{"id": "RHSA-2014:1143", "hash": "5ad29640bda8d4fbfd8c24c0c18cccfb", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2014:1143) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2014-09-03T04:00:00", "modified": "2017-09-08T12:17:51", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}, "href": "https://access.redhat.com/errata/RHSA-2014:1143", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-3917"], "lastseen": "2019-08-13T18:46:49", "history": [{"bulletin": {"id": "RHSA-2014:1143", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2014:1143) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2014-09-03T04:00:00", "modified": "2016-04-04T18:41:15", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2014:1143", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-3917"], "lastseen": "2016-09-04T11:17:55", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-xen-devel", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-xen-debuginfo", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-debuginfo", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-debug", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-xen-devel", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-debuginfo", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-debug-devel", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-xen-devel", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-kdump-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-kdump-debuginfo", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-headers-2.6.18-371.12.1.el5.i386.rpm", "packageName": "kernel-headers", "arch": "i386", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-debug-debuginfo", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-kdump-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-kdump", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-kdump-devel-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-kdump-devel", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-xen", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-PAE-devel-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-PAE-devel", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-debuginfo-common", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-devel-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-devel", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-debuginfo", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-debuginfo", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-headers", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-debug-debuginfo", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-devel-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-devel", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-debug", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-debug-debuginfo", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-headers", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-debug-debuginfo", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-devel-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-devel", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-headers-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-devel-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-devel", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-PAE-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-PAE", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-headers-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-headers", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-devel-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-xen", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-debuginfo", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-debuginfo-common", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "packageName": "kernel-debug-debuginfo", "arch": "x86_64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-debug-devel", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-debuginfo-common", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ppc.rpm", "packageName": "kernel-headers", "arch": "ppc", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-debuginfo-common", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-kdump-devel-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-kdump-devel", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-debug", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-PAE-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-PAE-debuginfo", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-kdump-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-kdump", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-kdump-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "packageName": "kernel-kdump-debuginfo", "arch": "s390x", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.ppc64.rpm", "packageName": "kernel-debug-devel", "arch": "ppc64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-xen-debuginfo", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-debug-devel", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-xen-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-xen", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.ia64.rpm", "packageName": "kernel-debuginfo-common", "arch": "ia64", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-2.6.18-371.12.1.el5.src.rpm", "packageName": "kernel", "arch": "src", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-debug-2.6.18-371.12.1.el5.i686.rpm", "packageName": "kernel-debug", "arch": "i686", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}, {"packageFilename": "kernel-doc-2.6.18-371.12.1.el5.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "packageVersion": "2.6.18-371.12.1.el5", "OSVersion": "5", "OS": "RedHat", "operator": "lt"}]}, "lastseen": "2016-09-04T11:17:55", "differentElements": ["affectedPackage", "modified"], "edition": 1}, {"bulletin": {"id": "RHSA-2014:1143", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2014:1143) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2014-09-03T04:00:00", "modified": "2017-07-28T19:30:49", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2014:1143", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-3917"], "lastseen": "2017-08-02T22:58:21", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-debuginfo", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-PAE-debuginfo", "packageFilename": "kernel-PAE-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo-common", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}]}, "lastseen": "2017-08-02T22:58:21", "differentElements": ["affectedPackage", "modified"], "edition": 2}, {"bulletin": {"id": "RHSA-2014:1143", "hash": "c21c56fc444ed421f303bec9cc2507b5", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2014:1143) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2014-09-03T04:00:00", "modified": "2017-09-08T12:17:51", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2014:1143", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-3917"], "lastseen": "2017-09-09T07:19:23", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-debuginfo", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-PAE-debuginfo", "packageFilename": "kernel-PAE-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo-common", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel", "packageFilename": "kernel-2.6.18-371.12.1.el5.src.rpm", "arch": "src", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-debuginfo", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo-common", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.18-371.12.1.el5.noarch.rpm", "arch": "noarch", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-PAE", "packageFilename": "kernel-PAE-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-PAE-devel", "packageFilename": "kernel-PAE-devel-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel", "packageFilename": "kernel-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.i686.rpm", "arch": "i686", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.i386.rpm", "arch": "i386", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel", "packageFilename": "kernel-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-kdump-debuginfo", "packageFilename": "kernel-kdump-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo-common", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-kdump-devel", "packageFilename": "kernel-kdump-devel-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel", "packageFilename": "kernel-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ppc64.rpm", "arch": "ppc64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ppc.rpm", "arch": "ppc", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-kdump-debuginfo", "packageFilename": "kernel-kdump-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo-common", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-kdump", "packageFilename": "kernel-kdump-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-kdump-devel", "packageFilename": "kernel-kdump-devel-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel", "packageFilename": "kernel-2.6.18-371.12.1.el5.s390x.rpm", "arch": "s390x", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-debuginfo", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo-common", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debuginfo", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-debuginfo", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel", "packageFilename": "kernel-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}, {"packageVersion": "2.6.18-371.12.1.el5", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ia64.rpm", "arch": "ia64", "operator": "lt", "OSVersion": "5", "OS": "RedHat"}]}, "lastseen": "2017-09-09T07:19:23", "differentElements": ["affectedPackage"], "edition": 3}, {"bulletin": {"id": "RHSA-2014:1143", "hash": "c6c569b3fece010248bf5479b71663a6", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2014:1143) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2014-09-03T04:00:00", "modified": "2017-09-08T12:17:51", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2014:1143", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-3917"], "lastseen": "2018-12-11T17:45:40", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-3917"]}, {"type": "f5", "idList": ["SOL15680", "F5:K15680"]}, {"type": "centos", "idList": ["CESA-2014:1143", "CESA-2014:1281", "CESA-2014:1167"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-3072", "ELSA-2014-3074", "ELSA-2014-1143-1", "ELSA-2014-1143", "ELSA-2014-3073", "ELSA-2014-1281", "ELSA-2014-1167"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123315", "OPENVAS:1361412562310871236", "OPENVAS:1361412562310881997", "OPENVAS:1361412562310882026", "OPENVAS:1361412562310123320", "OPENVAS:1361412562310123319", "OPENVAS:1361412562310841929", "OPENVAS:1361412562310123305", "OPENVAS:1361412562310871247", "OPENVAS:1361412562310841930"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2014-1143.NASL", "ORACLELINUX_ELSA-2014-1143-1.NASL", "FEDORA_2014-7033.NASL", "UBUNTU_USN-2314-1.NASL", "REDHAT-RHSA-2014-1143.NASL", "REDHAT-RHSA-2014-1281.NASL", "ORACLELINUX_ELSA-2014-3074.NASL", "SL_20140903_KERNEL_ON_SL5_X.NASL", "CENTOS_RHSA-2014-1143.NASL", "ORACLELINUX_ELSA-2014-3072.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13816", "SECURITYVULNS:DOC:30929"]}, {"type": "ubuntu", "idList": ["USN-2314-1", "USN-2313-1", "USN-2281-1", "USN-2282-1", "USN-2287-1", "USN-2289-1", "USN-2285-1", "USN-2286-1", "USN-2334-1", "USN-2335-1"]}, {"type": "redhat", "idList": ["RHSA-2014:1281", "RHSA-2014:1167", "RHSA-2014:0913", "RHSA-2014:1168"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0985-1", "OPENSUSE-SU-2014:0957-1", "SUSE-SU-2014:1138-1", "SUSE-SU-2014:0908-1", "SUSE-SU-2014:0910-1", "SUSE-SU-2014:0912-1"]}], "modified": "2018-12-11T17:45:40"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T17:45:40", "differentElements": ["cvss"], "edition": 4}, {"bulletin": {"id": "RHSA-2014:1143", "hash": "8ee1881f4e3f94cfdba01beb2d8cc6db", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2014:1143) Moderate: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "published": "2014-09-03T04:00:00", "modified": "2017-09-08T12:17:51", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}, "href": "https://access.redhat.com/errata/RHSA-2014:1143", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2014-3917"], "lastseen": "2019-05-29T14:34:23", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2019-05-29T14:34:23"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-3917"]}, {"type": "f5", "idList": ["SOL15680", "F5:K15680"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1143", "ELSA-2014-1143-1", "ELSA-2014-3074", "ELSA-2014-3072", "ELSA-2014-3073", "ELSA-2014-1281", "ELSA-2014-1167"]}, {"type": "ubuntu", "idList": ["USN-2314-1", "USN-2313-1", "USN-2281-1", "USN-2282-1", "USN-2287-1", "USN-2285-1", "USN-2289-1", "USN-2286-1", "USN-2335-1", "USN-2334-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13816", "SECURITYVULNS:DOC:30929"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881997", "OPENVAS:1361412562310882026", "OPENVAS:1361412562310123315", "OPENVAS:1361412562310871236", "OPENVAS:1361412562310123314", "OPENVAS:1361412562310871247", "OPENVAS:1361412562310841929", "OPENVAS:1361412562310123320", "OPENVAS:1361412562310841930", "OPENVAS:1361412562310123319"]}, {"type": "nessus", "idList": ["SL_20140903_KERNEL_ON_SL5_X.NASL", "ORACLELINUX_ELSA-2014-3074.NASL", "CENTOS_RHSA-2014-1143.NASL", "REDHAT-RHSA-2014-1281.NASL", "REDHAT-RHSA-2014-1143.NASL", "UBUNTU_USN-2314-1.NASL", "ORACLELINUX_ELSA-2014-1143.NASL", "FEDORA_2014-7033.NASL", "ORACLELINUX_ELSA-2014-1143-1.NASL", "ORACLELINUX_ELSA-2014-1281.NASL"]}, {"type": "centos", "idList": ["CESA-2014:1143", "CESA-2014:1281", "CESA-2014:1167"]}, {"type": "redhat", "idList": ["RHSA-2014:1281", "RHSA-2014:1167", "RHSA-2014:0913", "RHSA-2014:1168"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0957-1", "OPENSUSE-SU-2014:0985-1", "SUSE-SU-2014:1138-1", "SUSE-SU-2014:0909-1", "SUSE-SU-2014:0908-1"]}], "modified": "2019-05-29T14:34:23"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}]}, "lastseen": "2019-05-29T14:34:23", "differentElements": ["affectedPackage"], "edition": 5}], "viewCount": 6, "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2019-08-13T18:46:49", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-3917"]}, {"type": "f5", "idList": ["SOL15680", "F5:K15680"]}, {"type": "ubuntu", "idList": ["USN-2313-1", "USN-2286-1", "USN-2287-1", "USN-2281-1", "USN-2285-1", "USN-2314-1", "USN-2282-1", "USN-2335-1", "USN-2334-1", "USN-2289-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1167", "ELSA-2014-1281", "ELSA-2014-1143-1", "ELSA-2014-1143", "ELSA-2014-3072", "ELSA-2014-3074", "ELSA-2014-3073"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30929", "SECURITYVULNS:VULN:13816"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123319", "OPENVAS:1361412562310871236", "OPENVAS:1361412562310871247", "OPENVAS:1361412562310123305", "OPENVAS:1361412562310123320", "OPENVAS:1361412562310123314", "OPENVAS:1361412562310881997", "OPENVAS:1361412562310841930", "OPENVAS:1361412562310882026", "OPENVAS:1361412562310123315"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2014-1143.NASL", "ORACLELINUX_ELSA-2014-1143-1.NASL", "REDHAT-RHSA-2014-1143.NASL", "SL_20140903_KERNEL_ON_SL5_X.NASL", "ORACLELINUX_ELSA-2014-3074.NASL", "REDHAT-RHSA-2014-1281.NASL", "CENTOS_RHSA-2014-1143.NASL", "FEDORA_2014-7033.NASL", "UBUNTU_USN-2314-1.NASL", "UBUNTU_USN-2313-1.NASL"]}, {"type": "centos", "idList": ["CESA-2014:1281", "CESA-2014:1167", "CESA-2014:1143"]}, {"type": "redhat", "idList": ["RHSA-2014:0913", "RHSA-2014:1281", "RHSA-2014:1167", "RHSA-2014:1168"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0985-1", "SUSE-SU-2014:0908-1", "OPENSUSE-SU-2014:0957-1", "SUSE-SU-2014:1138-1"]}], "modified": "2019-08-13T18:46:49", "rev": 2}, "vulnersScore": 6.2}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-headers", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "noarch", "packageName": "kernel-doc", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-doc-2.6.18-371.12.1.el5.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debug", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debuginfo-common", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debuginfo-common", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debuginfo-common", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-headers", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-PAE", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-PAE-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc", "packageName": "kernel-headers", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "kernel-headers", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-xen-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-xen-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-kdump-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-kdump-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-kdump-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-kdump-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-xen", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-headers", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-kdump-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-kdump-devel-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debug-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-headers", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-headers-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debug", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debug", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debug", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-xen-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debuginfo-common", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-xen", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-PAE-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-PAE-debuginfo-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-debuginfo-common", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-common-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debug", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-xen-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-devel-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "src", "packageName": "kernel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-2.6.18-371.12.1.el5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-xen-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-xen-debuginfo-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-debug-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debug-devel-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-kdump", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-kdump-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-kdump", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-kdump-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-debuginfo", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-debuginfo-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel-kdump-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-kdump-devel-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ppc64", "packageName": "kernel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-2.6.18-371.12.1.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "kernel-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i686", "packageName": "kernel-PAE-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-PAE-devel-2.6.18-371.12.1.el5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "s390x", "packageName": "kernel-devel", "packageVersion": "2.6.18-371.12.1.el5", "packageFilename": "kernel-devel-2.6.18-371.12.1.el5.s390x.