DATABASE RESOURCES PRICING ABOUT US

{"id": "SECURITYVULNS:VULN:9357", "vendorId": null, "type": "securityvulns", "bulletinFamily": "software", "title": "Linux kernel multiple security vulnerabilities", "description": "\u041c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 DoS-\u0443\u0441\u043b\u043e\u0432\u0438\u044f, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0433\u0440\u0443\u043f\u043f\u044b \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u0439\u043b\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u044b\u0437\u043e\u0432\u044b", "published": "2008-10-18T00:00:00", "modified": "2008-10-18T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9357", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:20702", "https://vulners.com/securityvulns/securityvulns:doc:20734"], "cvelist": ["CVE-2008-1514", "CVE-2008-3525", "CVE-2008-4445", "CVE-2008-3831", "CVE-2008-4113", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-3833"], "immutableFields": [], "lastseen": "2018-08-31T11:09:31", "viewCount": 27, "enchantments": {"score": {"value": 1.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0957", "CESA-2008:0972", "CESA-2008:0973", "CESA-2008:1017", "CESA-2009:0001-01"]}, {"type": "cve", "idList": ["CVE-2008-1514", "CVE-2008-2365", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-3833", "CVE-2008-4113", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-4445"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1653-1:79C02", "DEBIAN:DSA-1655-1:FE487"]}, {"type": "exploitdb", "idList": ["EDB-ID:7618"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:EC9FBB1179C6EA9FB5372E78625E4126"]}, {"type": "fedora", "idList": ["FEDORA:0A08C10F8CD", "FEDORA:2A46A208DA7", "FEDORA:3F37F208972", "FEDORA:6D5F810F87F", "FEDORA:B7B94208D5F", "FEDORA:EA327208DDB"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0957.NASL", "CENTOS_RHSA-2008-0972.NASL", "CENTOS_RHSA-2008-0973.NASL", "CENTOS_RHSA-2008-1017.NASL", "DEBIAN_DSA-1653.NASL", "DEBIAN_DSA-1655.NASL", "FEDORA_2008-8929.NASL", "FEDORA_2008-8980.NASL", "MANDRIVA_MDVSA-2008-223.NASL", "MANDRIVA_MDVSA-2008-224.NASL", "ORACLELINUX_ELSA-2008-0957.NASL", "ORACLELINUX_ELSA-2008-0972.NASL", "ORACLELINUX_ELSA-2008-0973.NASL", "ORACLELINUX_ELSA-2008-1017.NASL", "REDHAT-RHSA-2008-0957.NASL", "REDHAT-RHSA-2008-0972.NASL", "REDHAT-RHSA-2008-0973.NASL", "REDHAT-RHSA-2008-1017.NASL", "REDHAT-RHSA-2009-0001.NASL", "SL_20081104_KERNEL_ON_SL5_X.NASL", "SL_20081119_KERNEL_ON_SL4_X.NASL", "SL_20081216_KERNEL_ON_SL3_X.NASL", "SL_20081216_KERNEL_ON_SL5_X.NASL", "SUSE_11_0_KERNEL-081022.NASL", "SUSE_11_0_KERNEL-090114.NASL", "SUSE_KERNEL-5566.NASL", "SUSE_KERNEL-5608.NASL", "SUSE_KERNEL-5667.NASL", "SUSE_KERNEL-5668.NASL", "SUSE_KERNEL-5700.NASL", "SUSE_KERNEL-5734.NASL", "SUSE_KERNEL-5735.NASL", "SUSE_KERNEL-5751.NASL", "UBUNTU_USN-659-1.NASL", "UBUNTU_USN-679-1.NASL", "VMWARE_VMSA-2009-0014.NASL", "VMWARE_VMSA-2009-0014_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122536", "OPENVAS:1361412562310122545", "OPENVAS:136141256231063097", "OPENVAS:136141256231063132", "OPENVAS:136141256231063224", "OPENVAS:136141256231063250", "OPENVAS:136141256231063290", "OPENVAS:136141256231063344", "OPENVAS:136141256231064077", "OPENVAS:136141256231064296", "OPENVAS:136141256231065175", "OPENVAS:136141256231065259", "OPENVAS:136141256231065914", "OPENVAS:1361412562310830443", "OPENVAS:1361412562310830717", "OPENVAS:1361412562310830738", "OPENVAS:1361412562310870022", "OPENVAS:1361412562310870061", "OPENVAS:1361412562310870063", "OPENVAS:1361412562310870088", "OPENVAS:1361412562310880041", "OPENVAS:1361412562310880079", "OPENVAS:1361412562310880082", "OPENVAS:1361412562310880111", "OPENVAS:1361412562310880937", "OPENVAS:61775", "OPENVAS:61777", "OPENVAS:63097", "OPENVAS:63132", "OPENVAS:63224", "OPENVAS:63250", "OPENVAS:63290", "OPENVAS:63344", "OPENVAS:64077", "OPENVAS:64296", "OPENVAS:65175", "OPENVAS:65259", "OPENVAS:65914", "OPENVAS:830443", "OPENVAS:830717", "OPENVAS:830738", "OPENVAS:840224", "OPENVAS:840288", "OPENVAS:850001", "OPENVAS:850005", "OPENVAS:850008", "OPENVAS:850035", "OPENVAS:850045", "OPENVAS:860468", "OPENVAS:860537", "OPENVAS:860598", "OPENVAS:870022", "OPENVAS:870061", "OPENVAS:870063", "OPENVAS:870088", "OPENVAS:880041", "OPENVAS:880079", "OPENVAS:880082", "OPENVAS:880111", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0957", "ELSA-2008-0972", "ELSA-2008-0973", "ELSA-2008-1017", "ELSA-2009-0225"]}, {"type": "osv", "idList": ["OSV:DSA-1653-1", "OSV:DSA-1655-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0787", "RHSA-2008:0857", "RHSA-2008:0957", "RHSA-2008:0972", "RHSA-2008:0973", "RHSA-2008:1017", "RHSA-2009:0001", "RHSA-2009:0009"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20702", "SECURITYVULNS:DOC:20734", "SECURITYVULNS:DOC:28783"]}, {"type": "seebug", "idList": ["SSV:10343", "SSV:4059", "SSV:4118", "SSV:4272", "SSV:66112"]}, {"type": "suse", "idList": ["SUSE-SA:2008:047", "SUSE-SA:2008:049", "SUSE-SA:2008:051", "SUSE-SA:2008:052", "SUSE-SA:2008:053", "SUSE-SA:2008:056", "SUSE-SA:2008:057", "SUSE-SA:2009:003"]}, {"type": "ubuntu", "idList": ["USN-659-1", "USN-679-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-1514", "UB:CVE-2008-2365", "UB:CVE-2008-3525", "UB:CVE-2008-3831", "UB:CVE-2008-3833", "UB:CVE-2008-4113", "UB:CVE-2008-4210", "UB:CVE-2008-4302", "UB:CVE-2008-4445"]}, {"type": "veracode", "idList": ["VERACODE:23449", "VERACODE:23466", "VERACODE:23467", "VERACODE:23468", "VERACODE:23717", "VERACODE:23718"]}, {"type": "vmware", "idList": ["VMSA-2009-0014", "VMSA-2009-0014.3"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0957", "CESA-2008:0972", "CESA-2008:0973", "CESA-2008:1017", "CESA-2009:0001-01"]}, {"type": "cve", "idList": ["CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-3833", "CVE-2008-4113", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-4445"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1655-1:FE487"]}, {"type": "exploitdb", "idList": ["EDB-ID:7618"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:EC9FBB1179C6EA9FB5372E78625E4126"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2008-3833/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-1017.NASL", "SL_20081216_KERNEL_ON_SL3_X.NASL", "SUSE_KERNEL-5700.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065259", "OPENVAS:830717", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0957", "ELSA-2008-0972", "ELSA-2008-0973", "ELSA-2008-1017", "ELSA-2009-0225"]}, {"type": "redhat", "idList": ["RHSA-2008:0957", "RHSA-2008:0972", "RHSA-2008:0973", "RHSA-2008:1017"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28783"]}, {"type": "seebug", "idList": ["SSV:10343"]}, {"type": "suse", "idList": ["SUSE-SA:2008:047"]}, {"type": "ubuntu", "idList": ["USN-659-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4445"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "kernel", "version": 2}]}, "epss": [{"cve": "CVE-2008-1514", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2008-3525", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2008-4445", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2008-3831", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2008-4113", "epss": "0.000440000", "percentile": "0.083920000", "modified": "2023-03-19"}, {"cve": "CVE-2008-4210", "epss": "0.000420000", "percentile": "0.004970000", "modified": "2023-03-19"}, {"cve": "CVE-2008-4302", "epss": "0.000420000", "percentile": "0.004970000", "modified": "2023-03-19"}, {"cve": "CVE-2008-3833", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}], "vulnersScore": 1.5}, "_state": {"dependencies": 1678960946, "score": 1698853398, "affected_software_major_version": 0, "epss": 1679310407}, "_internal": {"score_hash": "b015e49ac1ec5c2404e1146babfea222"}, "sourceData": "", "affectedSoftware": [{"name": "kernel", "operator": "eq", "version": "2.6"}], "appercut": {}, "exploitpack": {}, "hackapp": {}, "toolHref": "", "w3af": {}}

{"nessus": [{"lastseen": "2023-11-28T14:56:26", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a leak of sensitive data. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-1514 Jan Kratochvil reported a local denial of service vulnerability in the ptrace interface for the s390 architecture. Local users can trigger an invalid pointer dereference, leading to a system panic.\n\n - CVE-2008-3525 Eugene Teo reported a lack of capability checks in the kernel driver for Granch SBNI12 leased line adapters (sbni), allowing local users to perform privileged operations.\n\n - CVE-2008-3831 Olaf Kirch discovered an issue with the i915 driver that may allow local users to cause memory corruption by use of an ioctl with insufficient privilege restrictions.\n\n - CVE-2008-4113/ CVE-2008-4445 Eugene Teo discovered two issues in the SCTP subsystem which allow local users to obtain access to sensitive memory when the SCTP-AUTH extension is enabled.", "cvss3": {}, "published": "2008-10-20T00:00:00", "type": "nessus", "title": "Debian DSA-1655-1 : linux-2.6.24 - denial of service/information leak/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-4113", "CVE-2008-4445"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1655.NASL", "href": "https://www.tenable.com/plugins/nessus/34444", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1655. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34444);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-4113\", \"CVE-2008-4445\");\n script_bugtraq_id(31177);\n script_xref(name:\"DSA\", value:\"1655\");\n\n script_name(english:\"Debian DSA-1655-1 : linux-2.6.24 - denial of service/information leak/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a leak of\nsensitive data. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-1514\n Jan Kratochvil reported a local denial of service\n vulnerability in the ptrace interface for the s390\n architecture. Local users can trigger an invalid pointer\n dereference, leading to a system panic.\n\n - CVE-2008-3525\n Eugene Teo reported a lack of capability checks in the\n kernel driver for Granch SBNI12 leased line adapters\n (sbni), allowing local users to perform privileged\n operations.\n\n - CVE-2008-3831\n Olaf Kirch discovered an issue with the i915 driver that\n may allow local users to cause memory corruption by use\n of an ioctl with insufficient privilege restrictions.\n\n - CVE-2008-4113/ CVE-2008-4445\n Eugene Teo discovered two issues in the SCTP subsystem\n which allow local users to obtain access to sensitive\n memory when the SCTP-AUTH extension is enabled.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1655\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:56:34", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-6716 Joe Jin reported a local denial of service vulnerability that allows system users to trigger an oops due to an improperly initialized data structure.\n\n - CVE-2008-1514 Jan Kratochvil reported a local denial of service vulnerability in the ptrace interface for the s390 architecture. Local users can trigger an invalid pointer dereference, leading to a system panic.\n\n - CVE-2008-3276 Eugene Teo reported an integer overflow in the DCCP subsystem that may allow remote attackers to cause a denial of service in the form of a kernel panic.\n\n - CVE-2008-3525 Eugene Teo reported a lack of capability checks in the kernel driver for Granch SBNI12 leased line adapters (sbni), allowing local users to perform privileged operations.\n\n - CVE-2008-3833 The S_ISUID/S_ISGID bits were not being cleared during an inode splice, which, under certain conditions, can be exploited by local users to obtain the privileges of a group for which they are not a member. Mark Fasheh reported this issue.\n\n - CVE-2008-4210 David Watson reported an issue in the open()/creat() system calls which, under certain conditions, can be exploited by local users to obtain the privileges of a group for which they are not a member.\n\n - CVE-2008-4302 A coding error in the splice subsystem allows local users to attempt to unlock a page structure that has not been locked, resulting in a system crash.", "cvss3": {}, "published": "2008-10-14T00:00:00", "type": "nessus", "title": "Debian DSA-1653-1 : linux-2.6 - denial of service/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3276", "CVE-2008-3525", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1653.NASL", "href": "https://www.tenable.com/plugins/nessus/34392", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1653. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34392);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_bugtraq_id(31177, 31368, 31515);\n script_xref(name:\"DSA\", value:\"1653\");\n\n script_name(english:\"Debian DSA-1653-1 : linux-2.6 - denial of service/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2007-6716\n Joe Jin reported a local denial of service vulnerability\n that allows system users to trigger an oops due to an\n improperly initialized data structure.\n\n - CVE-2008-1514\n Jan Kratochvil reported a local denial of service\n vulnerability in the ptrace interface for the s390\n architecture. Local users can trigger an invalid pointer\n dereference, leading to a system panic.\n\n - CVE-2008-3276\n Eugene Teo reported an integer overflow in the DCCP\n subsystem that may allow remote attackers to cause a\n denial of service in the form of a kernel panic.\n\n - CVE-2008-3525\n Eugene Teo reported a lack of capability checks in the\n kernel driver for Granch SBNI12 leased line adapters\n (sbni), allowing local users to perform privileged\n operations.\n\n - CVE-2008-3833\n The S_ISUID/S_ISGID bits were not being cleared during\n an inode splice, which, under certain conditions, can be\n exploited by local users to obtain the privileges of a\n group for which they are not a member. Mark Fasheh\n reported this issue.\n\n - CVE-2008-4210\n David Watson reported an issue in the open()/creat()\n system calls which, under certain conditions, can be\n exploited by local users to obtain the privileges of a\n group for which they are not a member.\n\n - CVE-2008-4302\n A coding error in the splice subsystem allows local\n users to attempt to unlock a page structure that has not\n been locked, resulting in a system crash.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1653\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-22etch3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:55:04", "description": "This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid bit to be set via the mode argument even when, due to the bsdgroups mount option or the file being created in a setgid directory, the new file's group is one which the user is not a member of. The local attacker could then use ftruncate() and memory-mapped I/O to turn the new file into an arbitrary binary and thus gain the privileges of this group, since these operations do not clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5668)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5668.NASL", "href": "https://www.tenable.com/plugins/nessus/41535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41535);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5668)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes\nvarious bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid\n bit to be set via the mode argument even when, due to\n the bsdgroups mount option or the file being created in\n a setgid directory, the new file's group is one which\n the user is not a member of. The local attacker could\n then use ftruncate() and memory-mapped I/O to turn the\n new file into an arbitrary binary and thus gain the\n privileges of this group, since these operations do not\n clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a\n denial of service (kernel panic) via the\n user-area-padding test from the ptrace testsuite in\n 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1514.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5668.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.31\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:45:53", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nBuffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. (CVE-2008-3496)\n\nThe sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. (CVE-2008-3525)\n\nInteger overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option. (CVE-2008-3526)\n\nThe sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113. (CVE-2008-4445)\n\nAdditionaly, fixes for sound on NEC Versa S9100 and others were added, PATA and AHCI support for Intel ICH10 was added, a fix to allow better disk transfer speeds was made for Hercules EC-900 mini-notebook, a cyrus-imapd corruption issue in x86_64 arch was solved, RealTek 8169/8168/8101 support was improved, and a few other things. Check the package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:223)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3496", "CVE-2008-3525", "CVE-2008-3526", "CVE-2008-4113", "CVE-2008-4445"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-server-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-server-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-server-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-laptop-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-laptop-latest", "p-cpe:/a:mandriva:linux:kernel-server-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-server-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-server-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-server-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-server-latest"], "id": "MANDRIVA_MDVSA-2008-223.NASL", "href": "https://www.tenable.com/plugins/nessus/37065", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:223. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37065);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3496\", \"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-4445\");\n script_xref(name:\"MDVSA\", value:\"2008:223\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:223)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nBuffer overflow in format descriptor parsing in the uvc_parse_format\nfunction in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the\nvideo4linux (V4L) implementation in the Linux kernel before 2.6.26.1\nhas unknown impact and attack vectors. (CVE-2008-3496)\n\nThe sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem\nin the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN\ncapability before processing a (1) SIOCDEVRESINSTATS, (2)\nSIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl\nrequest, which allows local users to bypass intended capability\nrestrictions. (CVE-2008-3525)\n\nInteger overflow in the sctp_setsockopt_auth_key function in\nnet/sctp/socket.c in the Stream Control Transmission Protocol (sctp)\nimplementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows\nremote attackers to cause a denial of service (panic) or possibly have\nunspecified other impact via a crafted sca_keylength field associated\nwith the SCTP_AUTH_KEY option. (CVE-2008-3526)\n\nThe sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream\nControl Transmission Protocol (sctp) implementation in the Linux\nkernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does\nnot verify that the identifier index is within the bounds established\nby SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive\ninformation via a crafted SCTP_HMAC_IDENT IOCTL request involving the\nsctp_getsockopt function, a different vulnerability than\nCVE-2008-4113. (CVE-2008-4445)\n\nAdditionaly, fixes for sound on NEC Versa S9100 and others were added,\nPATA and AHCI support for Intel ICH10 was added, a fix to allow better\ndisk transfer speeds was made for Hercules EC-900 mini-notebook, a\ncyrus-imapd corruption issue in x86_64 arch was solved, RealTek\n8169/8168/8101 support was improved, and a few other things. Check the\npackage changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/35343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/39048\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-devel-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.24.7-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-2.6.24.7-desktop-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"actuator-kernel-2.6.24.7-desktop586-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-2.6.24.7-laptop-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-2.6.24.7-server-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-desktop-latest-1.0.5-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"actuator-kernel-desktop586-latest-1.0.5-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-laptop-latest-1.0.5-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-server-latest-1.0.5-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-2.6.24.7-desktop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.24.7-desktop586-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-2.6.24.7-laptop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-2.6.24.7-server-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081031.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081031.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-laptop-latest-0.5.1-1.20081031.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081031.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-2.6.24.7-desktop-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"dkms-pcc-acpi-kernel-2.6.24.7-desktop586-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-2.6.24.7-laptop-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-2.6.24.7-server-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-desktop-latest-0.9-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"dkms-pcc-acpi-kernel-desktop586-latest-0.9-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-laptop-latest-0.9-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-server-latest-0.9-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-2.6.24.7-desktop-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.24.7-desktop586-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-2.6.24.7-laptop-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-2.6.24.7-server-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20081031.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081031.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-laptop-latest-2.3.0-1.20081031.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20081031.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-2.6.24.7-desktop-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"em8300-kernel-2.6.24.7-desktop586-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-2.6.24.7-laptop-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-2.6.24.7-server-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-desktop-latest-0.16.4-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"em8300-kernel-desktop586-latest-0.16.4-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-laptop-latest-0.16.4-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-server-latest-0.16.4-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-2.6.24.7-desktop-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"et131x-kernel-2.6.24.7-desktop-2mnb-1.2.3-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-2.6.24.7-desktop586-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-2.6.24.7-laptop-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"et131x-kernel-2.6.24.7-laptop-2mnb-1.2.3-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-2.6.24.7-server-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"et131x-kernel-2.6.24.7-server-2mnb-1.2.3-4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081031.4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-laptop-latest-1.2.3-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"et131x-kernel-laptop-latest-1.2.3-1.20081031.4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081031.4.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.7-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.7-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.7-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.7-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-desktop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-desktop586-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-laptop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-server-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.7-desktop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.7-desktop586-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.7-laptop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.7-server-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-desktop-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-desktop586-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-laptop-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-server-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.7-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.7-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.7-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.7-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-desktop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-desktop586-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-laptop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-server-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.7-desktop-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.7-desktop586-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.7-laptop-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.7-server-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-desktop-latest-3.11.05-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-desktop586-latest-3.11.05-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-laptop-latest-3.11.05-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-server-latest-3.11.05-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.7-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.7-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.7-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.7-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-desktop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-desktop586-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-laptop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-server-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.7-desktop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.7-desktop586-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.7-laptop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.7-server-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-desktop-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-desktop586-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-laptop-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-server-latest-3.11.07-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.7-desktop-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.7-desktop586-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.7-laptop-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.7-server-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-desktop-latest-3.11.05-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-desktop586-latest-3.11.05-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-laptop-latest-3.11.05-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-server-latest-3.11.05-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.7-desktop-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.7-desktop586-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.7-laptop-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.7-server-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20081031.