonzini of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2015-04-24T14:19:56", "published": "2013-06-11T04:00:00", "id": "RHSA-2013:0928", "href": "https://access.redhat.com/errata/RHSA-2013:0928", "type": "redhat", "title": "(RHSA-2013:0928) Important: kernel security and bug fix update", "cvss": {"score": 6.8, "vector": "AV:A/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:47", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* An information leak flaw was found in the way Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and\nFujitsu for reporting CVE-2013-4299. Upstream acknowledges Dmitry Monakhov\nas the original reporter of CVE-2012-4508.\n\nThis update also fixes the following bugs:\n\n* When the Audit subsystem was under heavy load, it could loop infinitely\nin the audit_log_start() function instead of failing over to the error\nrecovery code. This would cause soft lockups in the kernel. With this\nupdate, the timeout condition in the audit_log_start() function has been\nmodified to properly fail over when necessary. (BZ#1017898)\n\n* When handling Memory Type Range Registers (MTRRs), the\nstop_one_cpu_nowait() function could potentially be executed in parallel\nwith the stop_machine() function, which resulted in a deadlock. The MTRR\nhandling logic now uses the stop_machine() function and makes use of mutual\nexclusion to avoid the aforementioned deadlock. (BZ#1017902)\n\n* Power-limit notification interrupts were enabled by default. This could\nlead to degradation of system performance or even render the system\nunusable on certain platforms, such as Dell PowerEdge servers. Power-limit\nnotification interrupts have been disabled by default and a new kernel\ncommand line parameter \"int_pln_enable\" has been added to allow users to\nobserve these events using the existing system counters. Power-limit\nnotification messages are also no longer displayed on the console.\nThe affected platforms no longer suffer from degraded system performance\ndue to this problem. (BZ#1020519)\n\n* Package level thermal and power limit events are not defined as MCE\nerrors for the x86 architecture. However, the mcelog utility erroneously\nreported these events as MCE errors with the following message:\n\n kernel: [Hardware Error]: Machine check events logged\n\nPackage level thermal and power limit events are no longer reported as MCE\nerrors by mcelog. When these events are triggered, they are now reported\nonly in the respective counters in sysfs (specifically,\n/sys/devices/system/cpu/cpu<number>/thermal_throttle/). (BZ#1021950)\n\n* An insufficiently designed calculation in the CPU accelerator could cause\nan arithmetic overflow in the set_cyc2ns_scale() function if the system\nuptime exceeded 208 days prior to using kexec to boot into a new kernel.\nThis overflow led to a kernel panic on systems using the Time Stamp Counter\n(TSC) clock source, primarily systems using Intel Xeon E5 processors that\ndo not reset TSC on soft power cycles. A patch has been applied to modify\nthe calculation so that this arithmetic overflow and kernel panic can no\nlonger occur under these circumstances. (BZ#1024453)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2015-04-24T14:20:13", "published": "2013-11-13T05:00:00", "id": "RHSA-2013:1519", "href": "https://access.redhat.com/errata/RHSA-2013:1519", "type": "redhat", "title": "(RHSA-2013:1519) Important: kernel security and bug fix update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:16", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* An information leak flaw was found in the way the Linux kernel's device\nmapper subsystem, under certain conditions, interpreted data written to\nsnapshot block devices. An attacker could use this flaw to read data from\ndisk blocks in free space, which are normally inaccessible. (CVE-2013-4299,\nModerate)\n\n* A format string flaw was found in the Linux kernel's block layer.\nA privileged, local user could potentially use this flaw to escalate their\nprivileges to kernel level (ring0). (CVE-2013-2851, Low)\n\nRed Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508,\nFujitsu for reporting CVE-2013-4299, and Kees Cook for reporting\nCVE-2013-2851. Upstream acknowledges Dmitry Monakhov as the original\nreporter of CVE-2012-4508.