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:13:46", "bulletinFamily": "NVD", "description": "kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.", "modified": "2019-04-22T17:48:00", "id": "CVE-2014-3917", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3917", "published": "2014-06-05T17:55:00", "title": "CVE-2014-3917", "type": "cve", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}], "f5": [{"lastseen": "2016-09-26T17:23:27", "bulletinFamily": "software", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2015-09-17T00:00:00", "published": "2014-10-09T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15680.html", "id": "SOL15680", "title": "SOL15680 - Linux kernel vulnerabilities CVE-2014-3917, CVE-2014-0205 and CVE-2014-4667", "type": "f5", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-12T02:11:16", "bulletinFamily": "software", "description": "Description \n\n\n * [CVE-2014-3917](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3917>)\n\nkernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.\n\n * [CVE-2014-0205](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0205>)\n\nThe futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count. \n \n**Note**: To be a local user, you must authenticate and gain some shell access to attack the BIG-IP system with this. To have that capability, an admin, root, or customized user role is necessary to gain shell access. There is no known impact to the Traffic Management Microkernel (TMM) other than an attacker crashing the system by issuing the command **rm -rf /boot/*; reboot**. The risk of exploitation is LOW given the conditions required. \n\n\n * [CVE-2014-4667](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4667>)\n\nThe sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. \n \n**Note**: SCTP is not impacted on the data plane. This only impacts the control plane (non-TMM related tasks) and only if the SCTP kernel module is loaded. The SCTP kernel is not loaded by default. An attacker cannot control loading of the SCTP kernel module.\n\nImpact \n\n\nThese vulnerabilities may cause disruption of service, unauthorized disclosure of information, and unauthorized modification. \n\n\nStatus\n\nF5 Product Development has assigned ID 479429 (BIG-IP), ID 480424 (BIG-IQ), ID 480425 (Enterprise Manager) and ID 461496 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4 | 12.0.0 | Linux kernel \nBIG-IP AAM | 11.4.0 - 11.6.0 | 12.0.0 | Linux kernel \nBIG-IP AFM | 11.3.0 - 11.6.0 | 12.0.0 | Linux kernel \nBIG-IP Analytics | 11.0.0 - 11.6.0 | 12.0.0 | Linux kernel \nBIG-IP APM | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | 12.0.0 | Linux kernel \nBIG-IP ASM | 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4 | 12.0.0 | Linux kernel \nBIG-IP DNS | None | 12.0.0 | None \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Linux kernel \nBIG-IP GTM | 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4 | None | Linux kernel \nBIG-IP Link Controller | 11.0.0 - 11.6.0 \n10.0.0 - 10.2.4 | 12.0.0 | Linux kernel \nBIG-IP PEM | 11.3.0 - 11.6.0 | 12.0.0 | Linux kernel \nBIG-IP PSM | 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4 | None | Linux kernel \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None | Linux kernel \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4 | None | Linux kernel \nARX | 6.0.0 - 6.4.0 | None | Linux kernel \nEnterprise Manager | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | None | Linux kernel \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | None \nBIG-IQ Cloud | 4.0.0 - 4.4.0 | None | Linux kernel \nBIG-IQ Device | 4.2.0 - 4.4.0 | None | Linux kernel \nBIG-IQ Security | 4.0.0 - 4.4.0 | None | Linux kernel \nLineRate | None | 2.4.0 - 2.4.1 \n2.2.0 - 2.2.5 \n1.6.0 - 1.6.4 | None \n \nRecommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nSupplemental Information\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2016-01-09T02:19:00", "published": "2014-10-09T22:11:00", "href": "https://support.f5.com/csp/article/K15680", "id": "F5:K15680", "title": "Linux kernel vulnerabilities CVE-2014-3917, CVE-2014-0205 and CVE-2014-4667", "type": "f5", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2019-05-29T17:22:18", "bulletinFamily": "unix", "description": "An flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS).", "modified": "2014-08-13T00:00:00", "published": "2014-08-13T00:00:00", "id": "USN-2314-1", "href": "https://usn.ubuntu.com/2314-1/", "title": "Linux kernel vulnerability", "type": "ubuntu", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T17:23:19", "bulletinFamily": "unix", "description": "An flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS).", "modified": "2014-08-13T00:00:00", "published": "2014-08-13T00:00:00", "id": "USN-2313-1", "href": "https://usn.ubuntu.com/2313-1/", "title": "Linux kernel (Trusty HWE) vulnerability", "type": "ubuntu", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T17:23:03", "bulletinFamily": "unix", "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)", "modified": "2014-07-16T00:00:00", "published": "2014-07-16T00:00:00", "id": "USN-2282-1", "href": "https://usn.ubuntu.com/2282-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:36", "bulletinFamily": "unix", "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)", "modified": "2014-07-16T00:00:00", "published": "2014-07-16T00:00:00", "id": "USN-2281-1", "href": "https://usn.ubuntu.com/2281-1/", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:02", "bulletinFamily": "unix", "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux kernel\u2019s implementation of the LZ4 decompression algorithm, when used by code not complying with API limitations. An attacker could exploit this flaw to cause a denial of service (memory corruption) or possibly other unspecified impact. (CVE-2014-4611)", "modified": "2014-07-17T00:00:00", "published": "2014-07-17T00:00:00", "id": "USN-2287-1", "href": "https://usn.ubuntu.com/2287-1/", "title": "Linux kernel (Saucy HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:49", "bulletinFamily": "unix", "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nSalva Peir\u00c3\u00b3 discovered an information leak in the Linux kernel\u2019s media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nAn information leak was discovered in the rd_mcp backend of the iSCSI target subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. (CVE-2014-4027)", "modified": "2014-07-17T00:00:00", "published": "2014-07-17T00:00:00", "id": "USN-2285-1", "href": "https://usn.ubuntu.com/2285-1/", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T19:22:10", "bulletinFamily": "unix", "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nDon Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608)\n\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux kernel\u2019s implementation of the LZ4 decompression algorithm, when used by code not complying with API limitations. An attacker could exploit this flaw to cause a denial of service (memory corruption) or possibly other unspecified impact. (CVE-2014-4611)", "modified": "2014-07-17T00:00:00", "published": "2014-07-17T00:00:00", "id": "USN-2289-1", "href": "https://usn.ubuntu.com/2289-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:00", "bulletinFamily": "unix", "description": "Sasha Levin reported a flaw in the Linux kernel\u2019s point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. (CVE-2014-4943)\n\nMichael S. Tsirkin discovered an information leak in the Linux kernel\u2019s segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. (CVE-2014-0131)\n\nSalva Peir\u00c3\u00b3 discovered an information leak in the Linux kernel\u2019s media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-1739)\n\nA bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3144)\n\nA remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. (CVE-2014-3145)\n\nAn flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nA flaw was discovered in the Linux kernel\u2019s implementation of user namespaces with respect to inode permissions. A local user could exploit this flaw by creating a user namespace to gain administrative privileges. (CVE-2014-4014)\n\nDon Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608)", "modified": "2014-07-17T00:00:00", "published": "2014-07-17T00:00:00", "id": "USN-2286-1", "href": "https://usn.ubuntu.com/2286-1/", "title": "Linux kernel (Raring HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:13", "bulletinFamily": "unix", "description": "An flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nAn information leak was discovered in the rd_mcp backend of the iSCSI target subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. (CVE-2014-4027)\n\nSasha Levin reported an issue with the Linux kernel\u2019s shared memory subsystem when used with range notifications and hole punching. A local user could exploit this flaw to cause a denial of service. (CVE-2014-4171)\n\nToralf F\u00c3\u00b6rster reported an error in the Linux kernels syscall auditing on 32 bit x86 platforms. A local user could exploit this flaw to cause a denial of service (OOPS and system crash). (CVE-2014-4508)\n\nAn information leak was discovered in the control implemenation of the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-4652)\n\nA use-after-free flaw was discovered in the Advanced Linux Sound Architecture (ALSA) control implementation of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-4653)\n\nA authorization bug was discovered with the snd_ctl_elem_add function of the Advanced Linux Sound Architecture (ALSA) in the Linux kernel. A local user could exploit his bug to cause a denial of service (remove kernel controls). (CVE-2014-4654)\n\nA flaw discovered in how the snd_ctl_elem function of the Advanced Linux Sound Architecture (ALSA) handled a reference count. A local user could exploit this flaw to cause a denial of service (integer overflow and limit bypass). (CVE-2014-4655)\n\nAn integer overflow flaw was discovered in the control implementation of the Advanced Linux Sound Architecture (ALSA). A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-4656)\n\nAn integer underflow flaw was discovered in the Linux kernel\u2019s handling of the backlog value for certain SCTP packets. A remote attacker could exploit this flaw to cause a denial of service (socket outage) via a crafted SCTP packet. (CVE-2014-4667)\n\nJason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). (CVE-2014-5077)", "modified": "2014-09-02T00:00:00", "published": "2014-09-02T00:00:00", "id": "USN-2334-1", "href": "https://usn.ubuntu.com/2334-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.6, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2019-05-29T19:21:51", "bulletinFamily": "unix", "description": "An flaw was discovered in the Linux kernel\u2019s audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917)\n\nAn information leak was discovered in the rd_mcp backend of the iSCSI target subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. (CVE-2014-4027)\n\nSasha Levin reported an issue with the Linux kernel\u2019s shared memory subsystem when used with range notifications and hole punching. A local user could exploit this flaw to cause a denial of service. (CVE-2014-4171)\n\nAn information leak was discovered in the control implemenation of the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2014-4652)\n\nA use-after-free flaw was discovered in the Advanced Linux Sound Architecture (ALSA) control implementation of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-4653)\n\nA authorization bug was discovered with the snd_ctl_elem_add function of the Advanced Linux Sound Architecture (ALSA) in the Linux kernel. A local user could exploit his bug to cause a denial of service (remove kernel controls). (CVE-2014-4654)\n\nA flaw discovered in how the snd_ctl_elem function of the Advanced Linux Sound Architecture (ALSA) handled a reference count. A local user could exploit this flaw to cause a denial of service (integer overflow and limit bypass). (CVE-2014-4655)\n\nAn integer overflow flaw was discovered in the control implementation of the Advanced Linux Sound Architecture (ALSA). A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-4656)\n\nAn integer underflow flaw was discovered in the Linux kernel\u2019s handling of the backlog value for certain SCTP packets. A remote attacker could exploit this flaw to cause a denial of service (socket outage) via a crafted SCTP packet. (CVE-2014-4667)\n\nJason Gunthorpe reported a flaw with SCTP authentication in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service (NULL pointer dereference and OOPS). (CVE-2014-5077)", "modified": "2014-09-02T00:00:00", "published": "2014-09-02T00:00:00", "id": "USN-2335-1", "href": "https://usn.ubuntu.com/2335-1/", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.6, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:03", "bulletinFamily": "unix", "description": "kernel\n[2.6.18-371.12.1]\n- [audit] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102702 1102703] {CVE-2014-3917}\n- [mm] writeback: Fix hang when low on memory due to NFS traffic (Larry Woodman) [1125246 1080194]\n- [net] tg3: Fix Read DMA workaround for 5719 A0 (Ivan Vecera) [1121017 924590]\n- [fs] jbd: don't wake kjournald unnecessarily (Denys Vlasenko) [1116027 1081785]\n- [fs] jbd: don't wait (forever) for stale tid caused by wraparound (Denys Vlasenko) [1116027 1081785]\n- [fs] ext4: fix waiting and sending of barrier in ext4_sync_file() (Denys Vlasenko) [1116027 1081785]\n- [fs] jbd2: Add function jbd2_trans_will_send_data_barrier() (Denys Vlasenko) [1116027 1081785]\n- [fs] jbd2: fix sending of data flush on journal commit (Denys Vlasenko) [1116027 1081785]\n- [fs] ext4, jbd2: Add barriers for file systems with ext journals (Denys Vlasenko) [1116027 1081785]\n- [fs] jbd: fix fsync() tid wraparound bug (Denys Vlasenko) [1116027 1081785]\n- [fs] ext4: fix fdatasync() for files with only i_size changes (Eric Sandeen) [1117665 1102768]", "modified": "2014-09-04T00:00:00", "published": "2014-09-04T00:00:00", "id": "ELSA-2014-1143", "href": "http://linux.oracle.com/errata/ELSA-2014-1143.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:12", "bulletinFamily": "unix", "description": "[2.6.39-400.215.10]\n- auditsc: audit_krule mask accesses need bounds checking (Andy Lutomirski) [Orabug: 19590597] {CVE-2014-3917}\n[2.6.39-400.215.9]\n- oracleasm: Add support for new error return codes from block/SCSI (Martin K. Petersen) [Orabug: 18438934]\n[2.6.39-400.215.8]\n- ib_ipoib: CSUM support in connected mode (Yuval Shaia) [Orabug: 18692878] \n- net: Reduce high cpu usage in bonding driver by do_csum (Venkat Venkatsubra) [Orabug: 18141731] \n- [random] Partially revert 6d7c7e49: random: make 'add_interrupt_randomness() (John Sobecki) [Orabug: 17740293] \n- oracleasm: claim FMODE_EXCL access on disk during asm_open (Srinivas Eeda) [Orabug: 19453460] \n- notify block layer when using temporary change to cache_type (Vaughan Cao) [Orabug: 19448451] \n- sd: Fix parsing of 'temporary ' cache mode prefix (Ben Hutchings) [Orabug: 19448451] \n- sd: fix array cache flushing bug causing performance problems (James Bottomley) [Orabug: 19448451] \n- block: fix max discard sectors limit (James Bottomley) [Orabug: 18961244] \n- xen-netback: fix deadlock in high memory pressure (Junxiao Bi) [Orabug: 18959416] \n- sdp: fix keepalive functionality (shamir rabinovitch) [Orabug: 18728784] \n- SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() (Steven Rostedt) [Orabug: 18552029] \n- refcount: take rw_lock in ocfs2_reflink (Wengang Wang) [Orabug: 18406219] \n- ipv6: check return value for dst_alloc (Madalin Bucur) [Orabug: 17865160] \n- cciss: bug fix to prevent cciss from loading in kdump crash kernel (Mike Miller) [Orabug: 17740446] \n- configfs: fix race between dentry put and lookup (Junxiao Bi) [Orabug: 17627075]", "modified": "2014-09-10T00:00:00", "published": "2014-09-10T00:00:00", "id": "ELSA-2014-3074", "href": "http://linux.oracle.com/errata/ELSA-2014-3074.html", "title": "unbreakable enterprise kernel security bug fix update", "type": "oraclelinux", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:03", "bulletinFamily": "unix", "description": "kernel\n[2.6.18-371.12.1.0.1]\n- ocfs2: dlm: fix recovery hung (Junxiao Bi) [orabug 13956772]\n- i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]", "modified": "2014-09-04T00:00:00", "published": "2014-09-04T00:00:00", "id": "ELSA-2014-1143-1", "href": "http://linux.oracle.com/errata/ELSA-2014-1143-1.html", "title": "1 ", "type": "oraclelinux", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:55", "bulletinFamily": "unix", "description": "[3.8.13-44.1.1]\n- auditsc: audit_krule mask accesses need bounds checking (Andy Lutomirski) [Orabug: 19590596] {CVE-2014-3917}", "modified": "2014-09-10T00:00:00", "published": "2014-09-10T00:00:00", "id": "ELSA-2014-3072", "href": "http://linux.oracle.com/errata/ELSA-2014-3072.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "unix", "description": "kernel-uek\n[2.6.32-400.36.8uek]\n- auditsc: audit_krule mask accesses need bounds checking (Andy Lutomirski) [Orabug: 19590638] {CVE-2014-3917}\n- futex: Fix errors in nested key ref-counting (Darren Hart) [Orabug: 19590443] {CVE-2014-0205}", "modified": "2014-09-10T00:00:00", "published": "2014-09-10T00:00:00", "id": "ELSA-2014-3073", "href": "http://linux.oracle.com/errata/ELSA-2014-3073.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:38", "bulletinFamily": "unix", "description": "[3.10.0-123.8.1]\n- Oracle Linux certificates (Alexey Petrenko)\n[3.10.0-123.8.1]\n- [scsi] fnic: fix broken FIP discovery by initializing multicast address (Chris Leech) [1119727 1100078]\n- [scsi] libfcoe: Make fcoe_sysfs optional / fix fnic NULL exception (Chris Leech) [1119727 1100078]\n- [fs] nfs: Don't mark the data cache as invalid if it has been flushed (Scott Mayhew) [1115817 1114054]\n- [fs] nfs: Clear NFS_INO_REVAL_PAGECACHE when we update the file size (Scott Mayhew) [1115817 1114054]\n- [fs] nfs: Fix cache_validity check in nfs_write_pageuptodate() (Scott Mayhew) [1115817 1114054]\n- [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (David Gibson) [1122115 1081671]\n- [kernel] hrtimer: Prevent all reprogramming if hang detected (Prarit Bhargava) [1113175 1094732]\n[3.10.0-123.7.1]\n- [scsi] set DID_TIME_OUT correctly (Ewan Milne) [1122575 1103881]\n- [scsi] fix invalid setting of host byte (Ewan Milne) [1122575 1103881]\n- [scsi] More USB deadlock fixes (Ewan Milne) [1122575 1103881]\n- [scsi] Fix USB deadlock caused by SCSI error handling (Ewan Milne) [1122575 1103881]\n- [scsi] Fix command result state propagation (Ewan Milne) [1122575 1103881]\n- [scsi] Fix spurious request sense in error handling (Ewan Milne) [1122575 1103881]\n- [input] synaptics: fix resolution for manually provided min/max (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: change min/max quirk table to pnp-id matching (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add a matches_pnp_id helper function (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: T540p - unify with other LEN0034 models (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add min/max quirk for the ThinkPad W540 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add min/max quirk for ThinkPad Edge E431 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add min/max quirk for ThinkPad T431s, L440, L540, S1 Yoga and X1 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: report INPUT_PROP_TOPBUTTONPAD property (Benjamin Tissoires) [1122559 1093449]\n- [input] Add INPUT_PROP_TOPBUTTONPAD device property (Benjamin Tissoires) [1122559 1093449]\n- [input] i8042: add firmware_id support (Benjamin Tissoires) [1122559 1093449]\n- [input] serio: add firmware_id sysfs attribute (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add manual min/max quirk for ThinkPad X240 (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: add manual min/max quirk (Benjamin Tissoires) [1122559 1093449]\n- [input] synaptics: fix incorrect placement of __initconst (Benjamin Tissoires) [1122559 1093449]\n- [ethernet] be2net: Fix invocation of be_close() after be_clear() (Ivan Vecera) [1122558 1066644]\n- [ethernet] be2net: enable interrupts in EEH resume (Ivan Vecera) [1121712 1076682]\n- [ethernet] sfc: PIO:Restrict to 64bit arch and use 64-bit writes (Nikolay Aleksandrov) [1119725 1089024]\n- [kernel] ftrace: Hardcode ftrace_module_init() call into load_module() (Takahiro MUNEDA) [1119721 1061553]\n- [kernel] trace: Make register/unregister_ftrace_command __init (Takahiro MUNEDA) [1119721 1061553]\n- [block] nvme: Initialize device reference count earlier (David Milburn) [1119720 1081734]\n- [ata] ahci: accommodate tag ordered controller (David Milburn) [1117154 1083746]\n- [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1115585 1109703]\n- [s390] af_iucv: correct cleanup if listen backlog is full (Hendrik Brueckner) [1115584 1109033]\n- [mm] Revert: vmscan: do not swap anon pages just because free+file is low (Johannes Weiner) [1114938 1102991]\n- [drm] nouveau/bios: fix a bit shift error introduced by recent commit (Ulrich Obergfell) [1114869 1089936]\n- [ethernet] bnx2x: Adapter not recovery from EEH error injection (Michal Schmidt) [1107722 1067154]\n- [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102708 1102710] {CVE-2014-3917}\n- [block] mtip32xx: mtip_async_complete() bug fixes (Jeff Moyer) [1125776 1102281]\n- [block] mtip32xx: Unmap the DMA segments before completing the IO request (Jeff Moyer) [1125776 1102281]\n- [net] l2tp: don't fall back on UDP [get|set]sockopt (Petr Matousek) [1119465 1119466] {CVE-2014-4943}\n- [s390] ptrace: correct insufficient sanitization when setting psw mask (Hendrik Brueckner) [1114090 1113673] {CVE-2014-3534}", "modified": "2014-09-22T00:00:00", "published": "2014-09-22T00:00:00", "id": "ELSA-2014-1281", "href": "http://linux.oracle.com/errata/ELSA-2014-1281.