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20081031.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-laptop-latest-3.11.07-1.20081031.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20081031.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.7-desktop-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.7-desktop586-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.7-laptop-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.7-server-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-desktop-latest-3.11.04-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-desktop586-latest-3.11.04-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-laptop-latest-3.11.04-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-server-latest-3.11.04-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.7-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.7-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.7-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.7-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-desktop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-desktop586-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-laptop-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-server-latest-3.11.07-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-2.6.24.7-desktop-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.24.7-desktop586-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-2.6.24.7-laptop-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-2.6.24.7-server-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-desktop-latest-8.471-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.471-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-laptop-latest-8.471-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-server-latest-8.471-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.7-desktop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.7-desktop586-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.7-laptop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.7-server-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-desktop-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-desktop586-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-laptop-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-server-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.7-desktop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.7-desktop586-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.7-laptop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.7-server-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-desktop-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-desktop586-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-laptop-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-server-latest-3.11.06-1.20081031.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gspca-kernel-2.6.24.7-desktop-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"gspca-kernel-2.6.24.7-desktop586-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gspca-kernel-2.6.24.7-laptop-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gspca-kernel-2.6.24.7-server-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gspca-kernel-desktop-latest-1.00.20-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"gspca-kernel-desktop586-latest-1.00.20-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gspca-kernel-laptop-latest-1.00.20-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gspca-kernel-server-latest-1.00.20-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-2.6.24.7-desktop-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.24.7-desktop586-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-2.6.24.7-laptop-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-2.6.24.7-server-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.07-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.07-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-laptop-latest-7.68.00.07-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-server-latest-7.68.00.07-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-2.6.24.7-desktop-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ipw3945-kernel-2.6.24.7-desktop586-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-2.6.24.7-laptop-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-2.6.24.7-server-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-desktop-latest-1.2.2-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ipw3945-kernel-desktop586-latest-1.2.2-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-laptop-latest-1.2.2-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-server-latest-1.2.2-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-2.6.24.7-desktop-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"iwlwifi-kernel-2.6.24.7-desktop586-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-2.6.24.7-laptop-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-2.6.24.7-server-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-desktop-latest-1.2.25-1.20081031.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"iwlwifi-kernel-desktop586-latest-1.2.25-1.20081031.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-laptop-latest-1.2.25-1.20081031.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-server-latest-1.2.25-1.20081031.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-devel-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-devel-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-doc-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-devel-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-devel-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-devel-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-devel-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-source-2.6.24.7-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-source-latest-2.6.24.7-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-2.6.24.7-desktop-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.24.7-desktop586-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-2.6.24.7-laptop-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-2.6.24.7-server-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-desktop-latest-1.3.0pre11-1.20081031.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.3.0pre11-1.20081031.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-laptop-latest-1.3.0pre11-1.20081031.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-server-latest-1.3.0pre11-1.20081031.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-2.6.24.7-desktop-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libafs-kernel-2.6.24.7-desktop586-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-2.6.24.7-laptop-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-2.6.24.7-server-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-desktop-latest-1.4.6-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libafs-kernel-desktop586-latest-1.4.6-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-laptop-latest-1.4.6-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-server-latest-1.4.6-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-2.6.24.7-desktop-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lirc-kernel-2.6.24.7-desktop586-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-2.6.24.7-laptop-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-2.6.24.7-server-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-desktop-latest-0.8.2-1.20081031.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.2-1.20081031.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-laptop-latest-0.8.2-1.20081031.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-server-latest-0.8.2-1.20081031.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-2.6.24.7-desktop-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lzma-kernel-2.6.24.7-desktop586-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-2.6.24.7-laptop-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-2.6.24.7-server-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-desktop-latest-4.43-1.20081031.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20081031.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-laptop-latest-4.43-1.20081031.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-server-latest-4.43-1.20081031.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-2.6.24.7-desktop-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"m560x-kernel-2.6.24.7-desktop586-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-2.6.24.7-laptop-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-2.6.24.7-server-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-desktop-latest-0.4.0-1.20081031.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"m560x-kernel-desktop586-latest-0.4.0-1.20081031.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-laptop-latest-0.4.0-1.20081031.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-server-latest-0.4.0-1.20081031.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-2.6.24.7-desktop-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.24.7-desktop586-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-2.6.24.7-laptop-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-2.6.24.7-server-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-desktop-latest-0.9.3.3-1.20081031.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.3.3-1.20081031.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-laptop-latest-0.9.3.3-1.20081031.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-server-latest-0.9.3.3-1.20081031.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-2.6.24.7-desktop-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ndiswrapper-kernel-2.6.24.7-desktop586-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-2.6.24.7-laptop-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-2.6.24.7-server-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-desktop-latest-1.52-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ndiswrapper-kernel-desktop586-latest-1.52-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-laptop-latest-1.52-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-server-latest-1.52-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-2.6.24.7-desktop-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.24.7-desktop586-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-2.6.24.7-laptop-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-2.6.24.7-server-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-desktop-latest-169.12-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-169.12-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-laptop-latest-169.12-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-server-latest-169.12-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-2.6.24.7-desktop-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.24.7-desktop586-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-2.6.24.7-laptop-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-2.6.24.7-server-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.04-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.04-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-laptop-latest-71.86.04-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-server-latest-71.86.04-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-2.6.24.7-desktop-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.24.7-desktop586-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-2.6.24.7-laptop-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-2.6.24.7-server-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.05-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.05-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-laptop-latest-96.43.05-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-server-latest-96.43.05-1.20081031.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-2.6.24.7-desktop-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"omfs-kernel-2.6.24.7-desktop586-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-2.6.24.7-laptop-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-2.6.24.7-server-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-desktop-latest-0.7.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.7.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-laptop-latest-0.7.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-server-latest-0.7.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-2.6.24.7-desktop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.24.7-desktop586-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-2.6.24.7-laptop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-2.6.24.7-server-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-laptop-latest-0.4.2a-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-2.6.24.7-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.24.7-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-2.6.24.7-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-2.6.24.7-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-laptop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-2.6.24.7-desktop-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"qc-usb-messenger-kernel-2.6.24.7-desktop586-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-2.6.24.7-laptop-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-2.6.24.7-server-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-desktop-latest-1.7-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"qc-usb-messenger-kernel-desktop586-latest-1.7-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-laptop-latest-1.7-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-server-latest-1.7-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-2.6.24.7-desktop-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"r5u870-kernel-2.6.24.7-desktop586-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-2.6.24.7-laptop-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-2.6.24.7-server-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-desktop-latest-0.11.0-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"r5u870-kernel-desktop586-latest-0.11.0-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-laptop-latest-0.11.0-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-server-latest-0.11.0-1.20081031.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-2.6.24.7-desktop-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"realcrypt-kernel-2.6.24.7-desktop586-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-2.6.24.7-laptop-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-2.6.24.7-server-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-desktop-latest-4.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"realcrypt-kernel-desktop586-latest-4.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-laptop-latest-4.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-server-latest-4.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.7-desktop-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.7-desktop586-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.7-laptop-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.7-server-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20081031.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20081031.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-laptop-latest-2.9.11-1.20081031.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20081031.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-2.6.24.7-desktop-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-kernel-2.6.24.7-desktop586-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-2.6.24.7-laptop-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-2.6.24.7-server-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-desktop-latest-3.3-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-kernel-desktop586-latest-3.3-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-laptop-latest-3.3-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-server-latest-3.3-1.20081031.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-2.6.24.7-desktop-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.24.7-desktop586-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-2.6.24.7-laptop-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-2.6.24.7-server-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-laptop-latest-3.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-2.6.24.7-desktop-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.24.7-desktop586-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-2.6.24.7-laptop-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-2.6.24.7-server-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-desktop-latest-1.3.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"syntek-kernel-desktop586-latest-1.3.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-laptop-latest-1.3.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-server-latest-1.3.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-2.6.24.7-desktop-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.24.7-desktop586-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-2.6.24.7-laptop-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-2.6.24.7-server-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-desktop-latest-0.36-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.36-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-laptop-latest-0.36-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-server-latest-0.36-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.7-desktop-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.7-desktop586-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.7-laptop-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.7-server-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-desktop-latest-0.9.3-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-desktop586-latest-0.9.3-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-laptop-latest-0.9.3-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-server-latest-0.9.3-1.20081031.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-2.6.24.7-desktop-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unionfs-kernel-2.6.24.7-desktop586-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-2.6.24.7-laptop-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-2.6.24.7-server-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-desktop-latest-1.4.1mdv2008.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unionfs-kernel-desktop586-latest-1.4.1mdv2008.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-laptop-latest-1.4.1mdv2008.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-server-latest-1.4.1mdv2008.1-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.7-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.7-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.7-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.7-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-laptop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-server-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.7-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.7-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.7-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.7-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-laptop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-server-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-2.6.24.7-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.24.7-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-2.6.24.7-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-2.6.24.7-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-desktop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-laptop-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-server-latest-1.5.6-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-2.6.24.7-desktop-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.24.7-desktop586-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-2.6.24.7-laptop-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-2.6.24.7-server-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-laptop-latest-4.8.01.0640-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20081031.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:33:13", "description": "This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid bit to be set via the mode argument even when, due to the bsdgroups mount option or the file being created in a setgid directory, the new file's group is one which the user is not a member of. The local attacker could then use ftruncate() and memory-mapped I/O to turn the new file into an arbitrary binary and thus gain the privileges of this group, since these operations do not clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5667)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5667.NASL", "href": "https://www.tenable.com/plugins/nessus/59132", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59132);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5667)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes\nvarious bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid\n bit to be set via the mode argument even when, due to\n the bsdgroups mount option or the file being created in\n a setgid directory, the new file's group is one which\n the user is not a member of. The local attacker could\n then use ftruncate() and memory-mapped I/O to turn the\n new file into an arbitrary binary and thus gain the\n privileges of this group, since these operations do not\n clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a\n denial of service (kernel panic) via the\n user-area-padding test from the ptrace testsuite in\n 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1514.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5667.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-24T16:19:38", "description": "From Red Hat Security Advisory 2008:0957 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\n[Updated 12th November 2008] The original packages distributed with this errata had a bug which prevented the Xen kernel booting on older hardware. We have updated the packages to correct this bug.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. (CVE-2007-5907, Important)\n\n* Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation. This could allow a local unprivileged user to cause a denial of service or escalate privileges.\n(CVE-2008-3527, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, CVE-2008-3833, Important)\n\n* a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n* a flaw was found in the Linux kernel when running on AMD64 systems.\nDuring a context switch, EFLAGS were being neither saved nor restored.\nThis could allow a local unprivileged user to cause a denial of service. (CVE-2006-5755, Low)\n\n* a flaw was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to cause a denial of service. (CVE-2008-2372, Low)\n\n* an integer overflow was discovered in the Linux kernel Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. By default, remote DCCP is blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* random32() seeding has been improved.\n\n* in a multi-core environment, a race between the QP async event-handler and the destro_qp() function could occur. This led to unpredictable results during invalid memory access, which could lead to a kernel crash.\n\n* a format string was omitted in the call to the request_module() function.\n\n* a stack overflow caused by an infinite recursion bug in the binfmt_misc kernel module was corrected.\n\n* the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for scatterlist usage before calling kmap_atomic().\n\n* a sentinel NUL byte was added to the device_write() function to ensure that lspace.name is NUL-terminated.\n\n* in the character device driver, a range_is_allowed() check was added to the read_mem() and write_mem() functions. It was possible for an illegitimate application to bypass these checks, and access /dev/mem beyond the 1M limit by calling mmap_mem() instead. Also, the parameters of range_is_allowed() were changed to cleanly handle greater than 32-bits of physical address on 32-bit architectures.\n\n* some of the newer Nehalem-based systems declare their CPU DSDT entries as type 'Alias'. During boot, this caused an 'Error attaching device data' message to be logged.\n\n* the evtchn event channel device lacked locks and memory barriers.\nThis has led to xenstore becoming unresponsive on the Itanium(r) architecture.\n\n* sending of gratuitous ARP packets in the Xen frontend network driver is now delayed until the backend signals that its carrier status has been processed by the stack.\n\n* on forcedeth devices, whenever setting ethtool parameters for link speed, the device could stop receiving interrupts.\n\n* the CIFS 'forcedirectio' option did not allow text to be appended to files.