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2015-04-24T14:21:32", "published": "2013-12-05T05:00:00", "id": "RHSA-2013:1783", "href": "https://access.redhat.com/errata/RHSA-2013:1783", "type": "redhat", "title": "(RHSA-2013:1783) Important: kernel security and bug fix update", "cvss": {"score": 6.0, "vector": "AV:L/AC:H/Au:S/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2019-05-29T17:21:10", "bulletinFamily": "unix", "description": "It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. (CVE-2012-2669)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190)", "modified": "2013-02-12T00:00:00", "published": "2013-02-12T00:00:00", "id": "USN-1719-1", "href": "https://usn.ubuntu.com/1719-1/", "title": "Linux kernel (Oneiric backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T17:23:08", "bulletinFamily": "unix", "description": "It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. (CVE-2012-2669)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. (CVE-2012-5532)\n\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190)", "modified": "2013-02-12T00:00:00", "published": "2013-02-12T00:00:00", "id": "USN-1720-1", "href": "https://usn.ubuntu.com/1720-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T17:22:51", "bulletinFamily": "unix", "description": "Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.", "modified": "2013-02-14T00:00:00", "published": "2013-02-14T00:00:00", "id": "USN-1725-1", "href": "https://usn.ubuntu.com/1725-1/", "title": "Linux kernel vulnerability", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T17:22:19", "bulletinFamily": "unix", "description": "Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.", "modified": "2013-02-19T00:00:00", "published": "2013-02-19T00:00:00", "id": "USN-1728-1", "href": "https://usn.ubuntu.com/1728-1/", "title": "Linux kernel (EC2) vulnerability", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T17:21:58", "bulletinFamily": "unix", "description": "Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190)\n\nA failure to validate input was discovered in the Linux kernel\u2019s Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216)\n\nA memory leak was discovered in the Linux kernel\u2019s Xen netback (network backend) driver. A user in a guest OS could trigger this flaw to cause a denial of service on the system. (CVE-2013-0217)\n\nA flaw was discovered in the Linux kernel Xen PCI backend driver. If a PCI device is assigned to the guest OS, the guest OS could exploit this flaw to cause a denial of service on the host. (CVE-2013-0231)\n\nA flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268)\n\nTommi Rantala discovered a flaw in the a flaw the Linux kernels handling of datagrams packets when the MSG_PEEK flag is specified. An unprivileged local user could exploit this flaw to cause a denial of service (system hang). (CVE-2013-0290)\n\nA flaw was discovered in the Linux kernel\u2019s vhost driver used to accelerate guest networking in KVM based virtual machines. A privileged guest user could exploit this flaw to crash the host system. (CVE-2013-0311)\n\nA flaw was discovered in the Extended Verification Module (EVM) of the Linux kernel. An unprivileged local user code exploit this flaw to cause a denial of service (system crash). (CVE-2013-0313)\n\nAn information leak was discovered in the Linux kernel\u2019s Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled. A local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)", "modified": "2013-03-21T00:00:00", "published": "2013-03-21T00:00:00", "id": "USN-1774-1", "href": "https://usn.ubuntu.com/1774-1/", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.5, "vector": "AV:A/AC:H/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T19:21:30", "bulletinFamily": "unix", "description": "Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190)\n\nA failure to validate input was discovered in the Linux kernel\u2019s Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216)\n\nA memory leak was discovered in the Linux kernel\u2019s Xen netback (network backend) driver. A user in a guest OS could trigger this flaw to cause a denial of service on the system. (CVE-2013-0217)\n\nA flaw was discovered in the Linux kernel Xen PCI backend driver. If a PCI device is assigned to the guest OS, the guest OS could exploit this flaw to cause a denial of service on the host. (CVE-2013-0231)\n\nA flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268)\n\nTommi Rantala discovered a flaw in the a flaw the Linux kernels handling of datagrams packets when the MSG_PEEK flag is specified. An unprivileged local user could exploit this flaw to cause a denial of service (system hang). (CVE-2013-0290)\n\nA flaw was discovered in the Linux kernel\u2019s vhost driver used to accelerate guest networking in KVM based virtual machines. A privileged guest user could exploit this flaw to crash the host system. (CVE-2013-0311)\n\nA flaw was discovered in the Extended Verification Module (EVM) of the Linux kernel. An unprivileged local user code exploit this flaw to cause a denial of