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:04", "bulletinFamily": "unix", "description": "[2.6.32-431.29.2]\n- [kernel] futex: Fix errors in nested key ref-counting (Denys Vlasenko) [1094457 1094458] {CVE-2014-0205}\n- [net] vxlan: fix NULL pointer dereference (Jiri Benc) [1114549 1096351] {CVE-2014-3535}\n[2.6.32-431.29.1]\n- [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (Gustavo Duarte) [1118782 1086450]\n- [security] keys: Increase root_maxkeys and root_maxbytes sizes (Steve Dickson) [1115542 1113607]\n- [fs] lockd: Ensure that nlmclnt_block resets block->b_status after a server reboot (Steve Dickson) [1110180 959006]\n- [net] filter: add vlan tag access (Jiri Benc) [1108526 1082097]\n- [net] filter: add XOR operation (Jiri Benc) [1108526 1082097]\n- [net] filter: add SKF_AD_RXHASH and SKF_AD_CPU (Jiri Benc) [1108526 1082097]\n- [net] filter: Socket filter ancilliary data access for skb->dev->type (Jiri Benc) [1108526 1082097]\n- [net] filter: Add SKF_AD_QUEUE instruction (Jiri Benc) [1108526 1082097]\n- [net] filter: ingress socket filter by mark (Jiri Benc) [1108526 1082097]\n- [netdrv] bonding: look for bridge IPs in arp monitoring (Veaceslav Falico) [1102794 704190]\n- [s390] af_iucv: wrong mapping of sent and confirmed skbs (Hendrik Brueckner) [1112390 1102248]\n- [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1112390 1102248]\n- [s390] af_iucv: fix recvmsg by replacing skb_pull() function (Hendrik Brueckner) [1112390 1102248]\n- [s390] kernel: avoid page table walk on user space access (Hendrik Brueckner) [1111194 1099146]\n- [s390] qeth: postpone freeing of qdio memory (Hendrik Brueckner) [1112134 1094379]\n- [s390] qeth: Fix retry logic in hardsetup (Hendrik Brueckner) [1112134 1094379]\n- [s390] qeth: Recognize return codes of ccw_device_set_online (Hendrik Brueckner) [1112134 1094379]\n- [s390] qdio: remove API wrappers (Hendrik Brueckner) [1112134 1094379]\n- [scsi] Ensure medium access timeout counter resets (David Jeffery) [1117153 1036884]\n- [scsi] Fix error handling when no ULD is attached (David Jeffery) [1117153 1036884]\n- [scsi] Handle disk devices which can not process medium access commands (David Jeffery) [1117153 1036884]\n- [fs] nfs: Fix calls to drop_nlink() (Steve Dickson) [1099607 1093819]\n- [mm] swap: do not skip lowest_bit in scan_swap_map() scan loop (Rafael Aquini) [1099728 1060886]\n- [mm] swap: fix shmem swapping when more than 8 areas (Rafael Aquini) [1099728 1060886]\n- [mm] swap: fix swapon size off-by-one (Rafael Aquini) [1099728 1060886]\n- [md] avoid deadlock when dirty buffers during md_stop (Jes Sorensen) [1121541 994724]\n- [x86] hyperv: bypass the timer_irq_works() check (Jason Wang) [1112226 1040349]\n[2.6.32-431.28.1]\n- [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102704 1102705] {CVE-2014-3917}\n- [net] ipv4: fix route cache rebuilds (Jiri Pirko) [1113824 1111631]\n- [fs] nfsd: notify_change needs elevated write count (Mateusz Guzik) [1110177 1105057]\n- [fs] nfsv4: close needs to handle NFS4ERR_ADMIN_REVOKED (Dave Wysochanski) [1096397 1082127]\n- [fs] pipe: skip file_update_time on frozen fs (Eric Sandeen) [1114405 1093077]\n- [fs] nfs: Fail the truncate() if the lock/open stateid is invalid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Servers should only check SETATTR stateid open mode on size change (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Fail data server I/O if stateid represents a lost lock (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Fix the return value of nfs4_select_rw_stateid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Use the open stateid if the delegation has the wrong mode (Steve Dickson) [1090613 1075123]\n- [fs] nfs: nfs4_stateid_is_current should return 'true' for an invalid stateid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: fix error return in nfs4_select_rw_stateid (Steve Dickson) [1090613 1075123]\n- [fs] nfs: Document the recover_lost_locks kernel parameter (Jeff Layton) [1089359 963785]\n- [fs] nfs: Don't try to recover NFSv4 locks when they are lost (Jeff Layton) [1089359 963785]\n- [fs] nfs: Fix handling of partially delegated locks (Jeff Layton) [1120074 959788]\n- [fs] nfs: Convert the nfs4_lock_state->ls_flags to a bit field (Jeff Layton) [1120074 959788]\n- [x86] Optimize switch_mm() for multi-threaded workloads (Rik van Riel) [1115821 991518]\n- [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943}\n- [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699}\n[2.6.32-431.27.1]\n- [scsi] fix performance regression due to inverted blk_get_queue return (Mike Snitzer) [1117582 1098658]\n- [net] openvswitch: fix use-after-free bug in netns (Flavio Leitner) [1120651 1100127]\n[2.6.32-431.26.1]\n- [net] gro: fix deliver of trunk packets to VLAN interfaces (Marcelo Ricardo Leitner) [1116231 1112324]\n[2.6.32-431.25.1]\n- [net] sctp: Fix sk_ack_backlog wrap-around problem (Daniel Borkmann) [1113969 1085932] {CVE-2014-4667}\n[2.6.32-431.24.1]\n- [alsa] aloop: Close races at restarting the stream (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Export snd_pcm_constraint_mask64() (Jaroslav Kysela) [1112492 1078592]\n- [alsa] pcm: Warn when buffer preallocation fails (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Add SNDRV_PCM_STATE_PAUSED case in wait_for_avail function (Jaroslav Kysela) [1112492 1078592]\n- [alsa] jack: Unregister input device at disconnection (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Optimize module name check (Jaroslav Kysela) [1112492 1078592]\n- [alsa] pcm: Add fallthru comments (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: Fix Oops while PM resume (Jaroslav Kysela) [1112492 1078592]\n- [alsa] aloop: add locking to timer access (Jaroslav Kysela) [1112492 1078592]", "modified": "2014-09-09T00:00:00", "published": "2014-09-09T00:00:00", "id": "ELSA-2014-1167", "href": "http://linux.oracle.com/errata/ELSA-2014-1167.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:55", "bulletinFamily": "software", "description": "System crash on audited syscall with large number.", "modified": "2014-06-13T00:00:00", "published": "2014-06-13T00:00:00", "id": "SECURITYVULNS:VULN:13816", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13816", "title": "Linux syscall auditing DoS", "type": "securityvulns", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2289-1\r\nJuly 17, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nSasha Levin reported a flaw in the Linux kernel&#39;s point-to-point protocol\r\n&#40;PPP&#41; when used with the Layer Two Tunneling Protocol &#40;L2TP&#41;. A local user\r\ncould exploit this flaw to gain administrative privileges. &#40;CVE-2014-4943&#41;\r\n\r\nMichael S. Tsirkin discovered an information leak in the Linux kernel&#39;s\r\nsegmentation of skbs when using the zerocopy feature of vhost-net. A local\r\nattacker could exploit this flaw to gain potentially sensitive information\r\nfrom kernel memory. &#40;CVE-2014-0131&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s audit subsystem when auditing\r\ncertain syscalls. A local attacker could exploit this flaw to obtain\r\npotentially sensitive single-bit values from kernel memory or cause a\r\ndenial of service &#40;OOPS&#41;. &#40;CVE-2014-3917&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s implementation of user\r\nnamespaces with respect to inode permissions. A local user could exploit\r\nthis flaw by creating a user namespace to gain administrative privileges.\r\n&#40;CVE-2014-4014&#41;\r\n\r\nDon Bailey discovered a flaw in the LZO decompress algorithm used by the\r\nLinux kernel. An attacker could exploit this flaw to cause a denial of\r\nservice &#40;memory corruption or OOPS&#41;. &#40;CVE-2014-4608&#41;\r\n\r\nDon Bailey and Ludvig Strigeus discovered an integer overflow in the Linux\r\nkernel&#39;s implementation of the LZ4 decompression algorithm, when used by\r\ncode not complying with API limitations. An attacker could exploit this\r\nflaw to cause a denial of service &#40;memory corruption&#41; or possibly other\r\nunspecified impact. &#40;CVE-2014-4611&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.10:\r\n linux-image-3.11.0-26-generic 3.11.0-26.45\r\n linux-image-3.11.0-26-generic-lpae 3.11.0-26.45\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2289-1\r\n CVE-2014-0131, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608,\r\n CVE-2014-4611, CVE-2014-4943\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.11.0-26.45\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2014-07-21T00:00:00", "published": "2014-07-21T00:00:00", "id": "SECURITYVULNS:DOC:30929", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30929", "title": "[USN-2289-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:43", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-09-24T00:00:00", "id": "OPENVAS:1361412562310882026", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882026", "title": "CentOS Update for kernel CESA-2014:1281 centos7", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:1281 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882026\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-24 06:02:40 +0200 (Wed, 24 Sep 2014)\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_name(\"CentOS Update for kernel CESA-2014:1281 centos7\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\n * An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n * A bug in the mtip32xx driver could prevent the Micron P420m PCIe SSD\ndevices with unaligned I/O access from completing the submitted I/O\nrequests. This resulted in a livelock situation and rendered the Micron\nP420m PCIe SSD devices unusable. To fix this problem, mtip32xx now checks\nwhether an I/O access is unaligned and if so, it uses the correct\nsemaphore. (BZ#1125776)\n\n * A series of patches has been backported to improve the functionality of\na touch pad on the latest Lenovo laptops in Red Hat Enterprise Linux 7.\n(BZ#1122559)\n\n * Due to a bug in the bnx2x driver, a network adapter could be unable to\nrecover from EEH error injection. The network adapter had to be taken\noffline and rebooted in order to function properly again. With this update,\nthe bnx2x driver has been corrected and network adapters now recover from\nEEH errors as expected. (BZ#1107722)\n\n * Previously, if an hrtimer interrupt was delayed, all future pending\nhrtimer events that were queued on the same processor were also delayed\nuntil the initial hrtimer event was handled. This could cause all hrtimer\nprocessing to stop for a significant period of time. To prevent this\nproblem, the kernel has been modified to handle all expired hrtimer events\nwhen handling the initially delayed hrtimer event. (BZ#1113175)\n\n * A previous change to the nouveau driver introduced a bit shift error,\nwhich resulted in a wrong display resolution being set with some models\nof NVIDIA controllers. With this update, the erroneous code has been\ncorrected, and the affected NVIDIA controllers can now set the correct\ndisplay resolution. (BZ#1114869)\n\n * Due to a NULL pointer dereference bug in the be2net driver, the system\ncould experience a kernel oops and reboot when disabling a network adapter\nafter a permanent failure. This problem has been fixed by introducing a\nflag to keep track of the setup state. The failing adapter can now be\ndisabled successfully without a kernel crash. (BZ#1122558)\n\n * Previously, the Huge Translation Lookaside Buffer (HugeTLB) allowed\naccess to huge pages access by default. However, huge pages may be\nunsupported in some environments, such as a KVM guest on a PowerPC\narchitecture, and an attempt to access a huge pag ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1281\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020581.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~123.8.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:27", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-09-05T00:00:00", "id": "OPENVAS:1361412562310881997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881997", "title": "CentOS Update for kernel CESA-2014:1143 centos5", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:1143 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881997\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-05 05:56:51 +0200 (Fri, 05 Sep 2014)\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_name(\"CentOS Update for kernel CESA-2014:1143 centos5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\n * An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n * A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n * Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n * A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n * Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1143\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020539.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.12.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:44", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-09-04T00:00:00", "id": "OPENVAS:1361412562310871236", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871236", "title": "RedHat Update for kernel RHSA-2014:1143-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:1143-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871236\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-04 05:57:17 +0200 (Thu, 04 Sep 2014)\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_name(\"RedHat Update for kernel RHSA-2014:1143-01\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n * A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n * Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n * A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n * Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"RHSA\", value:\"2014:1143-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-September/msg00006.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.12.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:54", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3074", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123315", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123315", "title": "Oracle Linux Local Check: ELSA-2014-3074", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3074.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123315\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:10 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3074\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3074 - unbreakable enterprise kernel security bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3074\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3074.html\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.10.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.10.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.10.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.10.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.10.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.10.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.215.10.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.215.10.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.215.10.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.215.10.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.215.10.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.215.10.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:31", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-08-14T00:00:00", "id": "OPENVAS:1361412562310841929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841929", "title": "Ubuntu Update for linux USN-2314-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2314_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2314-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841929\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-14 05:55:11 +0200 (Thu, 14 Aug 2014)\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_name(\"Ubuntu Update for linux USN-2314-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"insight\", value:\"An flaw was discovered in the Linux kernel's audit subsystem\nwhen auditing certain syscalls. A local attacker could exploit this flaw to\nobtain potentially sensitive single-bit values from kernel memory or cause a\ndenial of service (OOPS).\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2314-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2314-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-generic\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-generic-lpae\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-lowlatency\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-powerpc-e500\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-powerpc-e500mc\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-powerpc-smp\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-powerpc64-emb\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-powerpc64-smp\", ver:\"3.13.0-33.58\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:41", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-08-14T00:00:00", "id": "OPENVAS:1361412562310841930", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841930", "title": "Ubuntu Update for linux-lts-trusty USN-2313-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2313_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-trusty USN-2313-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841930\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-14 05:55:13 +0200 (Thu, 14 Aug 2014)\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-2313-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"An flaw was discovered in the Linux kernel's audit subsystem\nwhen auditing certain syscalls. A local attacker could exploit this flaw to\nobtain potentially sensitive single-bit values from kernel memory or cause a\ndenial of service (OOPS).