\n\n* the gettimeofday() function returned a backwards time on Intel(r) 64.\n\n* residual-count corrections during UNDERRUN handling were added to the qla2xxx driver.\n\n* the fix for a small quirk was removed for certain Adaptec controllers for which it caused problems.\n\n* the 'xm trigger init' command caused a domain panic if a userland application was running on a guest on the Intel(r) 64 architecture.\n\nUsers of kernel should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2008-0957)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-5755", "CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3276", "CVE-2008-3527", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug"], "id": "ORACLELINUX_ELSA-2008-0957.NASL", "href": "https://www.tenable.com/plugins/nessus/67758", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0957 and \n# Oracle Linux Security Advisory ELSA-2008-0957 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67758);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_bugtraq_id(31368);\n script_xref(name:\"RHSA\", value:\"2008:0957\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-0957)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0957 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\n[Updated 12th November 2008] The original packages distributed with\nthis errata had a bug which prevented the Xen kernel booting on older\nhardware. We have updated the packages to correct this bug.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* the Xen implementation did not prevent applications running in a\npara-virtualized guest from modifying CR4 TSC. This could cause a\nlocal denial of service. (CVE-2007-5907, Important)\n\n* Tavis Ormandy reported missing boundary checks in the Virtual\nDynamic Shared Objects (vDSO) implementation. This could allow a local\nunprivileged user to cause a denial of service or escalate privileges.\n(CVE-2008-3527, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, CVE-2008-3833, Important)\n\n* a flaw was found in the Linux kernel splice implementation. This\ncould cause a local denial of service when there is a certain failure\nin the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n* a flaw was found in the Linux kernel when running on AMD64 systems.\nDuring a context switch, EFLAGS were being neither saved nor restored.\nThis could allow a local unprivileged user to cause a denial of\nservice. (CVE-2006-5755, Low)\n\n* a flaw was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to cause a denial of\nservice. (CVE-2008-2372, Low)\n\n* an integer overflow was discovered in the Linux kernel Datagram\nCongestion Control Protocol (DCCP) implementation. This could allow a\nremote attacker to cause a denial of service. By default, remote DCCP\nis blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* random32() seeding has been improved.\n\n* in a multi-core environment, a race between the QP async\nevent-handler and the destro_qp() function could occur. This led to\nunpredictable results during invalid memory access, which could lead\nto a kernel crash.\n\n* a format string was omitted in the call to the request_module()\nfunction.\n\n* a stack overflow caused by an infinite recursion bug in the\nbinfmt_misc kernel module was corrected.\n\n* the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check\nfor scatterlist usage before calling kmap_atomic().\n\n* a sentinel NUL byte was added to the device_write() function to\nensure that lspace.name is NUL-terminated.\n\n* in the character device driver, a range_is_allowed() check was added\nto the read_mem() and write_mem() functions. It was possible for an\nillegitimate application to bypass these checks, and access /dev/mem\nbeyond the 1M limit by calling mmap_mem() instead. Also, the\nparameters of range_is_allowed() were changed to cleanly handle\ngreater than 32-bits of physical address on 32-bit architectures.\n\n* some of the newer Nehalem-based systems declare their CPU DSDT\nentries as type 'Alias'. During boot, this caused an 'Error attaching\ndevice data' message to be logged.\n\n* the evtchn event channel device lacked locks and memory barriers.\nThis has led to xenstore becoming unresponsive on the Itanium(r)\narchitecture.\n\n* sending of gratuitous ARP packets in the Xen frontend network driver\nis now delayed until the backend signals that its carrier status has\nbeen processed by the stack.\n\n* on forcedeth devices, whenever setting ethtool parameters for link\nspeed, the device could stop receiving interrupts.\n\n* the CIFS 'forcedirectio' option did not allow text to be appended to\nfiles.\n\n* the gettimeofday() function returned a backwards time on Intel(r) 64.\n\n* residual-count corrections during UNDERRUN handling were added to\nthe qla2xxx driver.\n\n* the fix for a small quirk was removed for certain Adaptec\ncontrollers for which it caused problems.\n\n* the 'xm trigger init' command caused a domain panic if a userland\napplication was running on a guest on the Intel(r) 64 architecture.\n\nUsers of kernel should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-November/000785.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0957\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-92.1.17.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-92.1.17.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:39:00", "description": "- the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service.\n (CVE-2007-5907, Important)\n\n - Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation.\n This could allow a local unprivileged user to cause a denial of service or escalate privileges.\n (CVE-2008-3527, Important)\n\n - the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information. (CVE-2008-4210, CVE-2008-3833, Important)\n\n - a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n - a flaw was found in the Linux kernel when running on AMD64 systems. During a context switch, EFLAGS were being neither saved nor restored. This could allow a local unprivileged user to cause a denial of service.\n (CVE-2006-5755, Low)\n\n - a flaw was found in the Linux kernel virtual memory implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2372, Low)\n\n - an integer overflow was discovered in the Linux kernel Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. By default, remote DCCP is blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n - random32() seeding has been improved.\n\n - in a multi-core environment, a race between the QP async event-handler and the destro_qp() function could occur.\n This led to unpredictable results during invalid memory access, which could lead to a kernel crash.\n\n - a format string was omitted in the call to the request_module() function.\n\n - a stack overflow caused by an infinite recursion bug in the binfmt_misc kernel module was corrected.\n\n - the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for scatterlist usage before calling kmap_atomic().\n\n - a sentinel NUL byte was added to the device_write() function to ensure that lspace.name is NUL-terminated.\n\n - in the character device driver, a range_is_allowed() check was added to the read_mem() and write_mem() functions. It was possible for an illegitimate application to bypass these checks, and access /dev/mem beyond the 1M limit by calling mmap_mem() instead. Also, the parameters of range_is_allowed() were changed to cleanly handle greater than 32-bits of physical address on 32-bit architectures.\n\n - some of the newer Nehalem-based systems declare their CPU DSDT entries as type 'Alias'. During boot, this caused an 'Error attaching device data' message to be logged.\n\n - the evtchn event channel device lacked locks and memory barriers. This has led to xenstore becoming unresponsive on the Itanium&reg; architecture.\n\n - sending of gratuitous ARP packets in the Xen frontend network driver is now delayed until the backend signals that its carrier status has been processed by the stack.\n\n - on forcedeth devices, whenever setting ethtool parameters for link speed, the device could stop receiving interrupts.\n\n - the CIFS 'forcedirectio' option did not allow text to be appended to files.\n\n - the gettimeofday() function returned a backwards time on Intel&reg; 64.\n\n - residual-count corrections during UNDERRUN handling were added to the qla2xxx driver.\n\n - the fix for a small quirk was removed for certain Adaptec controllers for which it caused problems.\n\n - the 'xm trigger init' command caused a domain panic if a userland application was running on a guest on the Intel&reg; 64 architecture.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-5755", "CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3276", "CVE-2008-3527", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20081104_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60488", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60488);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - the Xen implementation did not prevent applications\n running in a para-virtualized guest from modifying CR4\n TSC. This could cause a local denial of service.\n (CVE-2007-5907, Important)\n\n - Tavis Ormandy reported missing boundary checks in the\n Virtual Dynamic Shared Objects (vDSO) implementation.\n This could allow a local unprivileged user to cause a\n denial of service or escalate privileges.\n (CVE-2008-3527, Important)\n\n - the do_truncate() and generic_file_splice_write()\n functions did not clear the setuid and setgid bits. This\n could allow a local unprivileged user to obtain access\n to privileged information. (CVE-2008-4210,\n CVE-2008-3833, Important)\n\n - a flaw was found in the Linux kernel splice\n implementation. This could cause a local denial of\n service when there is a certain failure in the\n add_to_page_cache_lru() function. (CVE-2008-4302,\n Important)\n\n - a flaw was found in the Linux kernel when running on\n AMD64 systems. During a context switch, EFLAGS were\n being neither saved nor restored. This could allow a\n local unprivileged user to cause a denial of service.\n (CVE-2006-5755, Low)\n\n - a flaw was found in the Linux kernel virtual memory\n implementation. This could allow a local unprivileged\n user to cause a denial of service. (CVE-2008-2372, Low)\n\n - an integer overflow was discovered in the Linux kernel\n Datagram Congestion Control Protocol (DCCP)\n implementation. This could allow a remote attacker to\n cause a denial of service. By default, remote DCCP is\n blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n - random32() seeding has been improved.\n\n - in a multi-core environment, a race between the QP async\n event-handler and the destro_qp() function could occur.\n This led to unpredictable results during invalid memory\n access, which could lead to a kernel crash.\n\n - a format string was omitted in the call to the\n request_module() function.\n\n - a stack overflow caused by an infinite recursion bug in\n the binfmt_misc kernel module was corrected.\n\n - the ata_scsi_rbuf_get() and ata_scsi_rbuf_put()\n functions now check for scatterlist usage before calling\n kmap_atomic().\n\n - a sentinel NUL byte was added to the device_write()\n function to ensure that lspace.name is NUL-terminated.\n\n - in the character device driver, a range_is_allowed()\n check was added to the read_mem() and write_mem()\n functions. It was possible for an illegitimate\n application to bypass these checks, and access /dev/mem\n beyond the 1M limit by calling mmap_mem() instead. Also,\n the parameters of range_is_allowed() were changed to\n cleanly handle greater than 32-bits of physical address\n on 32-bit architectures.\n\n - some of the newer Nehalem-based systems declare their\n CPU DSDT entries as type 'Alias'. During boot, this\n caused an 'Error attaching device data' message to be\n logged.\n\n - the evtchn event channel device lacked locks and memory\n barriers. This has led to xenstore becoming unresponsive\n on the Itanium&reg; architecture.\n\n - sending of gratuitous ARP packets in the Xen frontend\n network driver is now delayed until the backend signals\n that its carrier status has been processed by the stack.\n\n - on forcedeth devices, whenever setting ethtool\n parameters for link speed, the device could stop\n receiving interrupts.\n\n - the CIFS 'forcedirectio' option did not allow text to be\n appended to files.\n\n - the gettimeofday() function returned a backwards time on\n Intel&reg; 64.\n\n - residual-count corrections during UNDERRUN handling were\n added to the qla2xxx driver.\n\n - the fix for a small quirk was removed for certain\n Adaptec controllers for which it caused problems.\n\n - the 'xm trigger init' command caused a domain panic if a\n userland application was running on a guest on the\n Intel&reg; 64 architecture.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0811&L=scientific-linux-errata&T=0&P=435\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fddd7885\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-92.1.17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-92.1.17.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:57:17", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\n[Updated 12th November 2008] The original packages distributed with this errata had a bug which prevented the Xen kernel booting on older hardware. We have updated the packages to correct this bug.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. (CVE-2007-5907, Important)\n\n* Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation. This could allow a local unprivileged user to cause a denial of service or escalate privileges.\n(CVE-2008-3527, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, CVE-2008-3833, Important)\n\n* a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n* a flaw was found in the Linux kernel when running on AMD64 systems.\nDuring a context switch, EFLAGS were being neither saved nor restored.\nThis could allow a local unprivileged user to cause a denial of service. (CVE-2006-5755, Low)\n\n* a flaw was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to cause a denial of service. (CVE-2008-2372, Low)\n\n* an integer overflow was discovered in the Linux kernel Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. By default, remote DCCP is blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* random32() seeding has been improved.\n\n* in a multi-core environment, a race between the QP async event-handler and the destro_qp() function could occur. This led to unpredictable results during invalid memory access, which could lead to a kernel crash.\n\n* a format string was omitted in the call to the request_module() function.\n\n* a stack overflow caused by an infinite recursion bug in the binfmt_misc kernel module was corrected.\n\n* the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for scatterlist usage before calling kmap_atomic().\n\n* a sentinel NUL byte was added to the device_write() function to ensure that lspace.name is NUL-terminated.\n\n* in the character device driver, a range_is_allowed() check was added to the read_mem() and write_mem() functions. It was possible for an illegitimate application to bypass these checks, and access /dev/mem beyond the 1M limit by calling mmap_mem() instead. Also, the parameters of range_is_allowed() were changed to cleanly handle greater than 32-bits of physical address on 32-bit architectures.\n\n* some of the newer Nehalem-based systems declare their CPU DSDT entries as type 'Alias'. During boot, this caused an 'Error attaching device data' message to be logged.\n\n* the evtchn event channel device lacked locks and memory barriers.\nThis has led to xenstore becoming unresponsive on the Itanium(r) architecture.\n\n* sending of gratuitous ARP packets in the Xen frontend network driver is now delayed until the backend signals that its carrier status has been processed by the stack.\n\n* on forcedeth devices, whenever setting ethtool parameters for link speed, the device could stop receiving interrupts.\n\n* the CIFS 'forcedirectio' option did not allow text to be appended to files.\n\n* the gettimeofday() function returned a backwards time on Intel(r) 64.\n\n* residual-count corrections during UNDERRUN handling were added to the qla2xxx driver.\n\n* the fix for a small quirk was removed for certain Adaptec controllers for which it caused problems.\n\n* the 'xm trigger init' command caused a domain panic if a userland application was running on a guest on the Intel(r) 64 architecture.\n\nUsers of kernel should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2008-11-04T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2008:0957)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-5755", "CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3276", "CVE-2008-3527", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0957.NASL", "href": "https://www.tenable.com/plugins/nessus/34690", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0957. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34690);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_bugtraq_id(31368);\n script_xref(name:\"RHSA\", value:\"2008:0957\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:0957)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\n[Updated 12th November 2008] The original packages distributed with\nthis errata had a bug which prevented the Xen kernel booting on older\nhardware. We have updated the packages to correct this bug.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* the Xen implementation did not prevent applications running in a\npara-virtualized guest from modifying CR4 TSC. This could cause a\nlocal denial of service. (CVE-2007-5907, Important)\n\n* Tavis Ormandy reported missing boundary checks in the Virtual\nDynamic Shared Objects (vDSO) implementation. This could allow a local\nunprivileged user to cause a denial of service or escalate privileges.\n(CVE-2008-3527, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, CVE-2008-3833, Important)\n\n* a flaw was found in the Linux kernel splice implementation. This\ncould cause a local denial of service when there is a certain failure\nin the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n* a flaw was found in the Linux kernel when running on AMD64 systems.\nDuring a context switch, EFLAGS were being neither saved nor restored.\nThis could allow a local unprivileged user to cause a denial of\nservice. (CVE-2006-5755, Low)\n\n* a flaw was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to cause a denial of\nservice. (CVE-2008-2372, Low)\n\n* an integer overflow was discovered in the Linux kernel Datagram\nCongestion Control Protocol (DCCP) implementation. This could allow a\nremote attacker to cause a denial of service. By default, remote DCCP\nis blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* random32() seeding has been improved.\n\n* in a multi-core environment, a race between the QP async\nevent-handler and the destro_qp() function could occur. This led to\nunpredictable results during invalid memory access, which could lead\nto a kernel crash.\n\n* a format string was omitted in the call to the request_module()\nfunction.\n\n* a stack overflow caused by an infinite recursion bug in the\nbinfmt_misc kernel module was corrected.\n\n* the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check\nfor scatterlist usage before calling kmap_atomic().\n\n* a sentinel NUL byte was added to the device_write() function to\nensure that lspace.name is NUL-terminated.\n\n* in the character device driver, a range_is_allowed() check was added\nto the read_mem() and write_mem() functions. It was possible for an\nillegitimate application to bypass these checks, and access /dev/mem\nbeyond the 1M limit by calling mmap_mem() instead. Also, the\nparameters of range_is_allowed() were changed to cleanly handle\ngreater than 32-bits of physical address on 32-bit architectures.\n\n* some of the newer Nehalem-based systems declare their CPU DSDT\nentries as type 'Alias'. During boot, this caused an 'Error attaching\ndevice data' message to be logged.\n\n* the evtchn event channel device lacked locks and memory barriers.\nThis has led to xenstore becoming unresponsive on the Itanium(r)\narchitecture.\n\n* sending of gratuitous ARP packets in the Xen frontend network driver\nis now delayed until the backend signals that its carrier status has\nbeen processed by the stack.\n\n* on forcedeth devices, whenever setting ethtool parameters for link\nspeed, the device could stop receiving interrupts.\n\n* the CIFS 'forcedirectio' option did not allow text to be appended to\nfiles.\n\n* the gettimeofday() function returned a backwards time on Intel(r) 64.\n\n* residual-count corrections during UNDERRUN handling were added to\nthe qla2xxx driver.\n\n* the fix for a small quirk was removed for certain Adaptec\ncontrollers for which it caused problems.\n\n* the 'xm trigger init' command caused a domain panic if a userland\napplication was running on a guest on the Intel(r) 64 architecture.\n\nUsers of kernel should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-5755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0957\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0957\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0957\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.18.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.18.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:39:52", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\n[Updated 12th November 2008] The original packages distributed with this errata had a bug which prevented the Xen kernel booting on older hardware. We have updated the packages to correct this bug.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. (CVE-2007-5907, Important)\n\n* Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation. This could allow a local unprivileged user to cause a denial of service or escalate privileges.\n(CVE-2008-3527, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, CVE-2008-3833, Important)\n\n* a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n* a flaw was found in the Linux kernel when running on AMD64 systems.\nDuring a context switch, EFLAGS were being neither saved nor restored.\nThis could allow a local unprivileged user to cause a denial of service. (CVE-2006-5755, Low)\n\n* a flaw was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to cause a denial of service. (CVE-2008-2372, Low)\n\n* an integer overflow was discovered in the Linux kernel Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. By default, remote DCCP is blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* random32() seeding has been improved.\n\n* in a multi-core environment, a race between the QP async event-handler and the destro_qp() function could occur. This led to unpredictable results during invalid memory access, which could lead to a kernel crash.\n\n* a format string was omitted in the call to the request_module() function.\n\n* a stack overflow caused by an infinite recursion bug in the binfmt_misc kernel module was corrected.\n\n* the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for scatterlist usage before calling kmap_atomic().\n\n* a sentinel NUL byte was added to the device_write() function to ensure that lspace.name is NUL-terminated.\n\n* in the character device driver, a range_is_allowed() check was added to the read_mem() and write_mem() functions. It was possible for an illegitimate application to bypass these checks, and access /dev/mem beyond the 1M limit by calling mmap_mem() instead. Also, the parameters of range_is_allowed() were changed to cleanly handle greater than 32-bits of physical address on 32-bit architectures.\n\n* some of the newer Nehalem-based systems declare their CPU DSDT entries as type 'Alias'. During boot, this caused an 'Error attaching device data' message to be logged.\n\n* the evtchn event channel device lacked locks and memory barriers.\nThis has led to xenstore becoming unresponsive on the Itanium(r) architecture.\n\n* sending of gratuitous ARP packets in the Xen frontend network driver is now delayed until the backend signals that its carrier status has been processed by the stack.\n\n* on forcedeth devices, whenever setting ethtool parameters for link speed, the device could stop receiving interrupts.\n\n* the CIFS 'forcedirectio' option did not allow text to be appended to files.\n\n* the gettimeofday() function returned a backwards time on Intel(r) 64.\n\n* residual-count corrections during UNDERRUN handling were added to the qla2xxx driver.\n\n* the fix for a small quirk was removed for certain Adaptec controllers for which it caused problems.\n\n* the 'xm trigger init' command caused a domain panic if a userland application was running on a guest on the Intel(r) 64 architecture.\n\nUsers of kernel should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2008:0957)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-5755", "CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3276", "CVE-2008-3527", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0957.NASL", "href": "https://www.tenable.com/plugins/nessus/43713", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0957 and \n# CentOS Errata and Security Advisory 2008:0957 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43713);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_bugtraq_id(31368);\n script_xref(name:\"RHSA\", value:\"2008:0957\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:0957)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\n[Updated 12th November 2008] The original packages distributed with\nthis errata had a bug which prevented the Xen kernel booting on older\nhardware. We have updated the packages to correct this bug.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* the Xen implementation did not prevent applications running in a\npara-virtualized guest from modifying CR4 TSC. This could cause a\nlocal denial of service. (CVE-2007-5907, Important)\n\n* Tavis Ormandy reported missing boundary checks in the Virtual\nDynamic Shared Objects (vDSO) implementation. This could allow a local\nunprivileged user to cause a denial of service or escalate privileges.\n(CVE-2008-3527, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, CVE-2008-3833, Important)\n\n* a flaw was found in the Linux kernel splice implementation. This\ncould cause a local denial of service when there is a certain failure\nin the add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n\n* a flaw was found in the Linux kernel when running on AMD64 systems.