service (system crash). (CVE-2013-0313)\n\nAn information leak was discovered in the Linux kernel\u2019s Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled. A local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)", "modified": "2013-03-18T00:00:00", "published": "2013-03-18T00:00:00", "id": "USN-1769-1", "href": "https://usn.ubuntu.com/1769-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.5, "vector": "AV:A/AC:H/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:09", "bulletinFamily": "unix", "description": "Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190)\n\nA failure to validate input was discovered in the Linux kernel\u2019s Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216)\n\nA memory leak was discovered in the Linux kernel\u2019s Xen netback (network backend) driver. A user in a guest OS could trigger this flaw to cause a denial of service on the system. (CVE-2013-0217)\n\nA flaw was discovered in the Linux kernel Xen PCI backend driver. If a PCI device is assigned to the guest OS, the guest OS could exploit this flaw to cause a denial of service on the host. (CVE-2013-0231)\n\nA flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268)\n\nTommi Rantala discovered a flaw in the a flaw the Linux kernels handling of datagrams packets when the MSG_PEEK flag is specified. An unprivileged local user could exploit this flaw to cause a denial of service (system hang). (CVE-2013-0290)\n\nA flaw was discovered in the Linux kernel\u2019s vhost driver used to accelerate guest networking in KVM based virtual machines. A privileged guest user could exploit this flaw to crash the host system. (CVE-2013-0311)\n\nA flaw was discovered in the Extended Verification Module (EVM) of the Linux kernel. An unprivileged local user code exploit this flaw to cause a denial of service (system crash). (CVE-2013-0313)\n\nAn information leak was discovered in the Linux kernel\u2019s Bluetooth stack when HIDP (Human Interface Device Protocol) support is enabled. A local unprivileged user could exploit this flaw to cause an information leak from the kernel. (CVE-2013-0349)", "modified": "2013-03-18T00:00:00", "published": "2013-03-18T00:00:00", "id": "USN-1768-1", "href": "https://usn.ubuntu.com/1768-1/", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.5, "vector": "AV:A/AC:H/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:06", "bulletinFamily": "unix", "description": "A flaw was found in the Linux kernel\u2019s Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)", "modified": "2012-09-10T00:00:00", "published": "2012-09-10T00:00:00", "id": "USN-1563-1", "href": "https://usn.ubuntu.com/1563-1/", "title": "Linux kernel (Oneiric backport) vulnerability", "type": "ubuntu", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:47", "bulletinFamily": "unix", "description": "A flaw was found in the Linux kernel\u2019s Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)", "modified": "2012-09-05T00:00:00", "published": "2012-09-05T00:00:00", "id": "USN-1554-1", "href": "https://usn.ubuntu.com/1554-1/", "title": "Linux kernel vulnerability", "type": "ubuntu", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:55", "bulletinFamily": "unix", "description": "A flaw was found in the Linux kernel\u2019s Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)", "modified": "2012-09-07T00:00:00", "published": "2012-09-07T00:00:00", "id": "USN-1558-1", "href": "https://usn.ubuntu.com/1558-1/", "title": "Linux kernel (OMAP4) vulnerability", "type": "ubuntu", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1720-1\r\nFebruary 12, 2013\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nIt was discovered that hypervkvpd, which is distributed in the Linux\r\nkernel, was not correctly validating the origin on Netlink messages. An\r\nuntrusted local user can cause a denial of service of Linux guests in\r\nHyper-V virtualization environments. &#40;CVE-2012-2669&#41;\r\n\r\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem\r\nthat can expose stale data. An unprivileged user could exploit this flaw to\r\ncause an information leak. &#40;CVE-2012-4508&#41;\r\n\r\nFlorian Weimer discovered that hypervkvpd, which is distributed in the\r\nLinux kernel, was not correctly validating source addresses of netlink\r\npackets. An untrusted local user can cause a denial of service by causing\r\nhypervkvpd to exit. &#40;CVE-2012-5532&#41;\r\n\r\nAndrew Cooper of Citrix reported a Xen stack corruption in the Linux\r\nkernel. An unprivileged user in a 32bit PVOPS guest can cause the guest\r\nkernel to crash, or operate erroneously. &#40;CVE-2013-0190&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.10:\r\n