\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2313-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2313-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-generic\", ver:\"3.13.0-33.58~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-33-generic-lpae\", ver:\"3.13.0-33.58~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:10", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-09-23T00:00:00", "id": "OPENVAS:1361412562310871247", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871247", "title": "RedHat Update for kernel RHSA-2014:1281-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:1281-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871247\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-23 05:53:15 +0200 (Tue, 23 Sep 2014)\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_name(\"RedHat Update for kernel RHSA-2014:1281-01\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n * A bug in the mtip32xx driver could prevent the Micron P420m PCIe SSD\ndevices with unaligned I/O access from completing the submitted I/O\nrequests. This resulted in a livelock situation and rendered the Micron\nP420m PCIe SSD devices unusable. To fix this problem, mtip32xx now checks\nwhether an I/O access is unaligned and if so, it uses the correct\nsemaphore. (BZ#1125776)\n\n * A series of patches has been backported to improve the functionality of\na touch pad on the latest Lenovo laptops in Red Hat Enterprise Linux 7.\n(BZ#1122559)\n\n * Due to a bug in the bnx2x driver, a network adapter could be unable to\nrecover from EEH error injection. The network adapter had to be taken\noffline and rebooted in order to function properly again. With this update,\nthe bnx2x driver has been corrected and network adapters now recover from\nEEH errors as expected. (BZ#1107722)\n\n * Previously, if an hrtimer interrupt was delayed, all future pending\nhrtimer events that were queued on the same processor were also delayed\nuntil the initial hrtimer event was handled. This could cause all hrtimer\nprocessing to stop for a significant period of time. To prevent this\nproblem, the kernel has been modified to handle all expired hrtimer events\nwhen handling the initially delayed hrtimer event. (BZ#1113175)\n\n * A previous change to the nouveau driver introduced a bit shift error,\nwhich resulted in a wrong display resolution being set with some models\nof NVIDIA controllers. With this update, the erroneous code has been\ncorrected, and the affected NVIDIA controllers can now set the correct\ndisplay resolution. (BZ#1114869)\n\n * Due to a NULL pointer dereference bug in the be2net driver, the system\ncould experience a kernel oops and reboot when disabling a network adapter\nafter a permanent failure. This problem has been fixed by introducing a\nflag to keep track of the setup state. The failing adapter can now be\ndisabled successfully without a kernel crash. (BZ#1122558)\n\n * Previously, the Huge Translation Lookaside Buffer (HugeTLB) allowed\naccess to huge pages access by default. However, huge pages may be\nunsupported in some environments, such as a KVM guest on a PowerPC\narchitecture, and a ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"RHSA\", value:\"2014:1281-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-September/msg00039.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~123.8.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-1143-1", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123319", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123319", "title": "Oracle Linux Local Check: ELSA-2014-1143-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1143-1.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123319\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:13 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1143-1\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1143-1 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1143-1\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1143-1.html\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.12.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.12.1.0.1.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.12.1.0.1.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.12.1.0.1.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.12.1.0.1.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.12.1.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.12.1.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.12.1.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.12.1.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:50", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-1281", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123305", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123305", "title": "Oracle Linux Local Check: ELSA-2014-1281", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1281.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123305\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1281\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1281 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1281\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1281.html\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~123.8.1.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:49", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3072", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123314", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123314", "title": "Oracle Linux Local Check: ELSA-2014-3072", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3072.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123314\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:09 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3072\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3072 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3072\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3072.html\");\n script_cve_id(\"CVE-2014-3917\");\n script_tag(name:\"cvss_base\", value:\"3.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~44.1.1.el7uek~0.4.3~4.el7\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~44.1.1.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~44.1.1.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~44.1.1.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~44.1.1.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~44.1.1.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~44.1.1.el7uek\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~44.1.1.el6uek~0.4.3~4.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~44.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~44.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~44.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~44.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~44.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~44.1.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}], "nessus": [{"lastseen": "2020-06-01T01:03:17", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "CENTOS_RHSA-2014-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/77546", "published": "2014-09-05T00:00:00", "title": "CentOS 5 : kernel (CESA-2014:1143)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1143 and \n# CentOS Errata and Security Advisory 2014:1143 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77546);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_xref(name:\"RHSA\", value:\"2014:1143\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2014:1143)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit\nrules defined, a local, unprivileged user could use this flaw to leak\nkernel memory to user space or, potentially, crash the system.\n(CVE-2014-3917, Moderate)\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a\nkernel oops. Also, fdatasync() could fail to immediately write out\nchanges in the file size only. These problems have been resolved by\nbackporting a series of patches that fixed these problems in the\nrespective code on Red Hat Enterprise Linux 6. This update also\nimproves performance of ext3 and ext4 file systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not\nforce the inode size change to be written to the disk if it was the\nonly metadata change in the file. This could result in the wrong inode\nsize and possible data loss if the system terminated unexpectedly. The\ncode handling inode updates has been fixed and fdatasync() now writes\ndata to the disk as expected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This\nworkaround is valid only to the A0 revision of the 5719 chips and for\nother revisions and chips causes occasional Tx timeouts. This update\ncorrectly applies the aforementioned workaround only to the A0\nrevision of the 5719 chips. (BZ# 1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and\ndirty page write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-September/020539.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4a18f61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3917\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-371.12.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T03:37:45", "bulletinFamily": "scanner", "description": "Description of changes:\n\n[2.6.39-400.215.10.el6uek]\n- auditsc: audit_krule mask accesses need bounds checking (Andy \nLutomirski) [Orabug: 19590597] {CVE-2014-3917}\n\n[2.6.39-400.215.9.el6uek]\n- oracleasm: Add support for new error return codes from block/SCSI \n(Martin K. Petersen) [Orabug: 18438934]\n\n[2.6.39-400.215.8.el6uek]\n- ib_ipoib: CSUM support in connected mode (Yuval Shaia) [Orabug: \n18692878] - net: Reduce high cpu usage in bonding driver by do_csum \n(Venkat Venkatsubra) [Orabug: 18141731] - [random] Partially revert \n6d7c7e49: random: make ", "modified": "2020-06-02T00:00:00", "id": "ORACLELINUX_ELSA-2014-3074.NASL", "href": "https://www.tenable.com/plugins/nessus/77625", "published": "2014-09-11T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3074)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3074.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77625);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/30 10:58:19\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3074)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.215.10.el6uek]\n- auditsc: audit_krule mask accesses need bounds checking (Andy \nLutomirski) [Orabug: 19590597] {CVE-2014-3917}\n\n[2.6.39-400.215.9.el6uek]\n- oracleasm: Add support for new error return codes from block/SCSI \n(Martin K. Petersen) [Orabug: 18438934]\n\n[2.6.39-400.215.8.el6uek]\n- ib_ipoib: CSUM support in connected mode (Yuval Shaia) [Orabug: \n18692878] - net: Reduce high cpu usage in bonding driver by do_csum \n(Venkat Venkatsubra) [Orabug: 18141731] - [random] Partially revert \n6d7c7e49: random: make 'add_interrupt_randomness() (John Sobecki) \n[Orabug: 17740293] - oracleasm: claim FMODE_EXCL access on disk during \nasm_open (Srinivas Eeda) [Orabug: 19453460] - notify block layer when \nusing temporary change to cache_type (Vaughan Cao) [Orabug: 19448451] - \nsd: Fix parsing of 'temporary ' cache mode prefix (Ben Hutchings) \n[Orabug: 19448451] - sd: fix array cache flushing bug causing \nperformance problems (James Bottomley) [Orabug: 19448451] - block: fix \nmax discard sectors limit (James Bottomley) [Orabug: 18961244] - \nxen-netback: fix deadlock in high memory pressure (Junxiao Bi) [Orabug: \n18959416] - sdp: fix keepalive functionality (shamir rabinovitch) \n[Orabug: 18728784] - SELinux: Fix possible NULL pointer dereference in \nselinux_inode_permission() (Steven Rostedt) [Orabug: 18552029] - \nrefcount: take rw_lock in ocfs2_reflink (Wengang Wang) [Orabug: \n18406219] - ipv6: check return value for dst_alloc (Madalin Bucur) \n[Orabug: 17865160] - cciss: bug fix to prevent cciss from loading in \nkdump crash kernel (Mike Miller) [Orabug: 17740446] - configfs: fix \nrace between dentry put and lookup (Junxiao Bi) [Orabug: 17627075]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004422.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004423.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-3917\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2014-3074\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-400.215.10.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-400.215.10.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-400.215.10.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-400.215.10.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-400.215.10.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-400.215.10.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.215.10.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.215.10.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.215.10.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.215.10.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.215.10.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.215.10.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-03-18T02:47:17", "bulletinFamily": "scanner", "description": " - An out-of-bounds memory access flaw was found in the\n Linux kernel", "modified": "2014-09-05T00:00:00", "id": "SL_20140903_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/77552", "published": "2014-09-05T00:00:00", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140903)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77552);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2014-3917\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140903)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - An out-of-bounds memory access flaw was found in the\n Linux kernel's system call auditing implementation. On a\n system with existing audit rules defined, a local,\n unprivileged user could use this flaw to leak kernel\n memory to user space or, potentially, crash the system.\n (CVE-2014-3917, Moderate)\n\nThis update also fixes the following bugs :\n\n - A bug in the journaling code (jbd and jbd2) could, under\n very heavy workload of fsync() operations, trigger a\n BUG_ON and result in a kernel oops. Also, fdatasync()\n could fail to immediately write out changes in the file\n size only. These problems have been resolved by\n backporting a series of patches that fixed these\n problems in the respective code on Scientific Linux 6.\n This update also improves performance of ext3 and ext4\n file systems.\n\n - Due to a bug in the ext4 code, the fdatasync() system\n call did not force the inode size change to be written\n to the disk if it was the only metadata change in the\n file. This could result in the wrong inode size and\n possible data loss if the system terminated\n unexpectedly. The code handling inode updates has been\n fixed and fdatasync() now writes data to the disk as\n expected in this situation.\n\n - A workaround to a DMA read problem in the tg3 driver was\n incorrectly applied to the whole Broadcom 5719 and 5720\n chipset family. This workaround is valid only to the A0\n revision of the 5719 chips and for other revisions and\n chips causes occasional Tx timeouts. This update\n correctly applies the aforementioned workaround only to\n the A0 revision of the 5719 chips.\n\n - Due to a bug in the page writeback code, the system\n could become unresponsive when being under memory\n pressure and heavy NFS load. This update fixes the code\n responsible for handling of dirty pages, and dirty page\n write outs no longer flood the work queue.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1409&L=scientific-linux-errata&T=0&P=591\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?28f10ffd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-debuginfo-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-debuginfo-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-common-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-debuginfo-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-371.12.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T03:48:44", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "REDHAT-RHSA-2014-1281.NASL", "href": "https://www.tenable.com/plugins/nessus/77806", "published": "2014-09-23T00:00:00", "title": "RHEL 7 : kernel (RHSA-2014:1281)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1281. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77806);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/10/24 15:35:38\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n script_xref(name:\"RHSA\", value:\"2014:1281\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2014:1281)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit\nrules defined, a local, unprivileged user could use this flaw to leak\nkernel memory to user space or, potentially, crash the system.\n(CVE-2014-3917, Moderate)\n\nThis update also fixes the following bugs :\n\n* A bug in the mtip32xx driver could prevent the Micron P420m PCIe SSD\ndevices with unaligned I/O access from completing the submitted I/O\nrequests. This resulted in a livelock situation and rendered the\nMicron P420m PCIe SSD devices unusable. To fix this problem, mtip32xx\nnow checks whether an I/O access is unaligned and if so, it uses the\ncorrect semaphore. (BZ#1125776)\n\n* A series of patches has been backported to improve the functionality\nof a touch pad on the latest Lenovo laptops in Red Hat Enterprise\nLinux 7. (BZ#1122559)\n\n* Due to a bug in the bnx2x driver, a network adapter could be unable\nto recover from EEH error injection. The network adapter had to be\ntaken offline and rebooted in order to function properly again. With\nthis update, the bnx2x driver has been corrected and network adapters\nnow recover from EEH errors as expected. (BZ#1107722)\n\n* Previously, if an hrtimer interrupt was delayed, all future pending\nhrtimer events that were queued on the same processor were also\ndelayed until the initial hrtimer event was handled. This could cause\nall hrtimer processing to stop for a significant period of time. To\nprevent this problem, the kernel has been modified to handle all\nexpired hrtimer events when handling the initially delayed hrtimer\nevent. (BZ#1113175)\n\n* A previous change to the nouveau driver introduced a bit shift\nerror, which resulted in a wrong display resolution being set with\nsome models of NVIDIA controllers. With this update, the erroneous\ncode has been corrected, and the affected NVIDIA controllers can now\nset the correct display resolution. (BZ#1114869)\n\n* Due to a NULL pointer dereference bug in the be2net driver, the\nsystem could experience a kernel oops and reboot when disabling a\nnetwork adapter after a permanent failure. This problem has been fixed\nby introducing a flag to keep track of the setup state. The failing\nadapter can now be disabled successfully without a kernel crash.\n(BZ#1122558)\n\n* Previously, the Huge Translation Lookaside Buffer (HugeTLB) allowed\naccess to huge pages access by default. However, huge pages may be\nunsupported in some environments, such as a KVM guest on a PowerPC\narchitecture, and an attempt to access a huge page in memory would\nresult in a kernel oops. This update ensures that HugeTLB denies\naccess to huge pages if the huge pages are not supported on the\nsystem. (BZ#1122115)\n\n* If an NVMe device becomes ready but fails to create I/O queues, the\nnvme driver creates a character device handle to manage such a device.\nPreviously, a character device could be created before a device\nreference counter was initialized, which resulted in a kernel oops.\nThis problem has been fixed by calling the relevant initialization\nfunction earlier in the code. (BZ#1119720)\n\n* On some firmware versions of the BladeEngine 3 (BE3) controller,\ninterrupts remain disabled after a hardware reset. This was a problem\nfor all Emulex-based network adapters using such a BE3 controller\nbecause these adapters would fail to recover from an EEH error if it\noccurred. To resolve this problem, the be2net driver has been modified\nto enable the interrupts in the eeh_resume handler explicitly.