\nDuring a context switch, EFLAGS were being neither saved nor restored.\nThis could allow a local unprivileged user to cause a denial of\nservice. (CVE-2006-5755, Low)\n\n* a flaw was found in the Linux kernel virtual memory implementation.\nThis could allow a local unprivileged user to cause a denial of\nservice. (CVE-2008-2372, Low)\n\n* an integer overflow was discovered in the Linux kernel Datagram\nCongestion Control Protocol (DCCP) implementation. This could allow a\nremote attacker to cause a denial of service. By default, remote DCCP\nis blocked by SELinux. (CVE-2008-3276, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* random32() seeding has been improved.\n\n* in a multi-core environment, a race between the QP async\nevent-handler and the destro_qp() function could occur. This led to\nunpredictable results during invalid memory access, which could lead\nto a kernel crash.\n\n* a format string was omitted in the call to the request_module()\nfunction.\n\n* a stack overflow caused by an infinite recursion bug in the\nbinfmt_misc kernel module was corrected.\n\n* the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check\nfor scatterlist usage before calling kmap_atomic().\n\n* a sentinel NUL byte was added to the device_write() function to\nensure that lspace.name is NUL-terminated.\n\n* in the character device driver, a range_is_allowed() check was added\nto the read_mem() and write_mem() functions. It was possible for an\nillegitimate application to bypass these checks, and access /dev/mem\nbeyond the 1M limit by calling mmap_mem() instead. Also, the\nparameters of range_is_allowed() were changed to cleanly handle\ngreater than 32-bits of physical address on 32-bit architectures.\n\n* some of the newer Nehalem-based systems declare their CPU DSDT\nentries as type 'Alias'. During boot, this caused an 'Error attaching\ndevice data' message to be logged.\n\n* the evtchn event channel device lacked locks and memory barriers.\nThis has led to xenstore becoming unresponsive on the Itanium(r)\narchitecture.\n\n* sending of gratuitous ARP packets in the Xen frontend network driver\nis now delayed until the backend signals that its carrier status has\nbeen processed by the stack.\n\n* on forcedeth devices, whenever setting ethtool parameters for link\nspeed, the device could stop receiving interrupts.\n\n* the CIFS 'forcedirectio' option did not allow text to be appended to\nfiles.\n\n* the gettimeofday() function returned a backwards time on Intel(r) 64.\n\n* residual-count corrections during UNDERRUN handling were added to\nthe qla2xxx driver.\n\n* the fix for a small quirk was removed for certain Adaptec\ncontrollers for which it caused problems.\n\n* the 'xm trigger init' command caused a domain panic if a userland\napplication was running on a guest on the Intel(r) 64 architecture.\n\nUsers of kernel should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015397.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?744cf616\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015398.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b3f56c35\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-92.1.18.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-92.1.18.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:57:16", "description": "This kernel update fixes various bugs and also several security issues :\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service (crash) attack.\n\nCVE-2008-3833: The generic_file_splice_write function in fs/splice.c in the Linux kernel does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory.\n\nCVE-2008-4210: fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.\n\nCVE-2008-4302: fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n\nCVE-2008-2931: The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules.\n\nCVE-2008-3527: arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 did not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-5751)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3525", "CVE-2008-3527", "CVE-2008-3528", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-kdump", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_KERNEL-5751.NASL", "href": "https://www.tenable.com/plugins/nessus/34755", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5751.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34755);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3525\", \"CVE-2008-3527\", \"CVE-2008-3528\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\", \"CVE-2008-4576\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5751)\");\n script_summary(english:\"Check for the kernel-5751 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update fixes various bugs and also several security \nissues :\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between\nSCTP AUTH availability. This might be exploited remotely for a denial\nof service (crash) attack.\n\nCVE-2008-3833: The generic_file_splice_write function in fs/splice.c\nin the Linux kernel does not properly strip setuid and setgid bits\nwhen there is a write to a file, which allows local users to gain the\nprivileges of a different group, and obtain sensitive information or\npossibly have unspecified other impact, by splicing into an inode in\norder to create an executable file in a setgid directory.\n\nCVE-2008-4210: fs/open.c in the Linux kernel before 2.6.22 does not\nproperly strip setuid and setgid bits when there is a write to a file,\nwhich allows local users to gain the privileges of a different group,\nand obtain sensitive information or possibly have unspecified other\nimpact, by creating an executable file in a setgid directory through\nthe (1) truncate or (2) ftruncate function in conjunction with\nmemory-mapped I/O.\n\nCVE-2008-4302: fs/splice.c in the splice subsystem in the Linux kernel\nbefore 2.6.22.2 does not properly handle a failure of the\nadd_to_page_cache_lru function, and subsequently attempts to unlock a\npage that was not locked, which allows local users to cause a denial\nof service (kernel BUG and system crash), as demonstrated by the fio\nI/O tool.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle\ncorrupted data structures. With a mounted filesystem image or\npartition that have corrupted dir->i_size and dir->i_blocks, a user\nperforming either a read or write operation on the mounted image or\npartition can lead to a possible denial of service by spamming the\nlogfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\ndid not properly zero out the dio struct, which allows local users to\ncause a denial of service (OOPS), as demonstrated by a certain fio\ntest.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which\ncould be used to leak information from the kernel.\n\nCVE-2008-2931: The do_change_type function in fs/namespace.c did not\nverify that the caller has the CAP_SYS_ADMIN capability, which allows\nlocal users to gain privileges or cause a denial of service by\nmodifying the properties of a mountpoint.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op\nfunctions, which might have been used by local attackers to execute\ncode. We think that this affects only devices openable by root, so the\nimpact is limited.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and\nSNMP NAT netfilter modules.\n\nCVE-2008-3527: arch/i386/kernel/sysenter.c in the Virtual Dynamic\nShared Objects (vDSO) implementation in the Linux kernel before 2.6.21\ndid not properly check boundaries, which allows local users to gain\nprivileges or cause a denial of service via unspecified vectors,\nrelated to the install_special_mapping, syscall, and syscall32_nopage\nfunctions.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-bigsmp-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-default-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-kdump-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-source-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-syms-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-xen-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-xenpae-2.6.18.8-0.13\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-default / kernel-kdump / kernel-source / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:26:54", "description": "It was discovered that the direct-IO subsystem did not correctly validate certain structures. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2007-6716)\n\nIt was discovered that the disabling of the ZERO_PAGE optimization could lead to large memory consumption. A local attacker could exploit this to allocate all available memory, leading to a denial of service.\n(CVE-2008-2372)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) did not correctly validate its arguments. If DCCP was in use, a remote attacker could send specially crafted network traffic and cause a system crash, leading to a denial of service. (CVE-2008-3276)\n\nIt was discovered that the SBNI WAN driver did not correctly check for the NET_ADMIN capability. A malicious local root user lacking CAP_NET_ADMIN would be able to change the WAN device configuration, leading to a denial of service. (CVE-2008-3525)\n\nIt was discovered that the Stream Control Transmission Protocol (SCTP) did not correctly validate the key length in the SCTP_AUTH_KEY option.\nIf SCTP is in use, a remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2008-3526)\n\nIt was discovered that the tmpfs implementation did not correctly handle certain sequences of inode operations. A local attacker could exploit this to crash the system, leading to a denial of service.\n(CVE-2008-3534)\n\nIt was discovered that the readv/writev functions did not correctly handle certain sequences of file operations. A local attacker could exploit this to crash the system, leading to a denial of service.\n(CVE-2008-3535)\n\nIt was discovered that SCTP did not correctly validate its userspace arguments. A local attacker could call certain sctp_* functions with malicious options and cause a system crash, leading to a denial of service. (CVE-2008-3792, CVE-2008-4113, CVE-2008-4445)\n\nIt was discovered the the i915 video driver did not correctly validate memory addresses. A local attacker could exploit this to remap memory that could cause a system crash, leading to a denial of service.\n(CVE-2008-3831)\n\nJohann Dahm and David Richter discovered that NFSv4 did not correctly handle certain file ACLs. If NFSv4 is in use, a local attacker could create a malicious ACL that could cause a system crash, leading to a denial of service. (CVE-2008-3915).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/22 vulnerabilities (USN-659-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-2372", "CVE-2008-3276", "CVE-2008-3525", "CVE-2008-3526", "CVE-2008-3534", "CVE-2008-3535", "CVE-2008-3792", "CVE-2008-3831", "CVE-2008-3915", "CVE-2008-4113", "CVE-2008-4445"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-659-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36681", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-659-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36681);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-3534\", \"CVE-2008-3535\", \"CVE-2008-3792\", \"CVE-2008-3831\", \"CVE-2008-3915\", \"CVE-2008-4113\", \"CVE-2008-4445\");\n script_bugtraq_id(31515, 31792);\n script_xref(name:\"USN\", value:\"659-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/22 vulnerabilities (USN-659-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the direct-IO subsystem did not correctly\nvalidate certain structures. A local attacker could exploit this to\ncause a system crash, leading to a denial of service. (CVE-2007-6716)\n\nIt was discovered that the disabling of the ZERO_PAGE optimization\ncould lead to large memory consumption. A local attacker could exploit\nthis to allocate all available memory, leading to a denial of service.\n(CVE-2008-2372)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP)\ndid not correctly validate its arguments. If DCCP was in use, a remote\nattacker could send specially crafted network traffic and cause a\nsystem crash, leading to a denial of service. (CVE-2008-3276)\n\nIt was discovered that the SBNI WAN driver did not correctly check for\nthe NET_ADMIN capability. A malicious local root user lacking\nCAP_NET_ADMIN would be able to change the WAN device configuration,\nleading to a denial of service. (CVE-2008-3525)\n\nIt was discovered that the Stream Control Transmission Protocol (SCTP)\ndid not correctly validate the key length in the SCTP_AUTH_KEY option.\nIf SCTP is in use, a remote attacker could send specially crafted\nnetwork traffic that would crash the system, leading to a denial of\nservice. (CVE-2008-3526)\n\nIt was discovered that the tmpfs implementation did not correctly\nhandle certain sequences of inode operations. A local attacker could\nexploit this to crash the system, leading to a denial of service.\n(CVE-2008-3534)\n\nIt was discovered that the readv/writev functions did not correctly\nhandle certain sequences of file operations. A local attacker could\nexploit this to crash the system, leading to a denial of service.\n(CVE-2008-3535)\n\nIt was discovered that SCTP did not correctly validate its userspace\narguments. A local attacker could call certain sctp_* functions with\nmalicious options and cause a system crash, leading to a denial of\nservice. (CVE-2008-3792, CVE-2008-4113, CVE-2008-4445)\n\nIt was discovered the the i915 video driver did not correctly validate\nmemory addresses. A local attacker could exploit this to remap memory\nthat could cause a system crash, leading to a denial of service.\n(CVE-2008-3831)\n\nJohann Dahm and David Richter discovered that NFSv4 did not correctly\nhandle certain file ACLs. If NFSv4 is in use, a local attacker could\ncreate a malicious ACL that could cause a system crash, leading to a\ndenial of service. (CVE-2008-3915).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/659-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-6716\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-3534\", \"CVE-2008-3535\", \"CVE-2008-3792\", \"CVE-2008-3831\", \"CVE-2008-3915\", \"CVE-2008-4113\", \"CVE-2008-4445\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-659-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-386\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-686\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-generic\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-k8\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-server\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-xeon\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-server\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-386\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-686\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-generic\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-k8\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-server\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-xeon\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-server\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-52.73\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-386\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-generic\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-rt\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-server\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-ume\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-virtual\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-xen\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-386\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-cell\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-generic\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-lpia\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-lpiacompat\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-rt\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-server\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-ume\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-virtual\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-xen\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-386\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-generic\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-server\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-virtual\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-15.59\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-386\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-generic\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-openvz\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-rt\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-server\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-virtual\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-21-xen\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-386\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-generic\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-lpia\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-lpiacompat\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-openvz\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-rt\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-server\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-virtual\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-21-xen\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-21-386\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-21-generic\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-21-server\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-21-virtual\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-21.43\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-21.43\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.22 / linux-doc-2.6.24 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:52:15", "description": "This patch updates the openSUSE 11.0 kernel to the 2.6.25.18 stable release.\n\nIt also includes bugfixes and security fixes :\n\nCVE-2008-4410: The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state.\n\nsctp: Fix kernel panic while process protocol violation parameter.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n\nCVE-2008-3526: Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-4576: SCTP in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.\n\nCVE-2008-4445: The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.\n\nCVE-2008-3792: net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.26.3 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.\n\nCVE-2008-4113: The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.\n\nCVE-2008-3911: The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/transports file.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-270)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3525", "CVE-2008-3526", "CVE-2008-3528", "CVE-2008-3792", "CVE-2008-3911", "CVE-2008-4113", "CVE-2008-4410", "CVE-2008-4445", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-081022.NASL", "href": "https://www.tenable.com/plugins/nessus/40010", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-270.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40010);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-3528\", \"CVE-2008-3792\", \"CVE-2008-3911\", \"CVE-2008-4113\", \"CVE-2008-4410\", \"CVE-2008-4445\", \"CVE-2008-4576\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-270)\");\n script_summary(english:\"Check for the kernel-270 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This patch updates the openSUSE 11.0 kernel to the 2.6.25.18 stable\nrelease.\n\nIt also includes bugfixes and security fixes :\n\nCVE-2008-4410: The vmi_write_ldt_entry function in\narch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the\nLinux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry\nwas intended, which allows local users to cause a denial of service\n(persistent application failure) via crafted function calls, related\nto the Java Runtime Environment (JRE) experiencing improper LDT\nselector state.\n\nsctp: Fix kernel panic while process protocol violation parameter.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle\ncorrupted data structures. With a mounted filesystem image or\npartition that have corrupted dir->i_size and dir->i_blocks, a user\nperforming either a read or write operation on the mounted image or\npartition can lead to a possible denial of service by spamming the\nlogfile.\n\nCVE-2008-3526: Integer overflow in the sctp_setsockopt_auth_key\nfunction in net/sctp/socket.c in the Stream Control Transmission\nProtocol (sctp) implementation in the Linux kernel allows remote\nattackers to cause a denial of service (panic) or possibly have\nunspecified other impact via a crafted sca_keylength field associated\nwith the SCTP_AUTH_KEY option.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-4576: SCTP in Linux kernel before 2.6.25.18 allows remote\nattackers to cause a denial of service (OOPS) via an INIT-ACK that\nstates the peer does not support AUTH, which causes the\nsctp_process_init function to clean up active transports and triggers\nthe OOPS when the T1-Init timer expires.\n\nCVE-2008-4445: The sctp_auth_ep_set_hmacs function in net/sctp/auth.c\nin the Stream Control Transmission Protocol (sctp) implementation in\nthe Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is\nenabled, does not verify that the identifier index is within the\nbounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users\nto obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL\nrequest involving the sctp_getsockopt function.\n\nCVE-2008-3792: net/sctp/socket.c in the Stream Control Transmission\nProtocol (sctp) implementation in the Linux kernel 2.6.26.3 does not\nverify that the SCTP-AUTH extension is enabled before proceeding with\nSCTP-AUTH API functions, which allows attackers to cause a denial of\nservice (panic) via vectors that result in calls to (1)\nsctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3)\nsctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5)\nsctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7)\nsctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or\n(9) sctp_getsockopt_local_auth_chunks.\n\nCVE-2008-4113: The sctp_getsockopt_hmac_ident function in\nnet/sctp/socket.c in the Stream Control Transmission Protocol (sctp)\nimplementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH\nextension is enabled, relies on an untrusted length value to limit\ncopying of data from kernel memory, which allows local users to obtain\nsensitive information via a crafted SCTP_HMAC_IDENT IOCTL request\ninvolving the sctp_getsockopt function.\n\nCVE-2008-3911: The proc_do_xprt function in net/sunrpc/sysctl.c in the\nLinux kernel 2.6.26.3 does not check the length of a certain buffer\nobtained from userspace, which allows local users to overflow a\nstack-based buffer and have unspecified other impact via a crafted\nread system call for the /proc/sys/sunrpc/transports file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=403346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=406656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=409961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=417821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=419134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=421321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=427244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=432488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=432490\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 189, 200, 264, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.18-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.18-0.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-25T16:20:14", "description": "Update kernel from version 2.6.26.5 to 2.6.26.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247. CVE-2008-3525 The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. CVE-2008-4554 The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. CVE-2008-4576 sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-10-24T00:00:00", "type": "nessus", "title": "Fedora 9 : kernel-2.6.26.6-79.fc9 (2008-8929)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3247", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-4410", "CVE-2008-4554", "CVE-2008-4576"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-8929.NASL", "href": "https://www.tenable.com/plugins/nessus/34480", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-8929.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34480);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-4410\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n script_bugtraq_id(31565, 31634, 31792);\n script_xref(name:\"FEDORA\", value:\"2008-8929\");\n\n script_name(english:\"Fedora 9 : kernel-2.6.26.6-79.fc9 (2008-8929)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update kernel from version 2.6.26.5 to 2.6.26.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6\nCVE-2008-3831 An IOCTL in the i915 driver was not properly restricted\nto users with the proper capabilities to use it. CVE-2008-4410 The\nvmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the\nVirtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes\nwrite_idt_entry where write_ldt_entry was intended, which allows local\nusers to cause a denial of service (persistent application failure)\nvia crafted function calls, related to the Java Runtime Environment\n(JRE) experiencing improper LDT selector state, a different\nvulnerability than CVE-2008-3247. CVE-2008-3525 The sbni_ioctl\nfunction in drivers/net/wan/sbni.c in the wan subsystem in the Linux\nkernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before\nprocessing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3)\nSIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows\nlocal users to bypass intended capability restrictions. CVE-2008-4554\nThe do_splice_from function in fs/splice.c in the Linux kernel before\n2.6.27 does not reject file descriptors that have the O_APPEND flag\nset, which allows local users to bypass append mode and make arbitrary\nchanges to other locations in the file. CVE-2008-4576 sctp in Linux\nkernel before 2.6.25.18 allows remote attackers to cause a denial of\nservice (OOPS) via an INIT-ACK that states the peer does not support\nAUTH, which causes the sctp_process_init function to clean up active\ntransports and triggers the OOPS when the T1-Init timer expires.