linux-image-3.0.0-31-generic 3.0.0-31.48\r\n linux-image-3.0.0-31-generic-pae 3.0.0-31.48\r\n linux-image-3.0.0-31-omap 3.0.0-31.48\r\n linux-image-3.0.0-31-powerpc 3.0.0-31.48\r\n linux-image-3.0.0-31-powerpc-smp 3.0.0-31.48\r\n linux-image-3.0.0-31-powerpc64-smp 3.0.0-31.48\r\n linux-image-3.0.0-31-server 3.0.0-31.48\r\n linux-image-3.0.0-31-virtual 3.0.0-31.48\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1720-1\r\n CVE-2012-2669, CVE-2012-4508, CVE-2012-5532, CVE-2013-0190\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.0.0-31.48\r\n\r\n\r\nAttached Message Part\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "modified": "2013-02-14T00:00:00", "published": "2013-02-14T00:00:00", "id": "SECURITYVULNS:DOC:29044", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29044", "title": "[USN-1720-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "description": "Privilege escalation, information leak.", "modified": "2013-03-02T00:00:00", "published": "2013-03-02T00:00:00", "id": "SECURITYVULNS:VULN:12888", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12888", "title": "Linux kernel security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:45:04", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 58046\r\nCVE(CAN) ID: CVE-2013-0309\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\n\u4f7f\u7528pmd_present\u7684VM\u4f1a\u8fd4\u56de\u9519\u8bef\u7684PROT_NONE\u8303\u56f4\u503c\uff0c\u5f53\u4f7f\u7528pmd_present\u7684\u4ee3\u7801\u5f97\u5230\u6f0f\u62a5\u540e\uff0c\u5185\u6838\u4f1a\u5d29\u6e83\uff0c\u672c\u5730\u672a\u6388\u6743\u7528\u6237\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002\n0\nLinux kernel 2.6.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=027ef6c8", "modified": "2013-02-22T00:00:00", "published": "2013-02-22T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60638", "id": "SSV:60638", "title": "Linux Kernel mm: thp: pmd_present\u548cPROT_NONE\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "xen": [{"lastseen": "2016-04-01T21:57:16", "bulletinFamily": "software", "description": "#### ISSUE DESCRIPTION\nxen_failsafe_callback incorrectly sets up its stack if an iret fault is injected by the hypervisor.\n#### IMPACT\nMalicious or buggy unprivileged userspace can cause the guest kernel to crash, or operate erroneously.\n#### VULNERABLE SYSTEMS\nAll 32bit PVOPS versions of Linux are affected, since the introduction of Xen PVOPS support in 2.6.23. Classic-Xen kernels are not vulnerable.\n", "modified": "2013-01-16T14:50:00", "published": "2013-01-16T14:50:00", "href": "http://xenbits.xen.org/xsa/advisory-40.html", "id": "XSA-40", "type": "xen", "title": "Linux stack corruption in xen_failsafe_callback for 32bit PVOPS guests.", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2019-05-29T17:22:27", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nThe xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. \n\n \n**Affected Packages:** \n\n\nkernel,nvidia\n\n \n**Issue Correction:** \nRun _yum update kernel nvidia_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-tools-3.2.37-2.47.amzn1.i686 \n kernel-headers-3.2.37-2.47.amzn1.i686 \n kernel-debuginfo-3.2.37-2.47.amzn1.i686 \n kernel-devel-3.2.37-2.47.amzn1.i686 \n kernel-tools-debuginfo-3.2.37-2.47.amzn1.i686 \n kernel-3.2.37-2.47.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.37-2.47.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.37-2.47.amzn1.noarch \n \n src: \n kernel-3.2.37-2.47.amzn1.src \n nvidia-313.18-2012.09.0.amzn1.src \n \n x86_64: \n kernel-debuginfo-common-x86_64-3.2.37-2.47.amzn1.x86_64 \n kernel-devel-3.2.37-2.47.amzn1.x86_64 \n kernel-3.2.37-2.47.amzn1.x86_64 \n kernel-debuginfo-3.2.37-2.47.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.37-2.47.amzn1.x86_64 \n kernel-headers-3.2.37-2.47.amzn1.x86_64 \n kernel-tools-3.2.37-2.47.amzn1.x86_64 \n nvidia-kmod-3.2.37-2.47.amzn1-313.18-2012.09.0.amzn1.x86_64 \n nvidia-313.18-2012.09.0.amzn1.x86_64 \n \n \n", "modified": "2014-09-15T22:27:00", "published": "2014-09-15T22:27:00", "id": "ALAS-2013-154", "href": "https://alas.aws.amazon.com/ALAS-2013-154.html", "title": "Medium: kernel,nvidia", "type": "amazon", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T22:57:26", "bulletinFamily": "info", "description": "The little-known HanJuan exploit kit is delivering attacks targeting the most recent [Adobe Flash Player zero-day vulnerability](<http://threatpost.com/another-flash-zero-day-emerges/110786>). Adobe has yet to produce a patch for the flaw, which researchers at Trustwave said is a use-after-free vulnerability.\n\nThe flaw is the third to hit Flash in the last two weeks; the previous two have been patched by Adobe. A request to Adobe for comment on a patch for this bug was not returned in time for publication.