\n(BZ#1121712)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3917\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-3917\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2014:1281\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1281\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-123.8.1.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T03:48:44", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "REDHAT-RHSA-2014-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/77518", "published": "2014-09-04T00:00:00", "title": "RHEL 5 : kernel (RHSA-2014:1143)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1143. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77518);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/24 15:35:38\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_xref(name:\"RHSA\", value:\"2014:1143\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:1143)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit\nrules defined, a local, unprivileged user could use this flaw to leak\nkernel memory to user space or, potentially, crash the system.\n(CVE-2014-3917, Moderate)\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a\nkernel oops. Also, fdatasync() could fail to immediately write out\nchanges in the file size only. These problems have been resolved by\nbackporting a series of patches that fixed these problems in the\nrespective code on Red Hat Enterprise Linux 6. This update also\nimproves performance of ext3 and ext4 file systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not\nforce the inode size change to be written to the disk if it was the\nonly metadata change in the file. This could result in the wrong inode\nsize and possible data loss if the system terminated unexpectedly. The\ncode handling inode updates has been fixed and fdatasync() now writes\ndata to the disk as expected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This\nworkaround is valid only to the A0 revision of the 5719 chips and for\nother revisions and chips causes occasional Tx timeouts. This update\ncorrectly applies the aforementioned workaround only to the A0\nrevision of the 5719 chips. (BZ# 1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and\ndirty page write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3917\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1143\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-371.12.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-371.12.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T04:47:53", "bulletinFamily": "scanner", "description": "An flaw was discovered in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "UBUNTU_USN-2314-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77199", "published": "2014-08-14T00:00:00", "title": "Ubuntu 14.04 LTS : linux vulnerability (USN-2314-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2314-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77199);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:30\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n script_xref(name:\"USN\", value:\"2314-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerability (USN-2314-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An flaw was discovered in the Linux kernel's audit subsystem when\nauditing certain syscalls. A local attacker could exploit this flaw to\nobtain potentially sensitive single-bit values from kernel memory or\ncause a denial of service (OOPS).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2314-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-3917\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2314-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-33-generic\", pkgver:\"3.13.0-33.58\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-33-generic-lpae\", pkgver:\"3.13.0-33.58\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-33-lowlatency\", pkgver:\"3.13.0-33.58\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T03:37:43", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2014:1143 :\n\nUpdated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "ORACLELINUX_ELSA-2014-1143-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77549", "published": "2014-09-05T00:00:00", "title": "Oracle Linux 5 : kernel (ELSA-2014-1143-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1143 and \n# Oracle Linux Security Advisory ELSA-2014-1143-1 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77549);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n script_xref(name:\"RHSA\", value:\"2014:1143\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2014-1143-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1143 :\n\nUpdated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit\nrules defined, a local, unprivileged user could use this flaw to leak\nkernel memory to user space or, potentially, crash the system.\n(CVE-2014-3917, Moderate)\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a\nkernel oops. Also, fdatasync() could fail to immediately write out\nchanges in the file size only. These problems have been resolved by\nbackporting a series of patches that fixed these problems in the\nrespective code on Red Hat Enterprise Linux 6. This update also\nimproves performance of ext3 and ext4 file systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not\nforce the inode size change to be written to the disk if it was the\nonly metadata change in the file. This could result in the wrong inode\nsize and possible data loss if the system terminated unexpectedly. The\ncode handling inode updates has been fixed and fdatasync() now writes\ndata to the disk as expected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This\nworkaround is valid only to the A0 revision of the 5719 chips and for\nother revisions and chips causes occasional Tx timeouts. This update\ncorrectly applies the aforementioned workaround only to the A0\nrevision of the 5719 chips. (BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and\ndirty page write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004408.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-371.12.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-371.12.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-03-17T23:22:49", "bulletinFamily": "scanner", "description": "The 3.14.5 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2014-06-06T00:00:00", "id": "FEDORA_2014-7033.NASL", "href": "https://www.tenable.com/plugins/nessus/74339", "published": "2014-06-06T00:00:00", "title": "Fedora 20 : kernel-3.14.5-200.fc20 (2014-7033)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-7033.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74339);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n script_xref(name:\"FEDORA\", value:\"2014-7033\");\n\n script_name(english:\"Fedora 20 : kernel-3.14.5-200.fc20 (2014-7033)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.14.5 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1102571\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134002.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5683819\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.14.5-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T03:37:43", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2014:1143 :\n\nUpdated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "ORACLELINUX_ELSA-2014-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/77550", "published": "2014-09-05T00:00:00", "title": "Oracle Linux 5 : kernel (ELSA-2014-1143)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1143 and \n# Oracle Linux Security Advisory ELSA-2014-1143 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77550);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/30 10:58:19\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n script_xref(name:\"RHSA\", value:\"2014:1143\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2014-1143)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1143 :\n\nUpdated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit\nrules defined, a local, unprivileged user could use this flaw to leak\nkernel memory to user space or, potentially, crash the system.\n(CVE-2014-3917, Moderate)\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a\nkernel oops. Also, fdatasync() could fail to immediately write out\nchanges in the file size only. These problems have been resolved by\nbackporting a series of patches that fixed these problems in the\nrespective code on Red Hat Enterprise Linux 6. This update also\nimproves performance of ext3 and ext4 file systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not\nforce the inode size change to be written to the disk if it was the\nonly metadata change in the file. This could result in the wrong inode\nsize and possible data loss if the system terminated unexpectedly. The\ncode handling inode updates has been fixed and fdatasync() now writes\ndata to the disk as expected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This\nworkaround is valid only to the A0 revision of the 5719 chips and for\nother revisions and chips causes occasional Tx timeouts. This update\ncorrectly applies the aforementioned workaround only to the A0\nrevision of the 5719 chips. (BZ# 1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and\ndirty page write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004406.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-3917\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2014-1143\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-371.12.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-371.12.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-06-01T04:47:53", "bulletinFamily": "scanner", "description": "An flaw was discovered in the Linux kernel", "modified": "2020-06-02T00:00:00", "id": "UBUNTU_USN-2313-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77198", "published": "2014-08-14T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2313-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2313-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77198);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:30\");\n\n script_cve_id(\"CVE-2014-3917\");\n script_bugtraq_id(67699);\n script_xref(name:\"USN\", value:\"2313-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2313-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An flaw was discovered in the Linux kernel's audit subsystem when\nauditing certain syscalls. A local attacker could exploit this flaw to\nobtain potentially sensitive single-bit values from kernel memory or\ncause a denial of service (OOPS).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2313-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-3917\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2313-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-33-generic\", pkgver:\"3.13.0-33.58~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-33-generic-lpae\", pkgver:\"3.13.0-33.58~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:27:41", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:1143\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs:\n\n* A bug in the journaling code (jbd and jbd2) could, under very heavy\nworkload of fsync() operations, trigger a BUG_ON and result in a kernel\noops. Also, fdatasync() could fail to immediately write out changes in the\nfile size only. These problems have been resolved by backporting a series\nof patches that fixed these problems in the respective code on Red Hat\nEnterprise Linux 6. This update also improves performance of ext3 and ext4\nfile systems. (BZ#1116027)\n\n* Due to a bug in the ext4 code, the fdatasync() system call did not force\nthe inode size change to be written to the disk if it was the only metadata\nchange in the file. This could result in the wrong inode size and possible\ndata loss if the system terminated unexpectedly. The code handling inode\nupdates has been fixed and fdatasync() now writes data to the disk as\nexpected in this situation. (BZ#1117665)\n\n* A workaround to a DMA read problem in the tg3 driver was incorrectly\napplied to the whole Broadcom 5719 and 5720 chipset family. This workaround\nis valid only to the A0 revision of the 5719 chips and for other revisions\nand chips causes occasional Tx timeouts. This update correctly applies the\naforementioned workaround only to the A0 revision of the 5719 chips.\n(BZ#1121017)\n\n* Due to a bug in the page writeback code, the system could become\nunresponsive when being under memory pressure and heavy NFS load. This\nupdate fixes the code responsible for handling of dirty pages, and dirty\npage write outs no longer flood the work queue. (BZ#1125246)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/032577.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1143.html", "modified": "2014-09-04T07:18:06", "published": "2014-09-04T07:18:06", "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/032577.html", "id": "CESA-2014:1143", "title": "kernel security update", "type": "centos", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-12-20T18:28:35", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:1281\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs: \n\n* A bug in the mtip32xx driver could prevent the Micron P420m PCIe SSD\ndevices with unaligned I/O access from completing the submitted I/O\nrequests. This resulted in a livelock situation and rendered the Micron\nP420m PCIe SSD devices unusable. To fix this problem, mtip32xx now checks\nwhether an I/O access is unaligned and if so, it uses the correct\nsemaphore. (BZ#1125776)\n\n* A series of patches has been backported to improve the functionality of\na touch pad on the latest Lenovo laptops in Red Hat Enterprise Linux 7.\n(BZ#1122559)\n\n* Due to a bug in the bnx2x driver, a network adapter could be unable to\nrecover from EEH error injection. The network adapter had to be taken\noffline and rebooted in order to function properly again. With this update,\nthe bnx2x driver has been corrected and network adapters now recover from\nEEH errors as expected. (BZ#1107722)\n\n* Previously, if an hrtimer interrupt was delayed, all future pending\nhrtimer events that were queued on the same processor were also delayed\nuntil the initial hrtimer event was handled. This could cause all hrtimer\nprocessing to stop for a significant period of time. To prevent this\nproblem, the kernel has been modified to handle all expired hrtimer events\nwhen handling the initially delayed hrtimer event. (BZ#1113175)\n\n* A previous change to the nouveau driver introduced a bit shift error,\nwhich resulted in a wrong display resolution being set with some models\nof NVIDIA controllers. With this update, the erroneous code has been\ncorrected, and the affected NVIDIA controllers can now set the correct\ndisplay resolution. (BZ#1114869)\n\n* Due to a NULL pointer dereference bug in the be2net driver, the system\ncould experience a kernel oops and reboot when disabling a network adapter\nafter a permanent failure. This problem has been fixed by introducing a\nflag to keep track of the setup state. The failing adapter can now be\ndisabled successfully without a kernel crash. (BZ#1122558)\n\n* Previously, the Huge Translation Lookaside Buffer (HugeTLB) allowed\naccess to huge pages access by default. However, huge pages may be\nunsupported in some environments, such as a KVM guest on a PowerPC\narchitecture, and an attempt to access a huge page in memory would result\nin a kernel oops. This update ensures that HugeTLB denies access to huge\npages if the huge pages are not supported on the system. (BZ#1122115)\n\n* If an NVMe device becomes ready but fails to create I/O queues, the nvme\ndriver creates a character device handle to manage such a device.\nPreviously, a character device could be created before a device reference\ncounter was initialized, which resulted in a kernel oops. This problem has\nbeen fixed by calling the relevant initialization function earlier in the\ncode. (BZ#1119720)\n\n* On some firmware versions of the BladeEngine 3 (BE3) controller,\ninterrupts remain disabled after a hardware reset. This was a problem for\nall Emulex-based network adapters using such a BE3 controller because\nthese adapters would fail to recover from an EEH error if it occurred. To\nresolve this problem, the be2net driver has been modified to enable the\ninterrupts in the eeh_resume handler explicitly. (BZ#1121712)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/032619.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1281.html", "modified": "2014-09-23T05:23:08", "published": "2014-09-23T05:23:08", "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/032619.html", "id": "CESA-2014:1281", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-12-20T18:28:02", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:1167\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem handled\nreference counting when requeuing futexes during futex_wait(). A local,\nunprivileged user could use this flaw to zero out the reference counter of\nan inode or an mm struct that backs up the memory area of the futex, which\ncould lead to a use-after-free flaw, resulting in a system crash or,\npotentially, privilege escalation. (CVE-2014-0205, Important)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's\nnetworking implementation handled logging while processing certain invalid\npackets coming in via a VxLAN interface. A remote attacker could use this\nflaw to crash the system by sending a specially crafted packet to such an\ninterface. (CVE-2014-3535, Important)\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\n* An integer underflow flaw was found in the way the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation processed certain\nCOOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote\nattacker could use this flaw to prevent legitimate connections to a\nparticular SCTP server socket to be made. (CVE-2014-4667, Moderate)\n\nRed Hat would like to thank Gopal Reddy Kodudula of Nokia Siemens Networks\nfor reporting CVE-2014-4667. The security impact of the CVE-2014-0205 issue\nwas discovered by Mateusz Guzik of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/032586.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1167.html", "modified": "2014-09-09T23:10:17", "published": "2014-09-09T23:10:17", "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/032586.html", "id": "CESA-2014:1167", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:22", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\nThis update also fixes the following bugs: \n\n* A bug in the mtip32xx driver could prevent the Micron P420m PCIe SSD\ndevices with unaligned I/O access from completing the submitted I/O\nrequests. This resulted in a livelock situation and rendered the Micron\nP420m PCIe SSD devices unusable. To fix this problem, mtip32xx now checks\nwhether an I/O access is unaligned and if so, it uses the correct\nsemaphore. (BZ#1125776)\n\n* A series of patches has been backported to improve the functionality of\na touch pad on the latest Lenovo laptops in Red Hat Enterprise Linux 7.