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?59a1975c\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=438606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=460550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=462156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=462178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=462919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=463034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=464613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=465873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=466303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=466511\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-October/015633.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c2a6ea6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"kernel-2.6.26.6-79.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:56:10", "description": "Update kernel from version 2.6.26.5 to 2.6.26.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247. CVE-2008-3525 The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. CVE-2008-4554 The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. CVE-2008-4576 sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires. Also fixes these bugs reported against Fedora 9: 465873 - kernel build-id note corruption 466303 - IPSec kernel lockup. 464613 - 11143 unconditional linker option arch/powerpc/lib/crtsavres.o causes external module buildfailure 463034 - [sata_nv swncq] kernel 2.6.26.3-29 raid errors: 'md: super_written gets error=-5, uptodate=0' 460550 - Insert key does not work on console since 2.6.26 438606 - at76 stops working with port to mac80211 466511 - Kernel crash when using openswan 462919 - kernel 2.6.26.3-19.fc9.x86_64 TT-budget C-1500 DVB card is not longer working 462178 - PCMCIA CF adaptor causes kernel hang at 'Starting UDEV:'\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-10-24T00:00:00", "type": "nessus", "title": "Fedora 8 : kernel-2.6.26.6-49.fc8 (2008-8980)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3247", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-4410", "CVE-2008-4554", "CVE-2008-4576"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-8980.NASL", "href": "https://www.tenable.com/plugins/nessus/34481", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-8980.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34481);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-4410\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n script_bugtraq_id(31565, 31634, 31792);\n script_xref(name:\"FEDORA\", value:\"2008-8980\");\n\n script_name(english:\"Fedora 8 : kernel-2.6.26.6-49.fc8 (2008-8980)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update kernel from version 2.6.26.5 to 2.6.26.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6\nCVE-2008-3831 An IOCTL in the i915 driver was not properly restricted\nto users with the proper capabilities to use it. CVE-2008-4410 The\nvmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the\nVirtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes\nwrite_idt_entry where write_ldt_entry was intended, which allows local\nusers to cause a denial of service (persistent application failure)\nvia crafted function calls, related to the Java Runtime Environment\n(JRE) experiencing improper LDT selector state, a different\nvulnerability than CVE-2008-3247. CVE-2008-3525 The sbni_ioctl\nfunction in drivers/net/wan/sbni.c in the wan subsystem in the Linux\nkernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before\nprocessing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3)\nSIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows\nlocal users to bypass intended capability restrictions. CVE-2008-4554\nThe do_splice_from function in fs/splice.c in the Linux kernel before\n2.6.27 does not reject file descriptors that have the O_APPEND flag\nset, which allows local users to bypass append mode and make arbitrary\nchanges to other locations in the file. CVE-2008-4576 sctp in Linux\nkernel before 2.6.25.18 allows remote attackers to cause a denial of\nservice (OOPS) via an INIT-ACK that states the peer does not support\nAUTH, which causes the sctp_process_init function to clean up active\ntransports and triggers the OOPS when the T1-Init timer expires. Also\nfixes these bugs reported against Fedora 9: 465873 - kernel build-id\nnote corruption 466303 - IPSec kernel lockup. 464613 - 11143\nunconditional linker option arch/powerpc/lib/crtsavres.o causes\nexternal module buildfailure 463034 - [sata_nv swncq] kernel\n2.6.26.3-29 raid errors: 'md: super_written gets error=-5, uptodate=0'\n460550 - Insert key does not work on console since 2.6.26 438606 -\nat76 stops working with port to mac80211 466511 - Kernel crash when\nusing openswan 462919 - kernel 2.6.26.3-19.fc9.x86_64 TT-budget C-1500\nDVB card is not longer working 462178 - PCMCIA CF adaptor causes\nkernel hang at 'Starting UDEV:'\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?59a1975c\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=460401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=464502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=466079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=466707\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-October/015629.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a2957607\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"kernel-2.6.26.6-49.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:08:55", "description": "From Red Hat Security Advisory 2008:0972 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation.\nThis could have allowed a local unprivileged user to cause a denial of service. (CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z kernel, a local unprivileged user could cause a denial of service by reading from or writing into a padding area in the user_regs_struct32 structure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could have allowed a local unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open Sound System (OSS) implementation. This deficiency could have led to an information leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux kernel's PWC USB video driver. A local unprivileged user could have used this flaw to bring the kernel USB subsystem into the busy-waiting state. (CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle corrupted data structures, leading to a possible local denial of service issue when read or write operations were performed.\n(CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the CIFS 'forcedirectio' option, appending to an open file on a CIFS share resulted in that file being overwritten with the data to be appended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was present on a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when trying to load the aacraid driver and printed the following error message: 'aac_srb: aac_fib_send failed with status: 8195'.\n\n* due to an mpt driver regression, when RAID 1 was configured on Primergy systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked during boot.\n\n* the mpt driver produced a large number of extraneous debugging messages when performing a 'Host reset' operation.\n\n* due to a regression in the sym driver, the kernel panicked when a SCSI hot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in accordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These are addressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative count of used blocks.\n\n* reading /proc/self/mem incorrectly returned 'Invalid argument' instead of 'input/output error' due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was removed while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash during the creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2008-0972)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5093", "CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3272", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0972.NASL", "href": "https://www.tenable.com/plugins/nessus/67762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0972 and \n# Oracle Linux Security Advisory ELSA-2008-0972 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67762);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3272\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_bugtraq_id(30559, 31177, 31368, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0972\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2008-0972)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0972 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation.\nThis could have allowed a local unprivileged user to cause a denial of\nservice. (CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\nkernel, a local unprivileged user could cause a denial of service by\nreading from or writing into a padding area in the user_regs_struct32\nstructure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could have allowed a local\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open\nSound System (OSS) implementation. This deficiency could have led to\nan information leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux\nkernel's PWC USB video driver. A local unprivileged user could have\nused this flaw to bring the kernel USB subsystem into the busy-waiting\nstate. (CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle\ncorrupted data structures, leading to a possible local denial of\nservice issue when read or write operations were performed.\n(CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the CIFS 'forcedirectio' option, appending to an open\nfile on a CIFS share resulted in that file being overwritten with the\ndata to be appended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was\npresent on a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when\ntrying to load the aacraid driver and printed the following error\nmessage: 'aac_srb: aac_fib_send failed with status: 8195'.\n\n* due to an mpt driver regression, when RAID 1 was configured on\nPrimergy systems with an LSI SCSI IME 53C1020/1030 controller, the\nkernel panicked during boot.\n\n* the mpt driver produced a large number of extraneous debugging\nmessages when performing a 'Host reset' operation.\n\n* due to a regression in the sym driver, the kernel panicked when a\nSCSI hot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in\naccordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These\nare addressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative\ncount of used blocks.\n\n* reading /proc/self/mem incorrectly returned 'Invalid argument'\ninstead of 'input/output error' due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was\nremoved while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash\nduring the creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated\npackages, which contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-November/000809.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2007-5093\", \"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3272\", \"CVE-2008-3528\", \"CVE-2008-4210\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0972\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:45:14", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation.\nThis could have allowed a local unprivileged user to cause a denial of service. (CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z kernel, a local unprivileged user could cause a denial of service by reading from or writing into a padding area in the user_regs_struct32 structure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could have allowed a local unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open Sound System (OSS) implementation. This deficiency could have led to an information leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux kernel's PWC USB video driver. A local unprivileged user could have used this flaw to bring the kernel USB subsystem into the busy-waiting state. (CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle corrupted data structures, leading to a possible local denial of service issue when read or write operations were performed.\n(CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the CIFS 'forcedirectio' option, appending to an open file on a CIFS share resulted in that file being overwritten with the data to be appended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was present on a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when trying to load the aacraid driver and printed the following error message: 'aac_srb: aac_fib_send failed with status: 8195'.\n\n* due to an mpt driver regression, when RAID 1 was configured on Primergy systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked during boot.\n\n* the mpt driver produced a large number of extraneous debugging messages when performing a 'Host reset' operation.\n\n* due to a regression in the sym driver, the kernel panicked when a SCSI hot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in accordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These are addressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative count of used blocks.\n\n* reading /proc/self/mem incorrectly returned 'Invalid argument' instead of 'input/output error' due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was removed while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash during the creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2008:0972)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5093", "CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3272", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2008-0972.NASL", "href": "https://www.tenable.com/plugins/nessus/37341", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0972 and \n# CentOS Errata and Security Advisory 2008:0972 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37341);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3272\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_bugtraq_id(30559, 31177, 31368, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0972\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2008:0972)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation.\nThis could have allowed a local unprivileged user to cause a denial of\nservice. (CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\nkernel, a local unprivileged user could cause a denial of service by\nreading from or writing into a padding area in the user_regs_struct32\nstructure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could have allowed a local\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open\nSound System (OSS) implementation. This deficiency could have led to\nan information leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux\nkernel's PWC USB video driver. A local unprivileged user could have\nused this flaw to bring the kernel USB subsystem into the busy-waiting\nstate. (CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle\ncorrupted data structures, leading to a possible local denial of\nservice issue when read or write operations were performed.\n(CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the CIFS 'forcedirectio' option, appending to an open\nfile on a CIFS share resulted in that file being overwritten with the\ndata to be appended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was\npresent on a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when\ntrying to load the aacraid driver and printed the following error\nmessage: 'aac_srb: aac_fib_send failed with status: 8195'.\n\n* due to an mpt driver regression, when RAID 1 was configured on\nPrimergy systems with an LSI SCSI IME 53C1020/1030 controller, the\nkernel panicked during boot.\n\n* the mpt driver produced a large number of extraneous debugging\nmessages when performing a 'Host reset' operation.\n\n* due to a regression in the sym driver, the kernel panicked when a\nSCSI hot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in\naccordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These\nare addressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative\ncount of used blocks.\n\n* reading /proc/self/mem incorrectly returned 'Invalid argument'\ninstead of 'input/output error' due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was\nremoved while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash\nduring the creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated\npackages, which contain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015424.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?03430f7b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015425.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2b753b77\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-November/015443.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7396bf3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-doc-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-25T16:20:47", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation.\nThis could have allowed a local unprivileged user to cause a denial of service. (CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z kernel, a local unprivileged user could cause a denial of service by reading from or writing into a padding area in the user_regs_struct32 structure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could have allowed a local unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open Sound System (OSS) implementation. This deficiency could have led to an information leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux kernel's PWC USB video driver. A local unprivileged user could have used this flaw to bring the kernel USB subsystem into the busy-waiting state. (CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle corrupted data structures, leading to a possible local denial of service issue when read or write operations were performed.\n(CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the CIFS 'forcedirectio' option, appending to an open file on a CIFS share resulted in that file being overwritten with the data to be appended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was present on a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when trying to load the aacraid driver and printed the following error message: 'aac_srb: aac_fib_send failed with status: 8195'.\n\n* due to an mpt driver regression, when RAID 1 was configured on Primergy systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked during boot.\n\n* the mpt driver produced a large number of extraneous debugging messages when performing a 'Host reset' operation.\n\n* due to a regression in the sym driver, the kernel panicked when a SCSI hot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in accordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These are addressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative count of used blocks.\n\n* reading /proc/self/mem incorrectly returned 'Invalid argument' instead of 'input/output error' due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was removed while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash during the creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2008-11-21T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2008:0972)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5093", "CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3272", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2008-0972.NASL", "href": "https://www.tenable.com/plugins/nessus/34841", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0972. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34841);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3272\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_bugtraq_id(30559, 31177, 31368, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0972\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2008:0972)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* a flaw was found in the Linux kernel's Direct-IO implementation.\nThis could have allowed a local unprivileged user to cause a denial of\nservice. (CVE-2007-6716, Important)\n\n* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\nkernel, a local unprivileged user could cause a denial of service by\nreading from or writing into a padding area in the user_regs_struct32\nstructure. (CVE-2008-1514, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could have allowed a local\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel's Open\nSound System (OSS) implementation. This deficiency could have led to\nan information leak. (CVE-2008-3272, Moderate)\n\n* a potential denial of service attack was discovered in the Linux\nkernel's PWC USB video driver. A local unprivileged user could have\nused this flaw to bring the kernel USB subsystem into the busy-waiting\nstate. (CVE-2007-5093, Low)\n\n* the ext2 and ext3 file systems code failed to properly handle\ncorrupted data structures, leading to a possible local denial of\nservice issue when read or write operations were performed.\n(CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the CIFS 'forcedirectio' option, appending to an open\nfile on a CIFS share resulted in that file being overwritten with the\ndata to be appended.\n\n* a kernel panic occurred when a device with PCI ID 8086:10c8 was\npresent on a system with a loaded ixgbe driver.\n\n* due to an aacraid driver regression, the kernel failed to boot when\ntrying to load the aacraid driver and printed the following error\nmessage: 'aac_srb: aac_fib_send failed with status: 8195'.\n\n* due to an mpt driver regression, when RAID 1 was configured on\nPrimergy systems with an LSI SCSI IME 53C1020/1030 controller, the\nkernel panicked during boot.\n\n* the mpt driver produced a large number of extraneous debugging\nmessages when performing a 'Host reset' operation.\n\n* due to a regression in the sym driver, the kernel panicked when a\nSCSI hot swap was performed using MCP18 hardware.\n\n* all cores on a multi-core system now scale their frequencies in\naccordance with the policy set by the system's CPU frequency governor.\n\n* the netdump subsystem suffered from several stability issues. These\nare addressed in this updated kernel.\n\n* under certain conditions, the ext3 file system reported a negative\ncount of used blocks.\n\n* reading /proc/self/mem incorrectly returned 'Invalid argument'\ninstead of 'input/output error' due to a regression.\n\n* under certain conditions, the kernel panicked when a USB device was\nremoved while the system was busy accessing the device.\n\n* a race condition in the kernel could have led to a kernel crash\nduring the creation of a new process.\n\nAll Red Hat Enterprise Linux 4 Users should upgrade to these updated\npackages, which contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0972\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-5093\", \"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3272\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0972\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0972\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:35:45", "description": "- a flaw was found in the Linux kernel's Direct-IO implementation. This could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n\n - when running ptrace in 31-bit mode on an IBM S/390 or IBM System z kernel, a local unprivileged user could cause a denial of service by reading from or writing into a padding area in the user_regs_struct32 structure.\n (CVE-2008-1514, Important)\n\n - the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could have allowed a local unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important)\n\n - Tobias Klein reported a missing check in the Linux kernel's Open Sound System (OSS) implementation. This deficiency could have led to an information leak.\n (CVE-2008-3272, Moderate)\n\n - a potential denial of service attack was discovered in the Linux kernel's PWC USB video driver. A local unprivileged user could have used this flaw to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n\n - the ext2 and ext3 file systems code failed to properly handle corrupted data structures, leading to a possible local denial of service issue when read or write operations were performed. (CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n - when using the CIFS 'forcedirectio' option, appending to an open file on a CIFS share resulted in that file being overwritten with the data to be appended.\n\n - a kernel panic occurred when a device with PCI ID 8086:10c8 was present on a system with a loaded ixgbe driver.\n\n - due to an aacraid driver regression, the kernel failed to boot when trying to load the aacraid driver and printed the following error message: 'aac_srb:\n aac_fib_send failed with status: 8195'.\n\n - due to an mpt driver regression, when RAID 1 was configured on Primergy systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked during boot.\n\n - the mpt driver produced a large number of extraneous debugging messages when performing a 'Host reset' operation.\n\n - due to a regression in the sym driver, the kernel panicked when a SCSI hot swap was performed using MCP18 hardware.\n\n - all cores on a multi-core system now scale their frequencies in accordance with the policy set by the system's CPU frequency governor.\n\n - the netdump subsystem suffered from several stability issues. These are addressed in this updated kernel.\n\n - under certain conditions, the ext3 file system reported a negative count of used blocks.\n\n - reading /proc/self/mem incorrectly returned 'Invalid argument' instead of 'input/output error' due to a regression.\n\n - under certain conditions, the kernel panicked when a USB device was removed while the system was busy accessing the device.\n\n - a race condition in the kernel could have led to a kernel crash during the creation of a new process.