\n\nAdobe confirmed the vulnerability on Monday affecting Flash version 16.0.0.296 and earlier for Windows. The exploitation technique used against this vulnerability, CVE-2015-0313, is similar to another zero-day exploit being served up in the Angler exploit kit, leading Trustwave to surmise it could be the same group behind both vulnerability discoveries and exploits. That [flaw was patched](<http://threatpost.com/adobe-begins-auto-update-patching-of-second-flash-player-zero-day/110640>) last week.\n\n\u201cThe vulnerability is a use-after-free vulnerability caused by a bug in how Flash handles the FlashCC (previously Flash Alchemy) \u2018fast memory access\u2019 feature (domainMemory), when the last is used by flash Workers (Flash threads),\u201d Trustwave said in its [report](<http://blog.spiderlabs.com/2015/02/a-new-zero-day-of-adobe-flash-cve-2015-0313-exploited-in-the-wild.html>) published yesterday.\n\nFrench researcher Kafeine, who found the Flash exploit in Angler, said there seems to be a strong connection between these exploits and the criminal gang behind Angler, which is also delivering Bedep click-fraud malware, and Reveton ransomware.\n\n\u201cWhy you don\u2019t hear that much about ([HanJuan](<http://www.malwaresigs.com/2013/10/14/unknown-ek/>)) is because the redirection chain has really strong filtering on the traffic to avoid most data centers (researchers using VPNs or virtual private servers to analyze malware and exploits),\u201d Kafeine told Threatpost.\n\nKafeine said the payload delivery is \u201cfileless\u201d and uses similar encryption (Xtea) as the Angler exploit; the exploit is dropping Bedep click-fraud malware, similar to CVE-2015-0311, he added.\n\nBoth this exploit and the CVE-2013-0311 exploit gain access to memory using a heap spray technique, Trustwave said. Trustwave said it was able to reproduce an exploit in its lab, and shared that process in its report.\n\nResearchers said the processes under attack support multi-threading in Flash, and the means in which data and objects are shared in memory. Within Flash, it is possible, Trustwave said, to access process memory using fast memory access, or ActionScript, which is achieved by setting memory data to a predefined ByteArray. Trustwave explained that if that ByteArray is freed by another thread, the domainMemory object will hold a pointer to freed memory.\n\n> The Hanjuan Exploit Kit is delivering exploits against the latest Flash zero day. via @Threatpost\n> \n> [Tweet](<https://twitter.com/share?url=https%3A%2F%2Fthreatpost.com%2Flatest-flash-0day-under-attack-possible-ties-to-group-behind-angler-ek%2F110847%2F&text=The+Hanjuan+Exploit+Kit+is+delivering+exploits+against+the+latest+Flash+zero+day.+via+%40Threatpost>)\n\n\u201cSuch a condition is a security risk and is usually classified as a use-after-free vulnerability. Using the reference to a freed memory area, it is possible to use/access the heap memory block directly,\u201d Trustwave said. \u201cThe exploit uses heap spraying to fill this freed memory with Vector Objects and corrupt the size of a given vector setting it to a very large size. This corrupted Vector will later be used to access the entire memory of the browser process and to gain code execution over the machine.\u201d\n\nAdobe on Monday posted an [advisory](<https://helpx.adobe.com/security/products/flash-player/apsa15-02.html>) on CVE-2015-0313, and said it was being [exploited in drive-by downloads and malvertising attacks](<http://threatpost.com/another-flash-zero-day-emerges/110786>). Some big sites were delivering malicious ads redirecting to the exploits, including DailyMotion, Wowhead, Answers.com, and Engage:BDR, among others. Adobe said attackers\u2019 exploits were targeting Windows 8.1 computers and below running Internet Explorer or Firefox.\n\nThis announcement came on the heels of two other warnings from Adobe regarding zero days in Flash. The more serious of the two was being delivered by the Angler Exploit Kit, and was discovered by Kafeine. That exploit used [multiple layers of obfuscation to hide the exploit](<http://threatpost.com/analysis-of-flash-zero-day-shows-layers-of-obfuscation/110674>) from detection.\n", "modified": "2015-04-13T17:21:31", "published": "2015-02-04T10:03:57", "id": "THREATPOST:598790503ACCB1E7323D4862D42346C2", "href": "https://threatpost.com/latest-flash-0day-under-attack-possible-ties-to-group-behind-angler-ek/110847/", "type": "threatpost", "title": "Third Adobe Flash 0Day Under Attack in HanJuan Exploit Kit", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}