\n(BZ#1122559)\n\n* Due to a bug in the bnx2x driver, a network adapter could be unable to\nrecover from EEH error injection. The network adapter had to be taken\noffline and rebooted in order to function properly again. With this update,\nthe bnx2x driver has been corrected and network adapters now recover from\nEEH errors as expected. (BZ#1107722)\n\n* Previously, if an hrtimer interrupt was delayed, all future pending\nhrtimer events that were queued on the same processor were also delayed\nuntil the initial hrtimer event was handled. This could cause all hrtimer\nprocessing to stop for a significant period of time. To prevent this\nproblem, the kernel has been modified to handle all expired hrtimer events\nwhen handling the initially delayed hrtimer event. (BZ#1113175)\n\n* A previous change to the nouveau driver introduced a bit shift error,\nwhich resulted in a wrong display resolution being set with some models\nof NVIDIA controllers. With this update, the erroneous code has been\ncorrected, and the affected NVIDIA controllers can now set the correct\ndisplay resolution. (BZ#1114869)\n\n* Due to a NULL pointer dereference bug in the be2net driver, the system\ncould experience a kernel oops and reboot when disabling a network adapter\nafter a permanent failure. This problem has been fixed by introducing a\nflag to keep track of the setup state. The failing adapter can now be\ndisabled successfully without a kernel crash. (BZ#1122558)\n\n* Previously, the Huge Translation Lookaside Buffer (HugeTLB) allowed\naccess to huge pages access by default. However, huge pages may be\nunsupported in some environments, such as a KVM guest on a PowerPC\narchitecture, and an attempt to access a huge page in memory would result\nin a kernel oops. This update ensures that HugeTLB denies access to huge\npages if the huge pages are not supported on the system. (BZ#1122115)\n\n* If an NVMe device becomes ready but fails to create I/O queues, the nvme\ndriver creates a character device handle to manage such a device.\nPreviously, a character device could be created before a device reference\ncounter was initialized, which resulted in a kernel oops. This problem has\nbeen fixed by calling the relevant initialization function earlier in the\ncode. (BZ#1119720)\n\n* On some firmware versions of the BladeEngine 3 (BE3) controller,\ninterrupts remain disabled after a hardware reset. This was a problem for\nall Emulex-based network adapters using such a BE3 controller because\nthese adapters would fail to recover from an EEH error if it occurred. To\nresolve this problem, the be2net driver has been modified to enable the\ninterrupts in the eeh_resume handler explicitly. (BZ#1121712)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-04-12T03:32:47", "published": "2014-09-22T04:00:00", "id": "RHSA-2014:1281", "href": "https://access.redhat.com/errata/RHSA-2014:1281", "type": "redhat", "title": "(RHSA-2014:1281) Moderate: kernel security and bug fix update", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:08", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem handled\nreference counting when requeuing futexes during futex_wait(). A local,\nunprivileged user could use this flaw to zero out the reference counter of\nan inode or an mm struct that backs up the memory area of the futex, which\ncould lead to a use-after-free flaw, resulting in a system crash or,\npotentially, privilege escalation. (CVE-2014-0205, Important)\n\n* A NULL pointer dereference flaw was found in the way the Linux kernel's\nnetworking implementation handled logging while processing certain invalid\npackets coming in via a VxLAN interface. A remote attacker could use this\nflaw to crash the system by sending a specially crafted packet to such an\ninterface. (CVE-2014-3535, Important)\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\n* An integer underflow flaw was found in the way the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation processed certain\nCOOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote\nattacker could use this flaw to prevent legitimate connections to a\nparticular SCTP server socket to be made. (CVE-2014-4667, Moderate)\n\nRed Hat would like to thank Gopal Reddy Kodudula of Nokia Siemens Networks\nfor reporting CVE-2014-4667. The security impact of the CVE-2014-0205 issue\nwas discovered by Mateusz Guzik of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:21", "published": "2014-09-09T04:00:00", "id": "RHSA-2014:1167", "href": "https://access.redhat.com/errata/RHSA-2014:1167", "type": "redhat", "title": "(RHSA-2014:1167) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:46", "bulletinFamily": "unix", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's futex subsystem handled\nthe requeuing of certain Priority Inheritance (PI) futexes. A local,\nunprivileged user could use this flaw to escalate their privileges on the\nsystem. (CVE-2014-3153, Important)\n\n* It was found that the Linux kernel's ptrace subsystem allowed a traced\nprocess' instruction pointer to be set to a non-canonical memory address\nwithout forcing the non-sysret code path when returning to user space.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-4699,\nImportant)\n\nNote: The CVE-2014-4699 issue only affected systems using an Intel CPU.\n\n* It was found that the permission checks performed by the Linux kernel\nwhen a netlink message was received were not sufficient. A local,\nunprivileged user could potentially bypass these restrictions by passing a\nnetlink socket as stdout or stderr to a more privileged process and\naltering the output of this process. (CVE-2014-0181, Moderate)\n\n* It was found that the aio_read_events_ring() function of the Linux\nkernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO\nring head received from user space. A local, unprivileged user could use\nthis flaw to disclose random parts of the (physical) memory belonging to\nthe kernel and/or other processes. (CVE-2014-0206, Moderate)\n\n* An out-of-bounds memory access flaw was found in the Netlink Attribute\nextension of the Berkeley Packet Filter (BPF) interpreter functionality in\nthe Linux kernel's networking implementation. A local, unprivileged user\ncould use this flaw to crash the system or leak kernel memory to user space\nvia a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145,\nModerate)\n\n* An out-of-bounds memory access flaw was found in the Linux kernel's\nsystem call auditing implementation. On a system with existing audit rules\ndefined, a local, unprivileged user could use this flaw to leak kernel\nmemory to user space or, potentially, crash the system. (CVE-2014-3917,\nModerate)\n\n* A flaw was found in the way Linux kernel's Transparent Huge Pages (THP)\nimplementation handled non-huge page migration. A local, unprivileged user\ncould use this flaw to crash the kernel by migrating transparent hugepages.\n(CVE-2014-3940, Moderate)\n\n* An integer underflow flaw was found in the way the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation processed certain\nCOOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote\nattacker could use this flaw to prevent legitimate connections to a\nparticular SCTP server socket to be made. (CVE-2014-4667, Moderate)\n\n* An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp)\nbackend driver of the iSCSI Target subsystem of the Linux kernel.\nA privileged user could use this flaw to leak the contents of kernel memory\nto an iSCSI initiator remote client. (CVE-2014-4027, Low)\n\nRed Hat would like to thank Kees Cook of Google for reporting\nCVE-2014-3153, Andy Lutomirski for reporting CVE-2014-4699 and\nCVE-2014-0181, and Gopal Reddy Kodudula of Nokia Siemens Networks for\nreporting CVE-2014-4667. Google acknowledges Pinkie Pie as the original\nreporter of CVE-2014-3153. The CVE-2014-0206 issue was discovered by\nMateusz Guzik of Red Hat.\n\nUsers are advised to upgrade to these updated packages, which upgrade the\nkernel-rt kernel to version kernel-rt-3.10.33-rt32.43 and correct these\nissues. The system must be rebooted for this update to take effect.\n", "modified": "2018-06-07T08:58:26", "published": "2014-07-22T04:00:00", "id": "RHSA-2014:0913", "href": "https://access.redhat.com/errata/RHSA-2014:0913", "type": "redhat", "title": "(RHSA-2014:0913) Important: kernel-rt security update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:30", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA NULL pointer dereference flaw was found in the way the Linux kernel's\nnetworking implementation handled logging while processing certain invalid\npackets coming in via a VxLAN interface. A remote attacker could use this\nflaw to crash the system by sending a specially crafted packet to such an\ninterface. (CVE-2014-3535)\n\nTwo integer overflow flaws were found in the QEMU block driver for QCOW\nversion 1 disk images. A user able to alter the QEMU disk image files\nloaded by a guest could use either of these flaws to corrupt QEMU process\nmemory on the host, which could potentially result in arbitrary code\nexecution on the host with the privileges of the QEMU process.\n(CVE-2014-0222, CVE-2014-0223)\n\nRed Hat would like to thank NSA for reporting CVE-2014-0222 and \nCVE-2014-0223.\n\nThis update also fixes the following bug:\n\n* Previously, an updated version of Qlogic firmware was not supported in\nthe Red Hat Enterprise Virtualization Hypervisor 6.5 image and an error\nmessage returned when users were using a newer version of Qlogic firmware.\nThis update includes the latest Qlogic firmware package in the Red Hat\nEnterprise Virtualization Hypervisor 6.5 image so no firmware errors are\nreturned. (BZ#1135780)\n\nThis updated package also provides updated components that include fixes\nfor various security issues. These issues have no security impact on Red\nHat Enterprise Virtualization Hypervisor itself, however. The security\nfixes included in this update address the following CVE numbers:\n\nCVE-2012-6647, CVE-2013-7339, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706,\nCVE-2014-2851, CVE-2014-3144, CVE-2014-3145, CVE-2014-0205, CVE-2014-3917,\nand CVE-2014-4667 (kernel issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.\n", "modified": "2018-06-07T08:59:31", "published": "2014-09-09T04:00:00", "id": "RHSA-2014:1168", "href": "https://access.redhat.com/errata/RHSA-2014:1168", "type": "redhat", "title": "(RHSA-2014:1168) Important: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:47:05", "bulletinFamily": "unix", "description": "The Linux Kernel was updated to fix various bugs and security issues.\n\n CVE-2014-4699: The Linux kernel on Intel processors did not properly\n restrict use of a non-canonical value for the saved RIP address in the\n case of a system call that does not use IRET, which allowed local users to\n leverage a race condition and gain privileges, or cause a denial of\n service (double fault), via a crafted application that makes ptrace and\n fork system calls.\n\n CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c\n in the Linux kernel did not properly manage a certain backlog value, which\n allowed remote attackers to cause a denial of service (socket\n outage) via a crafted SCTP packet.\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel did not properly implement\n the interaction between range notification and hole punching, which\n allowed local users to cause a denial of service (i_mutex hold) by using\n the mmap system call to access a hole, as demonstrated by interfering with\n intended shmem activity by blocking completion of (1) an MADV_REMOVE\n madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit\n x86 platforms, when syscall auditing is enabled and the sep CPU feature\n flag is set, allowed local users to cause a denial of service (OOPS and\n system crash) via an invalid syscall number, as demonstrated by number\n 1000.\n\n CVE-2014-4656: Multiple integer overflows in sound/core/control.c in the\n ALSA control implementation in the Linux kernel allowed local users to\n cause a denial of service by leveraging /dev/snd/controlCX access, related\n to (1) index values in the snd_ctl_add function and (2) numid values in\n the snd_ctl_remove_numid_conflict function.\n\n CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c in\n the ALSA control implementation in the Linux kernel did not properly\n maintain the user_ctl_count value, which allowed local users to cause a\n denial of service (integer overflow and limit bypass) by leveraging\n /dev/snd/controlCX access for a large number of\n SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.\n\n CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c in\n the ALSA control implementation in the Linux kernel did not check\n authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allowed\n local users to remove kernel controls and cause a denial of service\n (use-after-free and system crash) by leveraging /dev/snd/controlCX access\n for an ioctl call.\n\n CVE-2014-4653: sound/core/control.c in the ALSA control implementation in\n the Linux kernel did not ensure possession of a read/write lock, which\n allowed local users to cause a denial of service (use-after-free) and\n obtain sensitive information from kernel memory by leveraging\n /dev/snd/controlCX access.\n\n CVE-2014-4652: Race condition in the tlv handler functionality in the\n snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control\n implementation in the Linux kernel allowed local users to obtain sensitive\n information from kernel memory by leveraging /dev/snd/controlCX access.\n\n CVE-2014-4014: The capabilities implementation in the Linux kernel did not\n properly consider that namespaces are inapplicable to inodes, which\n allowed local users to bypass intended chmod restrictions by first\n creating a user namespace, as demonstrated by setting the setgid bit on a\n file with group ownership of root.\n\n CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the Linux\n kernel did not properly count the addition of routes, which allowed remote\n attackers to cause a denial of service (memory consumption) via a flood of\n ICMPv6 Router Advertisement packets.\n\n CVE-2014-3917: kernel/auditsc.c in the Linux kernel, when\n CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allowed local\n users to obtain potentially sensitive single-bit values from kernel memory\n or cause a denial of service (OOPS) via a large value of a syscall number.\n\n CVE-2014-0131: Use-after-free vulnerability in the skb_segment function in\n net/core/skbuff.c in the Linux kernel allowed attackers to obtain\n sensitive information from kernel memory by leveraging the absence of a\n certain orphaning operation.\n\n CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST\n extension implementations in the sk_run_filter function in\n net/core/filter.c in the Linux kernel did not check whether a certain\n length value is sufficiently large, which allowed local users to cause a\n denial of service (integer underflow and system crash) via crafted BPF\n instructions.\n\n CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the\n sk_run_filter function in net/core/filter.c in the Linux kernel used the\n reverse order in a certain subtraction, which allowed local users to cause\n a denial of service (over-read and system crash) via crafted BPF\n instructions. NOTE: the affected code was moved to the\n __skb_get_nlattr_nest function before the vulnerability was announced.\n\n Additional Bug fixed:\n - HID: logitech-dj: Fix USB 3.0 issue (bnc#788080).\n\n", "modified": "2014-08-01T15:04:21", "published": "2014-08-01T15:04:21", "id": "OPENSUSE-SU-2014:0957-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00000.html", "type": "suse", "title": "kernel: security and bugfix update (important)", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:28:41", "bulletinFamily": "unix", "description": "The Linux kernel was updated to fix security issues and bugs:\n\n Security issues fixed: CVE-2014-4699: The Linux kernel on Intel processors\n did not properly restrict use of a non-canonical value for the saved RIP\n address in the case of a system call that does not use IRET, which allowed\n local users to leverage a race condition and gain privileges, or cause a\n denial of service (double fault), via a crafted application that makes\n ptrace and fork system calls.\n\n CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c\n in the Linux kernel did not properly manage a certain backlog value, which\n allowed remote attackers to cause a denial of service (socket\n outage) via a crafted SCTP packet.\n\n CVE-2014-4171: mm/shmem.c in the Linux kernel did not properly implement\n the interaction between range notification and hole punching, which\n allowed local users to cause a denial of service (i_mutex hold) by using\n the mmap system call to access a hole, as demonstrated by interfering with\n intended shmem activity by blocking completion of (1) an MADV_REMOVE\n madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel on 32-bit\n x86 platforms, when syscall auditing is enabled and the sep CPU feature\n flag is set, allowed local users to cause a denial of service (OOPS and\n system crash) via an invalid syscall number, as demonstrated by number\n 1000.\n\n CVE-2014-0100: Race condition in the inet_frag_intern function in\n net/ipv4/inet_fragment.c in the Linux kernel allowed remote attackers to\n cause a denial of service (use-after-free error) or possibly have\n unspecified other impact via a large series of fragmented ICMP Echo\n Request packets to a system with a heavy CPU load.\n\n CVE-2014-4656: Multiple integer overflows in sound/core/control.c in the\n ALSA control implementation in the Linux kernel allowed local users to\n cause a denial of service by leveraging /dev/snd/controlCX access, related\n to (1) index values in the snd_ctl_add function and (2) numid values in\n the snd_ctl_remove_numid_conflict function.\n\n CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c in\n the ALSA control implementation in the Linux kernel did not properly\n maintain the user_ctl_count value, which allowed local users to cause a\n denial of service (integer overflow and limit bypass) by leveraging\n /dev/snd/controlCX access for a large number of\n SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.\n\n CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c in\n the ALSA control implementation in the Linux kernel did not check\n authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allowed\n local users to remove kernel controls and cause a denial of service\n (use-after-free and system crash) by leveraging /dev/snd/controlCX access\n for an ioctl call.\n\n CVE-2014-4653: sound/core/control.c in the ALSA control implementation in\n the Linux kernel did not ensure possession of a read/write lock, which\n allowed local users to cause a denial of service (use-after-free) and\n obtain sensitive information from kernel memory by leveraging\n /dev/snd/controlCX access.\n\n CVE-2014-4652: Race condition in the tlv handler functionality in the\n snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control\n implementation in the Linux kernel allowed local users to obtain sensitive\n information from kernel memory by leveraging /dev/snd/controlCX access.\n\n CVE-2014-4014: The capabilities implementation in the Linux kernel did not\n properly consider that namespaces are inapplicable to inodes, which\n allowed local users to bypass intended chmod restrictions by first\n creating a user namespace, as demonstrated by setting the setgid bit on a\n file with group ownership of root.\n\n CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the Linux\n kernel did not properly count the addition of routes, which allowed remote\n attackers to cause a denial of service (memory consumption) via a flood of\n ICMPv6 Router Advertisement packets.\n\n CVE-2014-3917: kernel/auditsc.c in the Linux kernel, when\n CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allowed local\n users to obtain potentially sensitive single-bit values from kernel memory\n or cause a denial of service (OOPS) via a large value of a syscall number.\n\n CVE-2014-0131: Use-after-free vulnerability in the skb_segment function in\n net/core/skbuff.c in the Linux kernel allowed attackers to obtain\n sensitive information from kernel memory by leveraging the absence of a\n certain orphaning operation.\n\n Bugs fixed:\n - Don't trigger congestion wait on dirty-but-not-writeout pages\n (bnc#879071).\n\n - via-velocity: fix netif_receive_skb use in irq disabled section\n (bnc#851686).\n\n - HID: logitech-dj: Fix USB 3.0 issue (bnc#886629).\n\n - tg3: Change nvram command timeout value to 50ms (bnc#768714 bnc#855657).