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5093", "CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3272", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20081119_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60497", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60497);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5093\", \"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3272\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - a flaw was found in the Linux kernel's Direct-IO\n implementation. This could have allowed a local\n unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n\n - when running ptrace in 31-bit mode on an IBM S/390 or\n IBM System z kernel, a local unprivileged user could\n cause a denial of service by reading from or writing\n into a padding area in the user_regs_struct32 structure.\n (CVE-2008-1514, Important)\n\n - the do_truncate() and generic_file_splice_write()\n functions did not clear the setuid and setgid bits. This\n could have allowed a local unprivileged user to obtain\n access to privileged information. (CVE-2008-4210,\n Important)\n\n - Tobias Klein reported a missing check in the Linux\n kernel's Open Sound System (OSS) implementation. This\n deficiency could have led to an information leak.\n (CVE-2008-3272, Moderate)\n\n - a potential denial of service attack was discovered in\n the Linux kernel's PWC USB video driver. A local\n unprivileged user could have used this flaw to bring the\n kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n\n - the ext2 and ext3 file systems code failed to properly\n handle corrupted data structures, leading to a possible\n local denial of service issue when read or write\n operations were performed. (CVE-2008-3528, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n - when using the CIFS 'forcedirectio' option, appending to\n an open file on a CIFS share resulted in that file being\n overwritten with the data to be appended.\n\n - a kernel panic occurred when a device with PCI ID\n 8086:10c8 was present on a system with a loaded ixgbe\n driver.\n\n - due to an aacraid driver regression, the kernel failed\n to boot when trying to load the aacraid driver and\n printed the following error message: 'aac_srb:\n aac_fib_send failed with status: 8195'.\n\n - due to an mpt driver regression, when RAID 1 was\n configured on Primergy systems with an LSI SCSI IME\n 53C1020/1030 controller, the kernel panicked during\n boot.\n\n - the mpt driver produced a large number of extraneous\n debugging messages when performing a 'Host reset'\n operation.\n\n - due to a regression in the sym driver, the kernel\n panicked when a SCSI hot swap was performed using MCP18\n hardware.\n\n - all cores on a multi-core system now scale their\n frequencies in accordance with the policy set by the\n system's CPU frequency governor.\n\n - the netdump subsystem suffered from several stability\n issues. These are addressed in this updated kernel.\n\n - under certain conditions, the ext3 file system reported\n a negative count of used blocks.\n\n - reading /proc/self/mem incorrectly returned 'Invalid\n argument' instead of 'input/output error' due to a\n regression.\n\n - under certain conditions, the kernel panicked when a USB\n device was removed while the system was busy accessing\n the device.\n\n - a race condition in the kernel could have led to a\n kernel crash during the creation of a new process.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0811&L=scientific-linux-errata&T=0&P=1696\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b7ff8bf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.8.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.8.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:35:46", "description": "This update addresses the following security issues :\n\n - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n - missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important)\n\n - the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important)\n\n - a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service.\n (CVE-2007-6063, Moderate)\n\n - multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n - a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n - the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n - mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n - lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware&reg;.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL3.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20081216_KERNEL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60507);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - Tavis Ormandy discovered a deficiency in the Linux\n kernel 32-bit and 64-bit emulation. This could allow a\n local, unprivileged user to prepare and run a specially\n crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - a possible kernel memory leak was found in the Linux\n kernel Simple Internet Transition (SIT) INET6\n implementation. This could allow a local, unprivileged\n user to cause a denial of service. (CVE-2008-2136,\n Important)\n\n - missing capability checks were found in the SBNI WAN\n driver which could allow a local user to bypass intended\n capability restrictions. (CVE-2008-3525, Important)\n\n - the do_truncate() and generic_file_splice_write()\n functions did not clear the setuid and setgid bits. This\n could allow a local, unprivileged user to obtain access\n to privileged information. (CVE-2008-4210, Important)\n\n - a buffer overflow flaw was found in Integrated Services\n Digital Network (ISDN) subsystem. A local, unprivileged\n user could use this flaw to cause a denial of service.\n (CVE-2007-6063, Moderate)\n\n - multiple NULL pointer dereferences were found in various\n Linux kernel network drivers. These drivers were missing\n checks for terminal validity, which could allow\n privilege escalation. (CVE-2008-2812, Moderate)\n\n - a deficiency was found in the Linux kernel virtual\n filesystem (VFS) implementation. This could allow a\n local, unprivileged user to attempt file creation within\n deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n - the incorrect kunmap function was used in\n nfs_xdr_readlinkres. kunmap() was used where\n kunmap_atomic() should have been. As a consequence, if\n an NFSv2 or NFSv3 server exported a volume containing a\n symlink which included a path equal to or longer than\n the local system's PATH_MAX, accessing the link caused a\n kernel oops. This has been corrected in this update.\n\n - mptctl_gettargetinfo did not check if pIoc3 was NULL\n before using it as a pointer. This caused a kernel panic\n in mptctl_gettargetinfo in some circumstances. A check\n has been added which prevents this.\n\n - lost tick compensation code in the timer interrupt\n routine triggered without apparent cause. When running\n as a fully-virtualized client, this spurious triggering\n caused the 64-bit version of Red Hat Enterprise Linux 3\n to present highly inaccurate times. With this update the\n lost tick compensation code is turned off when the\n operating system is running as a fully-virtualized\n client under Xen or VMware&reg;.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0812&L=scientific-linux-errata&T=0&P=1505\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6f8ef2e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"kernel-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-doc-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-source-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-unsupported-2.4.21-58.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:57:42", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2008-12-17T00:00:00", "type": "nessus", "title": "CentOS 3 : kernel (CESA-2008:0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-unsupported", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-unsupported", "p-cpe:/a:centos:centos:kernel-source", "p-cpe:/a:centos:centos:kernel-unsupported", "cpe:/o:centos:centos:3", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-boot"], "id": "CENTOS_RHSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/35186", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0973 and \n# CentOS Errata and Security Advisory 2008:0973 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35186);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"CentOS 3 : kernel (CESA-2008:0973)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated\nkernel which addresses these vulnerabilities and fixes these bugs.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015501.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d254e94\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015502.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7e5400ed\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015578.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20f73922\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-doc-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-source-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-unsupported-2.4.21-58.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:57:58", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2008-12-17T00:00:00", "type": "nessus", "title": "RHEL 3 : kernel (RHSA-2008:0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-boot", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-unsupported", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/35190", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0973. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35190);\n script_version(\"1.35\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"RHEL 3 : kernel (RHSA-2008:0973)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated\nkernel which addresses these vulnerabilities and fixes these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0973\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0973\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0973\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-doc-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-unsupported-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-source-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-unsupported-2.4.21-58.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-25T16:42:19", "description": "From Red Hat Security Advisory 2008:0973 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : kernel (ELSA-2008-0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-boot", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-unsupported", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-unsupported", "p-cpe:/a:oracle:linux:kernel-source", "p-cpe:/a:oracle:linux:kernel-unsupported", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/67763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0973 and \n# Oracle Linux Security Advisory ELSA-2008-0973 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67763);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"Oracle Linux 3 : kernel (ELSA-2008-0973)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0973 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated\nkernel which addresses these vulnerabilities and fixes these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-December/000840.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0973\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.4\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-BOOT-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-doc-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-source-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-source-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-25T16:21:28", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could, potentially, lead to local privilege escalation. Note: the flaw only affects systems based on the Intel G33 Express Chipset and newer.\n(CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n* on Itanium(r) systems, when a multithreaded program was traced using the command 'strace -f', messages such as\n\nPANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740 leader 10721 ...\n\nwill be displayed, and after which the trace would stop. With these updated packages, 'strace -f' command no longer results in these error messages, and strace terminates normally after tracing all threads.\n\n* on big-endian systems such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255.\n\n* when using an NFSv4 file system, accessing the same file with two separate processes simultaneously resulted in the NFS client process becoming unresponsive.\n\n* on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall correctly returned '-1' in code compiled on Red Hat Enterprise Linux 5, the same code, when run with the strace utility, would incorrectly return an invalid return value. This has been fixed: on AMD64 and Intel(r) 64 hypervisor-enabled systems, syscalls in compiled code return the same, correct values as syscalls run with strace.\n\n* on the Itanium(r) architecture, fully-virtualized guest domains created using more than 64 GB of memory caused other guest domains not to receive interrupts. This caused soft lockups on other guests. All guest domains are now able to receive interrupts regardless of their allotted memory.\n\n* when user-space used SIGIO notification, which was not disabled before closing a file descriptor and was then re-enabled in a different process, an attempt by the kernel to dereference a stale pointer led to a kernel crash. With this fix, such a situation no longer causes a kernel crash.\n\n* modifications to certain pages made through a memory-mapped region could have been lost in cases when the NFS client needed to invalidate the page cache for that particular memory-mapped file.\n\n* fully-virtualized Windows(r) guests became unresponsive due to the vIOSAPIC component being multiprocessor-unsafe. With this fix, vIOSAPIC is multiprocessor-safe and Windows guests do not become unresponsive.\n\n* on certain systems, keyboard controllers could not withstand continuous requests to switch keyboard LEDs on or off. This resulted in some or all key presses not being registered by the system.\n\n* on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl parameter caused a kernel stack overflow resulting in a kernel panic, and possibly stack corruption. With this fix, setting vm.nr_hugepages works correctly.\n\n* hugepages allow the Linux kernel to utilize the multiple page size capabilities of modern hardware architectures. In certain configurations, systems with large amounts of memory could fail to allocate most of this memory for hugepages even if it was free. This could result, for example, in database restart failures.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2008:1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-1017.NASL", "href": "https://www.tenable.com/plugins/nessus/35179", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:1017. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35179);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n script_bugtraq_id(31634, 31792, 31903);\n script_xref(name:\"RHSA\", value:\"2008:1017\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:1017)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* Olaf Kirch reported a flaw in the i915 kernel driver. This flaw\ncould, potentially, lead to local privilege escalation. Note: the flaw\nonly affects systems based on the Intel G33 Express Chipset and newer.\n(CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with\nO_APPEND in the sys_splice(). This could allow a local, unprivileged\nuser to bypass the append-only file restrictions. (CVE-2008-4554,\nImportant)\n\n* a deficiency was found in the Linux kernel Stream Control\nTransmission Protocol (SCTP) implementation. This could lead to a\npossible denial of service if one end of a SCTP connection did not\nsupport the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n* on Itanium(r) systems, when a multithreaded program was traced using\nthe command 'strace -f', messages such as\n\nPANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740\nleader 10721 ...\n\nwill be displayed, and after which the trace would stop. With these\nupdated packages, 'strace -f' command no longer results in these error\nmessages, and strace terminates normally after tracing all threads.\n\n* on big-endian systems such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255.\n\n* when using an NFSv4 file system, accessing the same file with two\nseparate processes simultaneously resulted in the NFS client process\nbecoming unresponsive.\n\n* on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall\ncorrectly returned '-1' in code compiled on Red Hat Enterprise Linux\n5, the same code, when run with the strace utility, would incorrectly\nreturn an invalid return value. This has been fixed: on AMD64 and\nIntel(r) 64 hypervisor-enabled systems, syscalls in compiled code\nreturn the same, correct values as syscalls run with strace.\n\n* on the Itanium(r) architecture, fully-virtualized guest domains\ncreated using more than 64 GB of memory caused other guest domains not\nto receive interrupts. This caused soft lockups on other guests. All\nguest domains are now able to receive interrupts regardless of their\nallotted memory.\n\n* when user-space used SIGIO notification, which was not disabled\nbefore closing a file descriptor and was then re-enabled in a\ndifferent process, an attempt by the kernel to dereference a stale\npointer led to a kernel crash. With this fix, such a situation no\nlonger causes a kernel crash.\n\n* modifications to certain pages made through a memory-mapped region\ncould have been lost in cases when the NFS client needed to invalidate\nthe page cache for that particular memory-mapped file.\n\n* fully-virtualized Windows(r) guests became unresponsive due to the\nvIOSAPIC component being multiprocessor-unsafe. With this fix,\nvIOSAPIC is multiprocessor-safe and Windows guests do not become\nunresponsive.\n\n* on certain systems, keyboard controllers could not withstand\ncontinuous requests to switch keyboard LEDs on or off. This resulted\nin some or all key presses not being registered by the system.\n\n* on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl\nparameter caused a kernel stack overflow resulting in a kernel panic,\nand possibly stack corruption. With this fix, setting vm.nr_hugepages\nworks correctly.\n\n* hugepages allow the Linux kernel to utilize the multiple page size\ncapabilities of modern hardware architectures. In certain\nconfigurations, systems with large amounts of memory could fail to\nallocate most of this memory for hugepages even if it was free. This\ncould result, for example, in database restart failures.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:1017\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:1017\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:1017\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.22.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.22.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:45:24", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.\n(CVE-2008-3528)\n\nThe i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. (CVE-2008-3831)\n\nThe do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. (CVE-2008-4554)\n\nAdditionaly, a problem with TCP options ordering, which could manifest as connection problems with many websites (bug #43372), was solved, a number of fixes for Intel HDA were added, another number of fixes for issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and others, were also added. Check package changelog for more information.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\n\nUpdate :\n\nThe previous update included a patch which introduced a bug that would make the boot process to stop halfway in several machines. That patch has been removed in this new update, to avoid that problem.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:224-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3831", "CVE-2008-4554"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.4-2mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-server-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest"], "id": "MANDRIVA_MDVSA-2008-224.NASL", "href": "https://www.tenable.com/plugins/nessus/37851", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:224. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37851);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\");\n script_xref(name:\"MDVSA\", value:\"2008:224-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:224-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe error-reporting functionality in (1) fs/ext2/dir.c, (2)\nfs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel\n2.6.26.5 does not limit the number of printk console messages that\nreport directory corruption, which allows physically proximate\nattackers to cause a denial of service (temporary system hang) by\nmounting a filesystem that has corrupted dir->i_size and dir->i_blocks\nvalues and performing (a) read or (b) write operations. NOTE: there\nare limited scenarios in which this crosses privilege boundaries.\n(CVE-2008-3528)\n\nThe i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel\n2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in\nOpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct\nRendering Manager (DRM) master, which allows local users to cause a\ndenial of service (memory corruption) via a crafted ioctl call,\nrelated to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the\nioctl's configuration. (CVE-2008-3831)\n\nThe do_splice_from function in fs/splice.c in the Linux kernel before\n2.6.27 does not reject file descriptors that have the O_APPEND flag\nset, which allows local users to bypass append mode and make arbitrary\nchanges to other locations in the file. (CVE-2008-4554)\n\nAdditionaly, a problem with TCP options ordering, which could manifest\nas connection problems with many websites (bug #43372), was solved, a\nnumber of fixes for Intel HDA were added, another number of fixes for\nissues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and\nothers, were also added. Check package changelog for more information.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\n\nUpdate :\n\nThe previous update included a patch which introduced a bug that would\nmake the boot process to stop halfway in several machines. That patch\nhas been removed in this new update, to avoid that problem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/43372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/43532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/43885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45552\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_cwe_id(264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.4-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.4-desktop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.4-desktop586-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.4-server-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081106.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081106.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081106.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.4-desktop-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.4-desktop586-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.4-server-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20081106.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081106.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20081106.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.4-desktop-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.4-desktop586-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.4-server-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081106.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20081106.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081106.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.4-desktop-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.4-desktop586-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.4-server-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20081106.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20081106.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20081106.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.4-desktop-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.4-desktop586-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.4-server-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20081106.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20081106.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20081106.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.4-desktop-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.4-desktop586-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.4-server-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.4-desktop-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.4-desktop586-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.4-server-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.4-desktop-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.4-desktop586-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.4-server-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.4-desktop-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.4-desktop586-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.4-server-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.4-desktop-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.4-desktop586-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.4-server-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20081106.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20081106.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20081106.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.4-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.4-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.4-desktop-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.4-desktop586-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.4-server-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20081106.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081106.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20081106.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.4-desktop-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.4-desktop586-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.4-server-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20081106.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20081106.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20081106.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.4-desktop-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.4-desktop586-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.4-server-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20081106.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20081106.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20081106.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.4-desktop-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.4-desktop586-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.4-server-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20081106.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20081106.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20081106.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.4-desktop-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.4-desktop586-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.4-server-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20081106.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20081106.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20081106.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.4-desktop-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.4-desktop586-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.4-server-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20081106.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20081106.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20081106.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.4-desktop-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.4-desktop586-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.4-server-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.4-desktop-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.4-desktop586-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.4-server-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.4-desktop-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.4-desktop586-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.4-server-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.4-desktop-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.4-desktop586-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.4-server-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20081106.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20081106.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20081106.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.4-desktop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.4-desktop586-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.4-server-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20081106.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20081106.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20081106.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.4-desktop-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.4-desktop586-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.4-server-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.8-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.8-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.8-1.20081106.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.4-desktop-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.4-desktop586-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.4-server-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20081106.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20081106.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20081106.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.4-desktop-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.4-desktop586-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.4-server-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.4-desktop-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.4-desktop586-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.4-server-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.4-desktop-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.4-desktop586-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.4-server-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20081106.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081106.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20081106.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.4-desktop-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.4-desktop586-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.4-server-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20081106.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20081106.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20081106.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.4-desktop-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.4-desktop586-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.4-server-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20081106.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.4-desktop-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.4-desktop586-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.4-server-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.4-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.4-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.4-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.4-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.4-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.4-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.4-desktop-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.4-desktop586-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.4-server-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20081106.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20081106.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20081106.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.4-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.4-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.4-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20081106.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.4-desktop-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.4-desktop586-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.4-server-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081106.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081106.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20081106.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:07:46", "description": "From Red Hat Security Advisory 2008:1017 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could, potentially, lead to local privilege escalation. Note: the flaw only affects systems based on the Intel G33 Express Chipset and newer.\n(CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n* on Itanium(r) systems, when a multithreaded program was traced using the command 'strace -f', messages such as\n\nPANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740 leader 10721 ...\n\nwill be displayed, and after which the trace would stop. With these updated packages, 'strace -f' command no longer results in these error messages, and strace terminates normally after tracing all threads.\n\n* on big-endian systems such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255.\n\n* when using an NFSv4 file system, accessing the same file with two separate processes simultaneously resulted in the NFS client process becoming unresponsive.\n\n* on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall correctly returned '-1' in code compiled on Red Hat Enterprise Linux 5, the same code, when run with the strace utility, would incorrectly return an invalid return value. This has been fixed: on AMD64 and Intel(r) 64 hypervisor-enabled systems, syscalls in compiled code return the same, correct values as syscalls run with strace.\n\n* on the Itanium(r) architecture, fully-virtualized guest domains created using more than 64 GB of memory caused other guest domains not to receive interrupts. This caused soft lockups on other guests. All guest domains are now able to receive interrupts regardless of their allotted memory.\n\n* when user-space used SIGIO notification, which was not disabled before closing a file descriptor and was then re-enabled in a different process, an attempt by the kernel to dereference a stale pointer led to a kernel crash. With this fix, such a situation no longer causes a kernel crash.\n\n* modifications to certain pages made through a memory-mapped region could have been lost in cases when the NFS client needed to invalidate the page cache for that particular memory-mapped file.\n\n* fully-virtualized Windows(r) guests became unresponsive due to the vIOSAPIC component being multiprocessor-unsafe. With this fix, vIOSAPIC is multiprocessor-safe and Windows guests do not become unresponsive.\n\n* on certain systems, keyboard controllers could not withstand continuous requests to switch keyboard LEDs on or off. This resulted in some or all key presses not being registered by the system.\n\n* on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl parameter caused a kernel stack overflow resulting in a kernel panic, and possibly stack corruption. With this fix, setting vm.nr_hugepages works correctly.\n\n* hugepages allow the Linux kernel to utilize the multiple page size capabilities of modern hardware architectures. In certain configurations, systems with large amounts of memory could fail to allocate most of this memory for hugepages even if it was free. This could result, for example, in database restart failures.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2008-1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-1017.NASL", "href": "https://www.tenable.com/plugins/nessus/67772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:1017 and \n# Oracle Linux Security Advisory ELSA-2008-1017 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67772);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n script_bugtraq_id(31634, 31792, 31903);\n script_xref(name:\"RHSA\", value:\"2008:1017\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-1017)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:1017 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* Olaf Kirch reported a flaw in the i915 kernel driver. This flaw\ncould, potentially, lead to local privilege escalation. Note: the flaw\nonly affects systems based on the Intel G33 Express Chipset and newer.\n(CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with\nO_APPEND in the sys_splice(). This could allow a local, unprivileged\nuser to bypass the append-only file restrictions. (CVE-2008-4554,\nImportant)\n\n* a deficiency was found in the Linux kernel Stream Control\nTransmission Protocol (SCTP) implementation. This could lead to a\npossible denial of service if one end of a SCTP connection did not\nsupport the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n* on Itanium(r) systems, when a multithreaded program was traced using\nthe command 'strace -f', messages such as\n\nPANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740\nleader 10721 ...\n\nwill be displayed, and after which the trace would stop. With these\nupdated packages, 'strace -f' command no longer results in these error\nmessages, and strace terminates normally after tracing all threads.\n\n* on big-endian systems such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255.\n\n* when using an NFSv4 file system, accessing the same file with two\nseparate processes simultaneously resulted in the NFS client process\nbecoming unresponsive.\n\n* on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall\ncorrectly returned '-1' in code compiled on Red Hat Enterprise Linux\n5, the same code, when run with the strace utility, would incorrectly\nreturn an invalid return value. This has been fixed: on AMD64 and\nIntel(r) 64 hypervisor-enabled systems, syscalls in compiled code\nreturn the same, correct values as syscalls run with strace.\n\n* on the Itanium(r) architecture, fully-virtualized guest domains\ncreated using more than 64 GB of memory caused other guest domains not\nto receive interrupts. This caused soft lockups on other guests. All\nguest domains are now able to receive interrupts regardless of their\nallotted memory.\n\n* when user-space used SIGIO notification, which was not disabled\nbefore closing a file descriptor and was then re-enabled in a\ndifferent process, an attempt by the kernel to dereference a stale\npointer led to a kernel crash. With this fix, such a situation no\nlonger causes a kernel crash.\n\n* modifications to certain pages made through a memory-mapped region\ncould have been lost in cases when the NFS client needed to invalidate\nthe page cache for that particular memory-mapped file.\n\n* fully-virtualized Windows(r) guests became unresponsive due to the\nvIOSAPIC component being multiprocessor-unsafe. With this fix,\nvIOSAPIC is multiprocessor-safe and Windows guests do not become\nunresponsive.\n\n* on certain systems, keyboard controllers could not withstand\ncontinuous requests to switch keyboard LEDs on or off. This resulted\nin some or all key presses not being registered by the system.\n\n* on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl\nparameter caused a kernel stack overflow resulting in a kernel panic,\nand possibly stack corruption. With this fix, setting vm.nr_hugepages\nworks correctly.\n\n* hugepages allow the Linux kernel to utilize the multiple page size\ncapabilities of modern hardware architectures. In certain\nconfigurations, systems with large amounts of memory could fail to\nallocate most of this memory for hugepages even if it was free. This\ncould result, for example, in database restart failures.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-December/000838.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-1017\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-92.1.22.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-92.1.22.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:40:18", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could, potentially, lead to local privilege escalation. Note: the flaw only affects systems based on the Intel G33 Express Chipset and newer.\n(CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n* on Itanium(r) systems, when a multithreaded program was traced using the command 'strace -f', messages such as\n\nPANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740 leader 10721 ...\n\nwill be displayed, and after which the trace would stop. With these updated packages, 'strace -f' command no longer results in these error messages, and strace terminates normally after tracing all threads.\n\n* on big-endian systems such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255.\n\n* when using an NFSv4 file system, accessing the same file with two separate processes simultaneously resulted in the NFS client process becoming unresponsive.\n\n* on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall correctly returned '-1' in code compiled on Red Hat Enterprise Linux 5, the same code, when run with the strace utility, would incorrectly return an invalid return value. This has been fixed: on AMD64 and Intel(r) 64 hypervisor-enabled systems, syscalls in compiled code return the same, correct values as syscalls run with strace.\n\n* on the Itanium(r) architecture, fully-virtualized guest domains created using more than 64 GB of memory caused other guest domains not to receive interrupts. This caused soft lockups on other guests. All guest domains are now able to receive interrupts regardless of their allotted memory.\n\n* when user-space used SIGIO notification, which was not disabled before closing a file descriptor and was then re-enabled in a different process, an attempt by the kernel to dereference a stale pointer led to a kernel crash. With this fix, such a situation no longer causes a kernel crash.\n\n* modifications to certain pages made through a memory-mapped region could have been lost in cases when the NFS client needed to invalidate the page cache for that particular memory-mapped file.\n\n* fully-virtualized Windows(r) guests became unresponsive due to the vIOSAPIC component being multiprocessor-unsafe. With this fix, vIOSAPIC is multiprocessor-safe and Windows guests do not become unresponsive.\n\n* on certain systems, keyboard controllers could not withstand continuous requests to switch keyboard LEDs on or off. This resulted in some or all key presses not being registered by the system.\n\n* on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl parameter caused a kernel stack overflow resulting in a kernel panic, and possibly stack corruption. With this fix, setting vm.nr_hugepages works correctly.\n\n* hugepages allow the Linux kernel to utilize the multiple page size capabilities of modern hardware architectures. In certain configurations, systems with large amounts of memory could fail to allocate most of this memory for hugepages even if it was free. This could result, for example, in database restart failures.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2008:1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-1017.NASL", "href": "https://www.tenable.com/plugins/nessus/43719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:1017 and \n# CentOS Errata and Security Advisory 2008:1017 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43719);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n script_bugtraq_id(31634, 31792, 31903);\n script_xref(name:\"RHSA\", value:\"2008:1017\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:1017)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* Olaf Kirch reported a flaw in the i915 kernel driver. This flaw\ncould, potentially, lead to local privilege escalation. Note: the flaw\nonly affects systems based on the Intel G33 Express Chipset and newer.\n(CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with\nO_APPEND in the sys_splice(). This could allow a local, unprivileged\nuser to bypass the append-only file restrictions. (CVE-2008-4554,\nImportant)\n\n* a deficiency was found in the Linux kernel Stream Control\nTransmission Protocol (SCTP) implementation. This could lead to a\npossible denial of service if one end of a SCTP connection did not\nsupport the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n* on Itanium(r) systems, when a multithreaded program was traced using\nthe command 'strace -f', messages such as\n\nPANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740\nleader 10721 ...\n\nwill be displayed, and after which the trace would stop. With these\nupdated packages, 'strace -f' command no longer results in these error\nmessages, and strace terminates normally after tracing all threads.\n\n* on big-endian systems such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255.\n\n* when using an NFSv4 file system, accessing the same file with two\nseparate processes simultaneously resulted in the NFS client process\nbecoming unresponsive.\n\n* on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall\ncorrectly returned '-1' in code compiled on Red Hat Enterprise Linux\n5, the same code, when run with the strace utility, would incorrectly\nreturn an invalid return value. This has been fixed: on AMD64 and\nIntel(r) 64 hypervisor-enabled systems, syscalls in compiled code\nreturn the same, correct values as syscalls run with strace.\n\n* on the Itanium(r) architecture, fully-virtualized guest domains\ncreated using more than 64 GB of memory caused other guest domains not\nto receive interrupts. This caused soft lockups on other guests. All\nguest domains are now able to receive interrupts regardless of their\nallotted memory.\n\n* when user-space used SIGIO notification, which was not disabled\nbefore closing a file descriptor and was then re-enabled in a\ndifferent process, an attempt by the kernel to dereference a stale\npointer led to a kernel crash. With this fix, such a situation no\nlonger causes a kernel crash.\n\n* modifications to certain pages made through a memory-mapped region\ncould have been lost in cases when the NFS client needed to invalidate\nthe page cache for that particular memory-mapped file.\n\n* fully-virtualized Windows(r) guests became unresponsive due to the\nvIOSAPIC component being multiprocessor-unsafe. With this fix,\nvIOSAPIC is multiprocessor-safe and Windows guests do not become\nunresponsive.\n\n* on certain systems, keyboard controllers could not withstand\ncontinuous requests to switch keyboard LEDs on or off. This resulted\nin some or all key presses not being registered by the system.\n\n* on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl\nparameter caused a kernel stack overflow resulting in a kernel panic,\nand possibly stack corruption. With this fix, setting vm.nr_hugepages\nworks correctly.\n\n* hugepages allow the Linux kernel to utilize the multiple page size\ncapabilities of modern hardware architectures. In certain\nconfigurations, systems with large amounts of memory could fail to\nallocate most of this memory for hugepages even if it was free. This\ncould result, for example, in database restart failures.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015497.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?22cb3c6b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015498.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9a791612\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-92.1.22.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:38:42", "description": "- Olaf Kirch reported a flaw in the i915 kernel driver that only affects the Intel G33 series and newer. This flaw could, potentially, lead to local privilege escalation. (CVE-2008-3831, Important)\n\n - Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important)\n\n - a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation.\n This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n - on Itanium&reg; systems, when a multithreaded program was traced using the command 'strace -f', messages similar to the following ones were displayed, after which the trace would stop :\n\n PANIC: attached pid 10740 exited PANIC:\n handle_group_exit: 10740 leader 10721 PANIC: attached pid 10739 exited PANIC: handle_group_exit: 10739 leader 10721 ...\n\nIn these updated packages, tracing a multithreaded program using the 'strace -f' command no longer results in these error messages, and strace terminates normally after tracing all threads.\n\n - on big-endian systems such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255.\n\n - when using an NFSv4 file system, accessing the same file with two separate processes simultaneously resulted in the NFS client process becoming unresponsive.\n\n - on AMD64 and Intel&reg; 64 hypervisor-enabled systems, in cases in which a syscall correctly returned '-1' in code compiled on Red Hat Enterprise Linux 5, the same code, when run with the strace utility, would incorrectly return an invalid return value. This has been fixed so that on AMD64 and Intel&reg; 64 hypervisor-enabled systems, syscalls in compiled code return the same, correct values as syscalls do when run with strace.\n\n - on the Itanium&reg; architecture, fully-virtualized guest domains which were created using more than 64 GB of memory caused other guest domains not to receive interrupts, which caused a soft lockup on other guests.\n All guest domains are now able to receive interrupts regardless of their allotted memory.\n\n - when user-space used SIGIO notification, which wasn't disabled before closing a file descriptor, and was then re-enabled in a different process, an attempt by the kernel to dereference a stale pointer led to a kernel crash. With this fix, such a situation no longer causes a kernel crash.\n\n - modifications to certain pages made through a memory-mapped region could have been lost in cases when the NFS client needed to invalidate the page cache for that particular memory-mapped file.\n\n - fully-virtualized Windows guests became unresponsive due to the vIOSAPIC component being multiprocessor-unsafe.\n With this fix, vIOSAPIC is multiprocessor-safe and Windows guests do not become unresponsive.\n\n - on certain systems, keyboard controllers were not able to withstand a continuous flow of requests to switch keyboard LEDs on or off, which resulted in some or all key presses not being registered by the system.\n\n - on the Itanium&reg; architecture, setting the 'vm.nr_hugepages' sysctl parameter caused a kernel stack overflow resulting in a kernel panic, and possibly stack corruption. With this fix, setting vm.nr_hugepages works correctly.\n\n - hugepages allow the Linux kernel to utilize the multiple page size capabilities of modern hardware architectures.\n In certain configurations, systems with large amounts of memory could fail to allocate most of memory for hugepages even if it was free, which could have resulted, for example, in database restart failures.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20081216_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60508", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60508);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Olaf Kirch reported a flaw in the i915 kernel driver\n that only affects the Intel G33 series and newer. This\n flaw could, potentially, lead to local privilege\n escalation. (CVE-2008-3831, Important)\n\n - Miklos Szeredi reported a missing check for files opened\n with O_APPEND in the sys_splice(). This could allow a\n local, unprivileged user to bypass the append-only file\n restrictions. (CVE-2008-4554, Important)\n\n - a deficiency was found in the Linux kernel Stream\n Control Transmission Protocol (SCTP) implementation.\n This could lead to a possible denial of service if one\n end of a SCTP connection did not support the AUTH\n extension. (CVE-2008-4576, Important)\n\nIn addition, these updated packages fix the following bugs :\n\n - on Itanium&reg; systems, when a multithreaded program\n was traced using the command 'strace -f', messages\n similar to the following ones were displayed, after\n which the trace would stop :\n\n PANIC: attached pid 10740 exited PANIC:\n handle_group_exit: 10740 leader 10721 PANIC: attached\n pid 10739 exited PANIC: handle_group_exit: 10739 leader\n 10721 ...