\n\n - tg3: Override clock, link aware and link idle mode during NVRAM dump\n (bnc#768714 bnc#855657).\n\n - tg3: Set the MAC clock to the fastest speed during boot code load\n (bnc#768714 bnc#855657).\n\n - ALSA: usb-audio: Fix deadlocks at resuming (bnc#884840).\n - ALSA: usb-audio: Save mixer status only once at suspend (bnc#884840).\n - ALSA: usb-audio: Resume mixer values properly (bnc#884840).\n\n", "modified": "2014-08-11T12:04:19", "published": "2014-08-11T12:04:19", "id": "OPENSUSE-SU-2014:0985-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00007.html", "title": "kernel: security and bugfix update (important)", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:09:50", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise Server 11 SP1 LTSS received a roll up update to\n fix several security and non-security issues.\n\n The following security issues have been fixed:\n\n * CVE-2013-1860: Heap-based buffer overflow in the wdm_in_callback\n function in drivers/usb/class/cdc-wdm.c in the Linux kernel before\n 3.8.4 allows physically proximate attackers to cause a denial of\n service (system crash) or possibly execute arbitrary code via a\n crafted cdc-wdm USB device. (bnc#806431)\n * CVE-2013-4162: The udp_v6_push_pending_frames function in\n net/ipv6/udp.c in the IPv6 implementation in the Linux kernel\n through 3.10.3 makes an incorrect function call for pending data,\n which allows local users to cause a denial of service (BUG and\n system crash) via a crafted application that uses the UDP_CORK\n option in a setsockopt system call. (bnc#831058)\n * CVE-2014-0203: The __do_follow_link function in fs/namei.c in the\n Linux kernel before 2.6.33 does not properly handle the last\n pathname component during use of certain filesystems, which allows\n local users to cause a denial of service (incorrect free operations\n and system crash) via an open system call. (bnc#883526)\n * CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2)\n BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter\n function in net/core/filter.c in the Linux kernel through 3.14.3 do\n not check whether a certain length value is sufficiently large,\n which allows local users to cause a denial of service (integer\n underflow and system crash) via crafted BPF instructions. NOTE: the\n affected code was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability was\n announced. (bnc#877257)\n * CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in\n the sk_run_filter function in net/core/filter.c in the Linux kernel\n through 3.14.3 uses the reverse order in a certain subtraction,\n which allows local users to cause a denial of service (over-read and\n system crash) via crafted BPF instructions. NOTE: the affected code\n was moved to the __skb_get_nlattr_nest function before the\n vulnerability was announced. (bnc#877257)\n * CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5,\n when CONFIG_AUDITSYSCALL is enabled with certain syscall rules,\n allows local users to obtain potentially sensitive single-bit values\n from kernel memory or cause a denial of service (OOPS) via a large\n value of a syscall number. (bnc#880484)\n * CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allows local users to\n cause a denial\n of service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number 1000. (bnc#883724)\n * CVE-2014-4652: Race condition in the tlv handler functionality in\n the snd_ctl_elem_user_tlv function in sound/core/control.c in the\n ALSA control implementation in the Linux kernel before 3.15.2 allows\n local users to obtain sensitive information from kernel memory by\n leveraging /dev/snd/controlCX access. (bnc#883795)\n * CVE-2014-4653: sound/core/control.c in the ALSA control\n implementation in the Linux kernel before 3.15.2 does not ensure\n possession of a read/write lock, which allows local users to cause a\n denial of service (use-after-free) and obtain sensitive information\n from kernel memory by leveraging /dev/snd/controlCX access.\n (bnc#883795)\n * CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel before 3.15.2\n does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE\n commands, which allows local users to remove kernel controls and\n cause a denial of service (use-after-free and system crash) by\n leveraging /dev/snd/controlCX access for an ioctl call. (bnc#883795)\n * CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel before 3.15.2\n does not properly maintain the user_ctl_count value, which allows\n local users to cause a denial of service (integer overflow and limit\n bypass) by leveraging /dev/snd/controlCX access for a large number\n of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. (bnc#883795)\n * CVE-2014-4656: Multiple integer overflows in sound/core/control.c in\n the ALSA control implementation in the Linux kernel before 3.15.2\n allow local users to cause a denial of service by leveraging\n /dev/snd/controlCX access, related to (1) index values in the\n snd_ctl_add function and (2) numid values in the\n snd_ctl_remove_numid_conflict function. (bnc#883795)\n * CVE-2014-4667: The sctp_association_free function in\n net/sctp/associola.c in the Linux kernel before 3.15.2 does not\n properly manage a certain backlog value, which allows remote\n attackers to cause a denial of service (socket outage) via a crafted\n SCTP packet. (bnc#885422)\n * CVE-2014-4699: The Linux kernel before 3.15.4 on Intel processors\n does not properly restrict use of a non-canonical value for the\n saved RIP address in the case of a system call that does not use\n IRET, which allows local users to leverage a race condition and gain\n privileges, or cause a denial of service (double fault), via a\n crafted application that makes ptrace and fork system calls.\n (bnc#885725)\n * CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the\n Linux kernel through 3.15.6 allows local users to gain privileges by\n leveraging data-structure differences between an l2tp socket and an\n inet socket. (bnc#887082)\n * CVE-2014-5077: The sctp_assoc_update function in\n net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP\n authentication is enabled, allows remote attackers to cause a denial\n of service (NULL pointer dereference and OOPS) by starting to\n establish an association between two endpoints immediately after an\n exchange of INIT and INIT ACK chunks to establish an earlier\n association between these endpoints in the opposite direction.\n (bnc#889173)\n * CVE-2013-7266: The mISDN_sock_recvmsg function in\n drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does\n not ensure that a certain length value is consistent with the size\n of an associated data structure, which allows local users to obtain\n sensitive information from kernel memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7267: The atalk_recvmsg function in net/appletalk/ddp.c in\n the Linux kernel before 3.12.4 updates a certain length value\n without ensuring that an associated data structure has been\n initialized, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2) recvmmsg, or\n (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7268: The ipx_recvmsg function in net/ipx/af_ipx.c in the\n Linux kernel before 3.12.4 updates a certain length value without\n ensuring that an associated data structure has been initialized,\n which allows local users to obtain sensitive information from kernel\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#854722)\n * CVE-2013-7269: The nr_recvmsg function in net/netrom/af_netrom.c in\n the Linux kernel before 3.12.4 updates a certain length value\n without ensuring that an associated data structure has been\n initialized, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2) recvmmsg, or\n (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7270: The packet_recvmsg function in net/packet/af_packet.c\n in the Linux kernel before 3.12.4 updates a certain length value\n before ensuring that an associated data structure has been\n initialized, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2) recvmmsg, or\n (3) recvmsg system call. (bnc#854722)\n * CVE-2013-7271: The x25_recvmsg function in net/x25/af_x25.c in the\n Linux kernel before 3.12.4 updates a certain length value without\n ensuring that an associated data structure has been initialized,\n which allows local users to obtain sensitive information from kernel\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#854722)\n\n The following bugs have been fixed:\n\n * mac80211: Fix AP powersave TX vs. wakeup race (bnc#871797).\n * tcp: Allow to disable cwnd moderation in TCP_CA_Loss state\n (bnc#879921).\n * tcp: Adapt selected parts of RFC 5682 and PRR logic (bnc#879921).\n * flock: Fix allocation and BKL (bnc#882809).\n * sunrpc: Close a rare race in xs_tcp_setup_socket (bnc#794824,\n bnc#884530).\n * isofs: Fix unbounded recursion when processing relocated directories\n (bnc#892490).\n * bonding: Fix a race condition on cleanup in\n bond_send_unsolicited_na() (bnc#856756).\n * block: Fix race between request completion and timeout handling\n (bnc#881051).\n * Fix kABI breakage due to addition of user_ctl_lock (bnc#883795).\n\n Security Issues:\n\n * CVE-2013-1860\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860</a>&gt;\n * CVE-2013-4162\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162</a>&gt;\n * CVE-2013-7266\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7266\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7266</a>&gt;\n * CVE-2013-7267\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7267\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7267</a>&gt;\n * CVE-2013-7268\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7268\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7268</a>&gt;\n * CVE-2013-7269\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7269\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7269</a>&gt;\n * CVE-2013-7270\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7270\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7270</a>&gt;\n * CVE-2013-7271\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7271\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7271</a>&gt;\n * CVE-2014-0203\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203</a>&gt;\n * CVE-2014-3144\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144</a>&gt;\n * CVE-2014-3145\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145</a>&gt;\n * CVE-2014-3917\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917</a>&gt;\n * CVE-2014-4508\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508</a>&gt;\n * CVE-2014-4652\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652</a>&gt;\n * CVE-2014-4653\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653</a>&gt;\n * CVE-2014-4654\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654</a>&gt;\n * CVE-2014-4655\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655</a>&gt;\n * CVE-2014-4656\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656</a>&gt;\n * CVE-2014-4667\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667</a>&gt;\n * CVE-2014-4699\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699</a>&gt;\n * CVE-2014-4943\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943</a>&gt;\n * CVE-2014-5077\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077</a>&gt;\n", "modified": "2014-09-16T19:04:20", "published": "2014-09-16T19:04:20", "id": "SUSE-SU-2014:1138-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00023.html", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:21:38", "bulletinFamily": "unix", "description": "The SUSE Linux Enterprise 11 Service Pack 3 Real Time Extension kernel has\n been updated to fix various bugs and security issues.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the\n Reliable Datagram Sockets (RDS) protocol implementation in the Linux\n kernel 3.7.4 and earlier allows local users to cause a denial of service\n (BUG_ON and kernel panic) by establishing an RDS connection with the\n source IP address equal to the IPoIB interfaces own IP address, as\n demonstrated by rds-ping. (bnc#767610)\n\n *\n\n CVE-2013-2929: The Linux kernel before 3.12.2 does not properly use\n the get_dumpable function, which allows local users to bypass intended\n ptrace restrictions or obtain sensitive information from IA64 scratch\n registers via a crafted application, related to kernel/ptrace.c and\n arch/ia64/include/asm/processor.h. (bnc#847652)\n\n *\n\n CVE-2013-4299: Interpretation conflict in\n drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows\n remote authenticated users to obtain sensitive information or modify data\n via a crafted mapping to a snapshot block device. (bnc#846404)\n\n *\n\n CVE-2013-4579: The ath9k_htc_set_bssid_mask function in\n drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through\n 3.12 uses a BSSID masking approach to determine the set of MAC addresses\n on which a Wi-Fi device is listening, which allows remote attackers to\n discover the original MAC address after spoofing by sending a series of\n packets to MAC addresses with certain bit manipulations. (bnc#851426)\n\n *\n\n CVE-2013-6382: Multiple buffer underflows in the XFS implementation\n in the Linux kernel through 3.12.1 allow local users to cause a denial of\n service (memory corruption) or possibly have unspecified\n other impact by leveraging the CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call\n with a crafted length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\n function in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\n *\n\n CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in\n the Linux kernel before 3.12.8 allows local users to cause a denial of\n service (NULL pointer dereference and system crash) or possibly have\n unspecified other impact via a bind system call for an RDS socket on a\n system that lacks RDS transports. (bnc#869563)\n\n *\n\n CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in\n the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2\n on Red Hat Enterprise Linux (RHEL) 6 does not properly handle\n vhost_get_vq_desc errors, which allows guest OS users to cause a denial of\n service (host OS crash) via unspecified vectors. (bnc#870173)\n\n *\n\n CVE-2014-0077: drivers/vhost/net.c in the Linux kernel before\n 3.13.10, when mergeable buffers are disabled, does not properly validate\n packet lengths, which allows guest OS users to cause a denial of service\n (memory corruption and host OS crash) or possibly gain privileges on the\n host OS via crafted packets, related to the handle_rx and get_rx_bufs\n functions. (bnc#870576)\n\n *\n\n CVE-2014-0101: The sctp_sf_do_5_1D_ce function in\n net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not\n validate certain auth_enable and auth_capable fields before making an\n sctp_sf_authenticate call, which allows remote attackers to cause a denial\n of service (NULL pointer dereference and system crash) via an SCTP\n handshake with a modified INIT chunk and a crafted AUTH chunk before a\n COOKIE_ECHO chunk. (bnc#866102)\n\n *\n\n CVE-2014-0131: Use-after-free vulnerability in the skb_segment\n function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows\n attackers to obtain sensitive information from kernel memory by leveraging\n the absence of a certain orphaning operation. (bnc#867723)\n\n *\n\n CVE-2014-0155: The ioapic_deliver function in virt/kvm/ioapic.c in\n the Linux kernel through 3.14.1 does not properly validate the\n kvm_irq_delivery_to_apic return value, which allows guest OS users to\n cause a denial of service (host OS crash) via a crafted entry in the\n redirection table of an I/O APIC. NOTE: the affected code was moved to the\n ioapic_service function before the vulnerability was announced.\n (bnc#872540)\n\n *\n\n CVE-2014-1444: The fst_get_iface function in\n drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not\n properly initialize a certain data structure, which allows local users to\n obtain sensitive information from kernel memory by leveraging the\n CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. (bnc#858869)\n\n *\n\n CVE-2014-1445: The wanxl_ioctl function in drivers/net/wan/wanxl.c\n in the Linux kernel before 3.11.7 does not properly initialize a certain\n data structure, which allows local users to obtain sensitive information\n from kernel memory via an ioctl call. (bnc#858870)\n\n *\n\n CVE-2014-1446: The yam_ioctl function in drivers/net/hamradio/yam.c\n in the Linux kernel before 3.12.8 does not initialize a certain structure\n member, which allows local users to obtain sensitive information from\n kernel memory by leveraging the CAP_NET_ADMIN capability for an\n SIOCYAMGCFG ioctl call. (bnc#858872)\n\n *\n\n CVE-2014-1874: The security_context_to_sid_core function in\n security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows\n local users to cause a denial of service (system crash) by leveraging the\n CAP_MAC_ADMIN capability to set a zero-length security context.\n (bnc#863335)\n\n *\n\n CVE-2014-2309: The ip6_route_add function in net/ipv6/route.c in the\n Linux kernel through 3.13.6 does not properly count the addition of\n routes, which allows remote attackers to cause a denial of service (memory\n consumption) via a flood of ICMPv6 Router Advertisement packets.\n (bnc#867531)\n\n *\n\n CVE-2014-2523: net/netfilter/nf_conntrack_proto_dccp.c in the Linux\n kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows\n remote attackers to cause a denial of service (system crash)\n or possibly execute arbitrary code via a DCCP packet that triggers a\n call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n (bnc#868653)\n\n *\n\n CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in\n the Linux kernel through 3.14 allows local users to cause a denial of\n service (NULL pointer dereference and system crash) or possibly have\n unspecified other impact via a bind system call for an RDS socket on a\n system that lacks RDS transports. (bnc#871561)\n\n *\n\n CVE-2014-2851: Integer overflow in the ping_init_sock function in\n net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to\n cause a denial of service (use-after-free and system crash) or possibly\n gain privileges via a crafted application that leverages an improperly\n managed reference counter. (bnc#873374)\n\n *\n\n CVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the\n Linux kernel before 3.14.3 does not properly consider which pages must be\n locked, which allows local users to cause a denial of service (system\n crash) by triggering a memory-usage pattern that requires removal of\n page-table mappings. (bnc#876102)\n\n *\n\n CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2)\n BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter\n function in net/core/filter.c in the Linux kernel through 3.14.3 do not\n check whether a certain length value is sufficiently large, which allows\n local users to cause a denial of service (integer underflow and system\n crash) via crafted BPF instructions. NOTE: the affected code was moved to\n the __skb_get_nlattr and __skb_get_nlattr_nest functions before the\n vulnerability was announced. (bnc#877257)\n\n *\n\n CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in\n the sk_run_filter function in net/core/filter.c in the Linux kernel\n through 3.14.3 uses the reverse order in a certain subtraction, which\n allows local users to cause a denial of service (over-read and system\n crash) via crafted BPF instructions. NOTE: the affected code was moved to\n the __skb_get_nlattr_nest function before the vulnerability was announced.\n (bnc#877257)\n\n *\n\n CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5,\n when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows\n local users to obtain potentially sensitive single-bit values from kernel\n memory or cause a denial of service (OOPS) via a large value of a syscall\n number. (bnc#880484)\n\n *\n\n CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel\n through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled\n and the sep CPU feature flag is set, allows local users to cause a denial\n of service (OOPS and system crash) via an invalid syscall number, as\n demonstrated by number\n\n *\n\n (bnc#883724)\n\n *\n\n CVE-2014-4652: Race condition in the tlv handler functionality in\n the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA\n control implementation in the Linux kernel before 3.15.2 allows local\n users to obtain sensitive information from kernel memory by leveraging\n /dev/snd/controlCX access. (bnc#883795)\n\n *\n\n CVE-2014-4653: sound/core/control.c in the ALSA control\n implementation in the Linux kernel before 3.15.2 does not ensure\n possession of a read/write lock, which allows local users to cause a\n denial of service (use-after-free) and obtain sensitive information from\n kernel memory by leveraging /dev/snd/controlCX access. (bnc#883795)\n\n *\n\n CVE-2014-4654: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel before 3.15.2 does\n not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which\n allows local users to remove kernel controls and cause a denial of service\n (use-after-free and system crash) by leveraging /dev/snd/controlCX access\n for an ioctl call. (bnc#883795)\n\n *\n\n CVE-2014-4655: The snd_ctl_elem_add function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel before 3.15.2 does\n not properly maintain the user_ctl_count value, which allows local users\n to cause a denial of service (integer overflow and limit bypass) by\n leveraging /dev/snd/controlCX access for a large number of\n SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. (bnc#883795)\n\n *\n\n CVE-2014-4656: Multiple integer overflows in sound/core/control.c in\n the ALSA control implementation in the Linux kernel before 3.15.2 allow\n local users to cause a denial of service by leveraging /dev/snd/controlCX\n access, related to (1) index values in the snd_ctl_add function and (2)\n numid values in the snd_ctl_remove_numid_conflict function. (bnc#883795)\n\n *\n\n CVE-2014-4699: The Linux kernel before 3.15.4 on Intel processors\n does not properly restrict use of a non-canonical value for the saved RIP\n address in the case of a system call that does not use IRET, which allows\n local users to leverage a race condition and gain privileges, or cause a\n denial of service (double fault), via a crafted application that makes\n ptrace and fork system calls. (bnc#885725)\n\n Also the following non-security bugs have been fixed:\n\n * kernel: avoid page table walk on user space access (bnc#878407,\n LTC#110316).\n * spinlock: fix system hang with spin_retry &lt;= 0 (bnc#874145,\n LTC#110189).\n * x86/UV: Set n_lshift based on GAM_GR_CONFIG MMR for UV3 (bnc#876176).\n * x86: Enable multiple CPUs in crash kernel (bnc#846690).\n * x86/mce: Fix CMCI preemption bugs (bnc#786450).\n * x86, CMCI: Add proper detection of end of CMCI storms (bnc#786450).\n * futex: revert back to the explicit waiter counting code (bnc#851603).\n * futex: avoid race between requeue and wake (bnc#851603).\n * intel-iommu: fix off-by-one in pagetable freeing (bnc#874577).\n * ia64: Change default PSR.ac from &quot;1&quot; to &quot;0&quot; (Fix erratum #237)\n (bnc#874108).\n *\n\n drivers/rtc/interface.c: fix infinite loop in initializing the alarm\n (bnc#871676).\n\n *\n\n drm/ast: Fix double lock at PM resume (bnc#883380).\n\n * drm/ast: add widescreen + rb modes from X.org driver (v2)\n (bnc#883380).\n * drm/ast: deal with bo reserve fail in dirty update path (bnc#883380).\n * drm/ast: do not attempt to acquire a reservation while in an\n interrupt handler (bnc#883380).\n * drm/ast: fix the ast open key function (bnc#883380).\n * drm/ast: fix value check in cbr_scan2 (bnc#883380).\n * drm/ast: inline reservations (bnc#883380).\n * drm/ast: invalidate page tables when pinning a BO (bnc#883380).\n * drm/ast: rename the mindwm/moutdwm and deinline them (bnc#883380).\n * drm/ast: resync the dram post code with upstream (bnc#883380).\n * drm: ast: use drm_can_sleep (bnc#883380).\n * drm/ast: use drm_modeset_lock_all (bnc#883380).\n * drm/: Unified handling of unimplemented fb-&gt;create_handle\n (bnc#883380).\n * drm/mgag200,ast,cirrus: fix regression with drm_can_sleep conversion\n (bnc#883380).\n * drm/mgag200: Consolidate depth/bpp handling (bnc#882324).\n * drm/ast: Initialized data needed to map fbdev memory (bnc#880007).\n * drm/ast: add AST 2400 support (bnc#880007).\n * drm/ast: Initialized data needed to map fbdev memory (bnc#880007).\n * drm/mgag200: on cards with &lt; 2MB VRAM default to 16-bit (bnc#882324).\n * drm/mgag200: fix typo causing bw limits to be ignored on some chips\n (bnc#882324).\n * drm/ttm: do not oops if no invalidate_caches() (bnc#869414).\n *\n\n drm/i915: Break encoder-&gt;crtc link separately in\n intel_sanitize_crtc() (bnc#855126).\n\n *\n\n dlm: keep listening connection alive with sctp mode (bnc#881939)\n\n *\n\n series.conf: Clarify comment about Xen kabi adjustments\n (bnc#876114#c25)\n\n *\n\n btrfs: fix a crash when running balance and defrag concurrently.\n\n * btrfs: unset DCACHE_DISCONNECTED when mounting default subvol\n (bnc#866615).\n * btrfs: free delayed node outside of root-&gt;inode_lock (bnc#866864).\n * btrfs: return EPERM when deleting a default subvolume (bnc#869934).\n *\n\n btrfs: do not loop on large offsets in readdir (bnc#863300)\n\n *\n\n sched: Consider pi boosting in setscheduler.\n\n * sched: Queue RT tasks to head when prio drops.\n * sched: Adjust sched_reset_on_fork when nothing else changes.\n * sched: Fix clock_gettime(CLOCK__CPUTIME_ID) monotonicity\n (bnc#880357).\n * sched: Do not allow scheduler time to go backwards (bnc#880357).\n * sched: Make scale_rt_power() deal with backward clocks (bnc#865310).\n * sched: Use CPUPRI_NR_PRIORITIES instead of MAX_RT_PRIO in cpupri\n check (bnc#871861).\n *\n\n sched: update_rq_clock() must skip ONE update (bnc#869033,\n bnc#868528).\n\n *\n\n tcp: allow to disable cwnd moderation in TCP_CA_Loss state\n (bnc#879921).\n\n * tcp: clear xmit timers in tcp_v4_syn_recv_sock() (bnc#862429).\n * net: add missing bh_unlock_sock() calls (bnc#862429).\n * bonding: fix vlan_features computing (bnc#872634).\n * vlan: more careful checksum features handling (bnc#872634).\n * xfrm: fix race between netns cleanup and state expire notification\n (bnc#879957).\n * xfrm: check peer pointer for null before calling inet_putpeer()\n (bnc#877775).\n *\n\n ipv6: do not overwrite inetpeer metrics prematurely (bnc#867362).\n\n *\n\n pagecachelimit: reduce lru_lock contention for heavy parallel kabi\n fixup: (bnc#878509, bnc#864464).\n\n *\n\n pagecachelimit: reduce lru_lock contention for heavy parallel\n reclaim (bnc#878509, bnc#864464).\n\n *\n\n TTY: serial, cleanup include file (bnc#881571).\n\n * TTY: serial, fix includes in some drivers (bnc#881571).\n *\n\n serial_core: Fix race in uart_handle_dcd_change (bnc#881571).\n\n *\n\n powerpc/perf: Power8 PMU support (bnc#832710).\n\n * powerpc/perf: Add support for SIER (bnc#832710).\n * powerpc/perf: Add regs_no_sipr() (bnc#832710).\n * powerpc/perf: Add an accessor for regs-&gt;result (bnc#832710).\n * powerpc/perf: Convert mmcra_sipr/sihv() to regs_sipr/sihv()\n (bnc#832710).\n *\n\n powerpc/perf: Add an explict flag indicating presence of SLOT field\n (bnc#832710).\n\n *\n\n swiotlb: do not assume PA 0 is invalid (bnc#865882).\n\n *\n\n lockref: implement lockless reference count updates using cmpxchg()\n (FATE#317271).\n\n *\n\n af_iucv: wrong mapping of sent and confirmed skbs (bnc#878407,\n LTC#110452).\n\n * af_iucv: recvmsg problem for SOCK_STREAM sockets (bnc#878407,\n LTC#110452).\n *\n\n af_iucv: fix recvmsg by replacing skb_pull() function (bnc#878407,\n LTC#110452).\n\n *\n\n qla2xxx: Poll during initialization for ISP25xx and ISP83xx\n (bnc#837563).\n\n *\n\n qla2xxx: Fix request queue null dereference (bnc#859840).\n\n *\n\n lpfc 8.3.41: Fixed SLI3 failing FCP write on check-condition\n no-sense with residual zero (bnc#850915).\n\n *\n\n reiserfs: call truncate_setsize under tailpack mutex (bnc#878115).\n\n *\n\n reiserfs: drop vmtruncate (bnc#878115).\n\n *\n\n ipvs: handle IPv6 fragments with one-packet scheduling (bnc#861980).\n\n *\n\n kabi: hide modifications of struct sk_buff done by bnc#861980 fix\n (bnc#861980).\n\n *\n\n loop: remove the incorrect write_begin/write_end shortcut\n (bnc#878123).\n\n *\n\n watchdog: hpwdt patch to display informative string (bnc#862934).\n\n * watchdog: hpwdt: Patch to ignore auxilary iLO devices (bnc#862934).\n * watchdog: hpwdt: Add check for UEFI bits (bnc#862934).\n *\n\n watchdog: hpwdt.c: Increase version string (bnc#862934).\n\n *\n\n hpilo: Correct panic when an AUX iLO is detected (bnc#837563).\n\n *\n\n locking/mutexes: Introduce cancelable MCS lock for adaptive spinning\n (FATE#317271).\n\n *\n\n locking/mutexes: Modify the way optimistic spinners are queued\n (FATE#317271).\n\n * locking/mutexes: Return false if task need_resched() in\n mutex_can_spin_on_owner() (FATE#317271).\n * mutex: Enable the queuing of mutex spinners with MCS lock\n (FATE#317271). config: disabled on all flavors\n *\n\n mutex: Queue mutex spinners with MCS lock to reduce cacheline\n contention (FATE#317271).\n\n *\n\n memcg: deprecate memory.force_empty knob (bnc#878274).\n\n *\n\n kabi: protect struct net from bnc#877013 changes (bnc#877013).\n\n * netfilter: nfnetlink_queue: add net namespace support for\n nfnetlink_queue (bnc#877013).\n * netfilter: make /proc/net/netfilter pernet (bnc#877013).\n * netfilter: xt_hashlimit: fix proc entry leak in netns destroy path\n (bnc#871634).\n * netfilter: xt_hashlimit: fix namespace destroy path (bnc#871634).\n * netfilter: nf_queue: reject NF_STOLEN verdicts from userspace\n (bnc#870877).\n * netfilter: avoid double free in nf_reinject (bnc#870877).\n * netfilter: ctnetlink: fix race between delete and timeout expiration\n (bnc#863410).\n *\n\n netfilter: reuse skb-&gt;nfct_reasm for ipvs conn reference\n (bnc#861980).\n\n *\n\n mm: per-thread vma caching (FATE#317271). config: enable\n CONFIG_VMA_CACHE for x86_64/bigsmp\n\n * mm, hugetlb: improve page-fault scalability (FATE#317271).\n * mm: vmscan: Do not throttle based on pfmemalloc reserves if node has\n no ZONE_NORMAL (bnc#870496).\n * mm: fix off-by-one bug in print_nodes_state() (bnc#792271).\n *\n\n hugetlb: ensure hugepage access is denied if hugepages are not\n supported (PowerKVM crash when mounting hugetlbfs without hugepage support\n (bnc#870498)).\n\n *\n\n SELinux: Increase ebitmap_node size for 64-bit configuration\n (FATE#317271).\n\n *\n\n SELinux: Reduce overhead of mls_level_isvalid() function call\n (FATE#317271).\n\n *\n\n mutex: Fix debug_mutexes (FATE#317271).\n\n * mutex: Fix debug checks (FATE#317271).\n *\n\n locking/mutexes: Unlock the mutex without the wait_lock\n (FATE#317271).\n\n *\n\n epoll: do not take the nested ep-&gt;mtx on EPOLL_CTL_DEL (FATE#317271).\n\n * epoll: do not take global &quot;epmutex&quot; for simple topologies\n (FATE#317271).\n *\n\n epoll: optimize EPOLL_CTL_DEL using rcu (FATE#317271).\n\n *\n\n vfs: Fix missing unlock of vfsmount_lock in unlazy_walk (bnc#880437).\n\n * dcache: kABI fixes for lockref dentries (FATE#317271).\n * vfs: make sure we do not have a stale root path if unlazy_walk()\n fails (FATE#317271).\n * vfs: fix dentry RCU to refcounting possibly sleeping dput()\n (FATE#317271).\n * vfs: use lockref &quot;dead&quot; flag to mark unrecoverably dead dentries\n (FATE#317271).\n * vfs: reimplement d_rcu_to_refcount() using lockref_get_or_lock()\n (FATE#317271).\n * vfs: Remove second variable named error in __dentry_path\n (FATE#317271).\n * make prepend_name() work correctly when called with negative *buflen\n (FATE#317271).\n * prepend_path() needs to reinitialize dentry/vfsmount on restarts\n (FATE#317271).\n * dcache: get/release read lock in read_seqbegin_or_lock() &amp; friend\n (FATE#317271).\n * seqlock: Add a new locking reader type (FATE#317271).\n * dcache: Translating dentry into pathname without taking rename_lock\n (FATE#317271).\n * vfs: make the dentry cache use the lockref infrastructure\n (FATE#317271).\n * vfs: Remove dentry-&gt;d_lock locking from\n shrink_dcache_for_umount_subtree() (FATE#317271).\n * vfs: use lockref_get_not_zero() for optimistic lockless\n dget_parent() (FATE#317271).\n * vfs: constify dentry parameter in d_count() (FATE#317271).\n * helper for reading -&gt;d_count (FATE#317271).\n * lockref: use arch_mutex_cpu_relax() in CMPXCHG_LOOP() (FATE#317271).\n * lockref: allow relaxed cmpxchg64 variant for lockless updates\n (FATE#317271).\n * lockref: use cmpxchg64 explicitly for lockless updates (FATE#317271).\n * lockref: add ability to mark lockrefs &quot;dead&quot; (FATE#317271).\n * lockref: fix docbook argument names (FATE#317271).\n * lockref: Relax in cmpxchg loop (FATE#317271).\n * lockref: implement lockless reference count updates using cmpxchg()\n (FATE#317271).\n * lockref: uninline lockref helper functions (FATE#317271).\n * lockref: add lockref_get_or_lock() helper (FATE#317271).\n *\n\n Add new lockref infrastructure reference implementation\n (FATE#317271).\n\n *\n\n vfs: make lremovexattr retry once on ESTALE error (bnc#876463).\n\n * vfs: make removexattr retry once on ESTALE (bnc#876463).\n * vfs: make llistxattr retry once on ESTALE error (bnc#876463).\n * vfs: make listxattr retry once on ESTALE error (bnc#876463).\n * vfs: make lgetxattr retry once on ESTALE (bnc#876463).\n * vfs: make getxattr retry once on an ESTALE error (bnc#876463).\n * vfs: allow lsetxattr() to retry once on ESTALE errors (bnc#876463).\n * vfs: allow setxattr to retry once on ESTALE errors (bnc#876463).\n * vfs: allow utimensat() calls to retry once on an ESTALE error\n (bnc#876463).\n * vfs: fix user_statfs to retry once on ESTALE errors (bnc#876463).\n * vfs: make fchownat retry once on ESTALE errors (bnc#876463).\n * vfs: make fchmodat retry once on ESTALE errors (bnc#876463).\n * vfs: have chroot retry once on ESTALE error (bnc#876463).\n * vfs: have chdir retry lookup and call once on ESTALE error\n (bnc#876463).\n * vfs: have faccessat retry once on an ESTALE error (bnc#876463).\n * vfs: have do_sys_truncate retry once on an ESTALE error (bnc#876463).\n * vfs: fix renameat to retry on ESTALE errors (bnc#876463).\n * vfs: make do_unlinkat retry once on ESTALE errors (bnc#876463).\n * vfs: make do_rmdir retry once on ESTALE errors (bnc#876463).\n * vfs: fix linkat to retry once on ESTALE errors (bnc#876463).\n * vfs: fix symlinkat to retry on ESTALE errors (bnc#876463).\n * vfs: fix mkdirat to retry once on an ESTALE error (bnc#876463).\n * vfs: fix mknodat to retry on ESTALE errors (bnc#876463).\n * vfs: add a flags argument to user_path_parent (bnc#876463).\n * vfs: fix readlinkat to retry on ESTALE (bnc#876463).\n * vfs: make fstatat retry on ESTALE errors from getattr call\n (bnc#876463).\n *\n\n vfs: add a retry_estale helper function to handle retries on ESTALE\n (bnc#876463).\n\n *\n\n crypto: s390 - fix aes,des ctr mode concurrency finding (bnc#874145,\n LTC#110078).\n\n * s390/cio: fix unlocked access of global bitmap (bnc#874145,\n LTC#109378).\n * s390/css: stop stsch loop after cc 3 (bnc#874145, LTC#109378).\n * s390/pci: add kmsg man page (bnc#874145, LTC#109224).\n * s390/pci/dma: use correct segment boundary size (bnc#866081,\n LTC#104566).\n * cio: Fix missing subchannels after CHPID configure on (bnc#866081,\n LTC#104808).\n * cio: Fix process hangs during subchannel scan (bnc#866081,\n LTC#104805).\n *\n\n cio: fix unusable device (bnc#866081, LTC#104168).\n\n *\n\n qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873).\n\n *\n\n Fix race between starved list and device removal (bnc#861636).\n\n *\n\n namei.h: include errno.h (bnc#876463).\n\n *\n\n ALSA: hda - Implement bind mixer ctls for Conexant (bnc#872188).\n\n * ALSA: hda - Fix invalid Auto-Mute Mode enum from cxt codecs\n (bnc#872188).\n * ALSA: hda - Fix conflicting Capture Source on cxt codecs\n (bnc#872188).\n *\n\n ALSA: usb-audio: Fix NULL dereference while quick replugging\n (bnc#870335).\n\n *\n\n powerpc: Bring all threads online prior to migration/hibernation\n (bnc#870591).\n\n * powerpc/pseries: Update dynamic cache nodes for suspend/resume\n operation (bnc#873463).\n * powerpc/pseries: Device tree should only be updated once after\n suspend/migrate (bnc#873463).\n * powerpc/pseries: Expose in kernel device tree update to drmgr\n (bnc#873463).\n *\n\n powerpc: Add second POWER8 PVR entry (bnc#874440).\n\n *\n\n libata/ahci: accommodate tag ordered controllers (bnc#871728)\n\n *\n\n md: try to remove cause of a spinning md thread (bnc#875386).\n\n *\n\n md: fix up plugging (again) (bnc#866800).\n\n *\n\n NFSv4: Fix a reboot recovery race when opening a file (bnc#864404).\n\n * NFSv4: Ensure delegation recall and byte range lock removal do not\n conflict (bnc#864404).\n * NFSv4: Fix up the return values of nfs4_open_delegation_recall\n (bnc#864404).\n * NFSv4.1: Do not lose locks when a server reboots during delegation\n return (bnc#864404).\n * NFSv4.1: Prevent deadlocks between state recovery and file locking\n (bnc#864404).\n * NFSv4: Allow the state manager to mark an open_owner as being\n recovered (bnc#864404).\n * NFS: nfs_inode_return_delegation() should always flush dirty data\n (bnc#864404).\n * NFSv4: nfs_client_return_marked_delegations cannot flush data\n (bnc#864404).\n * NFS: avoid excessive GETATTR request when attributes expired but\n cached directory is valid (bnc#857926).\n * seqlock: add &quot;raw_seqcount_begin()&quot; function (bnc#864404).\n * Allow nfsdv4 to work when fips=1 (bnc#868488).\n * NFSv4: Add ACCESS operation to OPEN compound (bnc#870958).\n * NFSv4: Fix unnecessary delegation returns in nfs4_do_open\n (bnc#870958).\n * NFSv4: The NFSv4.0 client must send RENEW calls if it holds a\n delegation (bnc#863873).\n * NFSv4: nfs4_proc_renew should be declared static (bnc#863873).\n * NFSv4: do not put ACCESS in OPEN compound if O_EXCL (bnc#870958).\n * NFS: revalidate on open if dcache is negative (bnc#876463).\n * NFSD add module parameter to disable delegations (bnc#876463).\n *\n\n Do not lose sockets when nfsd shutdown races with connection timeout\n (bnc#871854).\n\n *\n\n timer: Prevent overflow in apply_slack (bnc#873061).\n\n *\n\n mei: me: do not load the driver if the FW does not support MEI\n interface (bnc#821619).\n\n *\n\n ipmi: Reset the KCS timeout when starting error recovery\n (bnc#870618).\n\n * ipmi: Fix a race restarting the timer (bnc#870618).\n *\n\n ipmi: increase KCS timeouts (bnc#870618).\n\n *\n\n bnx2x: Fix kernel crash and data miscompare after EEH recovery\n (bnc#881761).\n\n *\n\n bnx2x: Adapter not recovery from EEH error injection (bnc#881761).\n\n *\n\n kabi: hide modifications of struct inet_peer done by bnc#867953 fix\n (bnc#867953).\n\n *\n\n inetpeer: prevent unlinking from unused list twice (bnc#867953).\n\n *\n\n Ignore selected taints for tracepoint modules (bnc#870450,\n FATE#317134).\n\n * Use &quot;E&quot; instead of &quot;X&quot; for unsigned module taint flag\n (bnc#870450,FATE#317134).\n *\n\n Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE\n (bnc#870450,FATE#317134).\n\n *\n\n xhci: extend quirk for Renesas cards (bnc#877497).\n\n * scsi: return target failure on EMC inactive snapshot (bnc#840524).\n * virtio_balloon: do not softlockup on huge balloon changes\n (bnc#871899).\n * ch: add refcounting (bnc#867517).\n * storvsc: NULL pointer dereference fix (bnc#865330).\n * Unlock the rename_lock in dentry_path() in the case when path is too\n long (bnc#868748).\n", "modified": "2014-07-17T04:35:29", "published": "2014-07-17T04:35:29", "id": "SUSE-SU-2014:0909-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00013.html", "title": "Security update for Linux kernel (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}