\n\nIn these updated packages, tracing a multithreaded program using the\n'strace -f' command no longer results in these error messages, and\nstrace terminates normally after tracing all threads.\n\n - on big-endian systems such as PowerPC, the getsockopt()\n function incorrectly returned 0 depending on the\n parameters passed to it when the time to live (TTL)\n value equaled 255.\n\n - when using an NFSv4 file system, accessing the same file\n with two separate processes simultaneously resulted in\n the NFS client process becoming unresponsive.\n\n - on AMD64 and Intel&reg; 64 hypervisor-enabled systems,\n in cases in which a syscall correctly returned '-1' in\n code compiled on Red Hat Enterprise Linux 5, the same\n code, when run with the strace utility, would\n incorrectly return an invalid return value. This has\n been fixed so that on AMD64 and Intel&reg; 64\n hypervisor-enabled systems, syscalls in compiled code\n return the same, correct values as syscalls do when run\n with strace.\n\n - on the Itanium&reg; architecture, fully-virtualized\n guest domains which were created using more than 64 GB\n of memory caused other guest domains not to receive\n interrupts, which caused a soft lockup on other guests.\n All guest domains are now able to receive interrupts\n regardless of their allotted memory.\n\n - when user-space used SIGIO notification, which wasn't\n disabled before closing a file descriptor, and was then\n re-enabled in a different process, an attempt by the\n kernel to dereference a stale pointer led to a kernel\n crash. With this fix, such a situation no longer causes\n a kernel crash.\n\n - modifications to certain pages made through a\n memory-mapped region could have been lost in cases when\n the NFS client needed to invalidate the page cache for\n that particular memory-mapped file.\n\n - fully-virtualized Windows guests became unresponsive due\n to the vIOSAPIC component being multiprocessor-unsafe.\n With this fix, vIOSAPIC is multiprocessor-safe and\n Windows guests do not become unresponsive.\n\n - on certain systems, keyboard controllers were not able\n to withstand a continuous flow of requests to switch\n keyboard LEDs on or off, which resulted in some or all\n key presses not being registered by the system.\n\n - on the Itanium&reg; architecture, setting the\n 'vm.nr_hugepages' sysctl parameter caused a kernel stack\n overflow resulting in a kernel panic, and possibly stack\n corruption. With this fix, setting vm.nr_hugepages works\n correctly.\n\n - hugepages allow the Linux kernel to utilize the multiple\n page size capabilities of modern hardware architectures.\n In certain configurations, systems with large amounts of\n memory could fail to allocate most of memory for\n hugepages even if it was free, which could have\n resulted, for example, in database restart failures.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0812&L=scientific-linux-errata&T=0&P=1388\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b5551e4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-92.1.22.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-92.1.22.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:57:32", "description": "This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.", "cvss3": {}, "published": "2008-12-03T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5734.NASL", "href": "https://www.tenable.com/plugins/nessus/35026", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35026);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes\nvarious bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not\n properly strip setuid and setgid bits when there is a\n write to a file, which allows local users to gain the\n privileges of a different group, and obtain sensitive\n information or possibly have unspecified other impact,\n by creating an executable file in a setgid directory\n through the (1) truncate or (2) ftruncate function in\n conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5734.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-debug-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T15:22:22", "description": "This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5735.NASL", "href": "https://www.tenable.com/plugins/nessus/59134", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59134);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes\nvarious bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not\n properly strip setuid and setgid bits when there is a\n write to a file, which allows local users to gain the\n privileges of a different group, and obtain sensitive\n information or possibly have unspecified other impact,\n by creating an executable file in a setgid directory\n through the (1) truncate or (2) ftruncate function in\n conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5735.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:25:41", "description": "It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10. (CVE-2007-5498)\n\nIt was discovered the the i915 video driver did not correctly validate memory addresses. A local attacker could exploit this to remap memory that could cause a system crash, leading to a denial of service. This issue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu 7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as well. (CVE-2008-3831)\n\nDavid Watson discovered that the kernel did not correctly strip permissions when creating files in setgid directories. A local user could exploit this to gain additional group privileges. This issue only affected Ubuntu 6.06. (CVE-2008-4210)\n\nOlaf Kirch and Miklos Szeredi discovered that the Linux kernel did not correctly reject the 'append' flag when handling file splice requests.\nA local attacker could bypass append mode and make changes to arbitrary locations in a file. This issue only affected Ubuntu 7.10 and 8.04. (CVE-2008-4554)\n\nIt was discovered that the SCTP stack did not correctly handle INIT-ACK. A remote user could exploit this by sending specially crafted SCTP traffic which would trigger a crash in the system, leading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4576)\n\nIt was discovered that the SCTP stack did not correctly handle bad packet lengths. A remote user could exploit this by sending specially crafted SCTP traffic which would trigger a crash in the system, leading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4618)\n\nEric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a local user or automated system were tricked into mounting a malicious HFS+ filesystem, the system could crash, leading to a denial of service. (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n\nIt was discovered that the Unix Socket handler did not correctly process the SCM_RIGHTS message. A local attacker could make a malicious socket request that would crash the system, leading to a denial of service. (CVE-2008-5029)\n\nIt was discovered that the driver for simple i2c audio interfaces did not correctly validate certain function pointers. A local user could exploit this to gain root privileges or crash the system, leading to a denial of service. (CVE-2008-5033).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5498", "CVE-2008-3831", "CVE-2008-4210", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4618", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5033"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-53", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.22-16", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.24-22", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:fglrx-amdcccle", "p-cpe:/a:canonical:ubuntu_linux:fglrx-control", "p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-679-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37683", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-679-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37683);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n script_bugtraq_id(31368, 31634, 31792, 31903, 32093, 32094, 32154, 32289);\n script_xref(name:\"USN\", value:\"679-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Xen hypervisor block driver did not\ncorrectly validate requests. A user with root privileges in a guest OS\ncould make a malicious IO request with a large number of blocks that\nwould crash the host OS, leading to a denial of service. This only\naffected Ubuntu 7.10. (CVE-2007-5498)\n\nIt was discovered the the i915 video driver did not correctly validate\nmemory addresses. A local attacker could exploit this to remap memory\nthat could cause a system crash, leading to a denial of service. This\nissue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu\n7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as\nwell. (CVE-2008-3831)\n\nDavid Watson discovered that the kernel did not correctly strip\npermissions when creating files in setgid directories. A local user\ncould exploit this to gain additional group privileges. This issue\nonly affected Ubuntu 6.06. (CVE-2008-4210)\n\nOlaf Kirch and Miklos Szeredi discovered that the Linux kernel did not\ncorrectly reject the 'append' flag when handling file splice requests.\nA local attacker could bypass append mode and make changes to\narbitrary locations in a file. This issue only affected Ubuntu 7.10\nand 8.04. (CVE-2008-4554)\n\nIt was discovered that the SCTP stack did not correctly handle\nINIT-ACK. A remote user could exploit this by sending specially\ncrafted SCTP traffic which would trigger a crash in the system,\nleading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4576)\n\nIt was discovered that the SCTP stack did not correctly handle bad\npacket lengths. A remote user could exploit this by sending specially\ncrafted SCTP traffic which would trigger a crash in the system,\nleading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4618)\n\nEric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a\nlocal user or automated system were tricked into mounting a malicious\nHFS+ filesystem, the system could crash, leading to a denial of\nservice. (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n\nIt was discovered that the Unix Socket handler did not correctly\nprocess the SCM_RIGHTS message. A local attacker could make a\nmalicious socket request that would crash the system, leading to a\ndenial of service. (CVE-2008-5029)\n\nIt was discovered that the driver for simple i2c audio interfaces did\nnot correctly validate certain function pointers. A local user could\nexploit this to gain root privileges or crash the system, leading to a\ndenial of service. (CVE-2008-5033).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/679-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.22-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.24-22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-amdcccle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-679-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware-2.6.15-53\", pkgver:\"3.11+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-control\", pkgver:\"8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-386\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-686\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-server\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-386\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-686\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-386\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-686\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-386\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-686\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-generic\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-k8\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.0.0-8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.0.0-8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"avm-fritz-firmware-2.6.22-16\", pkgver:\"3.11+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"fglrx-control\", pkgver:\"8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-386\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-generic\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-rt\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-server\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-ume\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-xen\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-386\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-generic\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-rt\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-xen\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-386\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-generic\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-rt\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-server\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-ume\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-virtual\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-xen\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-new\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"avm-fritz-firmware-2.6.24-22\", pkgver:\"3.11+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-amdcccle\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-control\", pkgver:\"8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-kernel-source\", pkgver:\"8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-386\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-generic\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-openvz\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-rt\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-server\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-virtual\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-xen\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-openvz\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-rt\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-xen\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-386\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-generic\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-openvz\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-rt\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-server\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-virtual\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-xen\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-386\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-generic\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-openvz\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-rt\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-server\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-virtual\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-xen\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-lpia\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-lpiacompat\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-openvz\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-rt\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-xen\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-386\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-generic\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-openvz\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-rt\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-server\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-xen\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-386\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-generic\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-openvz\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-rt\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-server\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-virtual\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-xen\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-dev\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-legacy\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-new\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-kernel-source\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-backports-modules-2.6.27-9-generic\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-backports-modules-2.6.27-9-server\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9-generic\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9-server\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-lbm-2.6.27-9-generic\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-lbm-2.6.27-9-server\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-generic\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-server\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-virtual\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-2.6.27-9-generic\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-2.6.27-9-server\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-9.19\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avm-fritz-firmware-2.6.15-53 / avm-fritz-firmware-2.6.22-16 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:40:24", "description": "Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 running on 32-bit architectures.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* a flaw was found in the IPv4 forwarding base. This could allow a local, unprivileged user to cause a denial of service. (CVE-2007-2172, Important)\n\n* a flaw was found in the handling of process death signals. This allowed a local, unprivileged user to send arbitrary signals to the suid-process executed by that user. Successful exploitation of this flaw depends on the structure of the suid-program and its signal handling. (CVE-2007-3848, Important)\n\n* when accessing kernel memory locations, certain Linux kernel drivers registering a fault handler did not perform required range checks. A local, unprivileged user could use this flaw to gain read or write access to arbitrary kernel memory, or possibly cause a denial of service. (CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local, unprivileged user to bypass intended capability restrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or ftruncate(). This could allow a local, unprivileged user to acquire the privileges of a different group and obtain access to sensitive information. (CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local, unprivileged user to cause a denial of service. (CVE-2006-4814, Moderate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local, unprivileged user to make ioctl calls to the driver which should otherwise be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use these flaws to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a local, unprivileged user could make a root-owned process dump a core file into a user-writable directory, the user could gain read access to that core file, potentially compromising sensitive information.\n(CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should upgrade to these updated packages which address these vulnerabilities. For this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2009-01-09T00:00:00", "type": "nessus", "title": "RHEL 2.1 : kernel (RHSA-2009:0001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4814", "CVE-2007-2172", "CVE-2007-3848", "CVE-2007-4308", "CVE-2007-6063", "CVE-2007-6151", "CVE-2007-6206", "CVE-2008-0007", "CVE-2008-2136", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-boot", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-enterprise", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-summit", "cpe:/o:redhat:enterprise_linux:2.1"], "id": "REDHAT-RHSA-2009-0001.NASL", "href": "https://www.tenable.com/plugins/nessus/35323", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0001. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35323);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(21663, 25216, 25387, 26605, 26701, 27497, 27686, 29235, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2009:0001\");\n\n script_name(english:\"RHEL 2.1 : kernel (RHSA-2009:0001)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix a number of security issues are now\navailable for Red Hat Enterprise Linux 2.1 running on 32-bit\narchitectures.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a flaw was found in the IPv4 forwarding base. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This\nallowed a local, unprivileged user to send arbitrary signals to the\nsuid-process executed by that user. Successful exploitation of this\nflaw depends on the structure of the suid-program and its signal\nhandling. (CVE-2007-3848, Important)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal, unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a denial of\nservice. (CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire\nthe privileges of a different group and obtain access to sensitive\ninformation. (CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local,\nunprivileged user to cause a denial of service. (CVE-2006-4814,\nModerate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should\notherwise be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services\nDigital Network (ISDN) subsystem. A local, unprivileged user could use\nthese flaws to cause a denial of service. (CVE-2007-6063,\nCVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a\nlocal, unprivileged user could make a root-owned process dump a core\nfile into a user-writable directory, the user could gain read access\nto that core file, potentially compromising sensitive information.\n(CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures\nshould upgrade to these updated packages which address these\nvulnerabilities. For this update to take effect, the system must be\nrebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0001\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-enterprise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-summit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0001\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0001\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-debug-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-enterprise-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-headers-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-smp-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-source-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-summit-2.4.9-e.74\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-debug / kernel-doc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:33:17", "description": "This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to the tty ops functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.\n (CVE-2008-2812)", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3525"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5608.NASL", "href": "https://www.tenable.com/plugins/nessus/59131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59131);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3525\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel\ncontains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel\n information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and\n SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which\n could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories\n which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not\n verify that the caller has the CAP_SYS_ADMIN capability,\n which allows local users to gain privileges or cause a\n denial of service by modifying the properties of a\n mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to the tty ops\n functions, which might have been used by local attackers\n to execute code. We think that this affects only devices\n openable by root, so the impact is limited.\n (CVE-2008-2812)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2812.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2931.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5608.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:55:54", "description": "This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.\n (CVE-2008-2812)", "cvss3": {}, "published": "2008-10-02T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3525"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5566.NASL", "href": "https://www.tenable.com/plugins/nessus/34331", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34331);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3525\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel\ncontains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel\n information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and\n SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which\n could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories\n which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not\n verify that the caller has the CAP_SYS_ADMIN capability,\n which allows local users to gain privileges or cause a\n denial of service by modifying the properties of a\n mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to tty op\n functions, which might have been used by local attackers\n to execute code. We think that this affects only devices\n openable by root, so the impact is limited.\n (CVE-2008-2812)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2812.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2931.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5566.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-debug-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T14:55:56", "description": "The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes.\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service (crash) attack.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim's machine remotely.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules.\n\nCVE-2008-2826: A integer overflow in SCTP was fixed, which might have been used by remote attackers to crash the machine or potentially execute code.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.", "cvss3": {}, "published": "2008-10-21T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-5700)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2826", "CVE-2008-3272", "CVE-2008-3276", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_KERNEL-5700.NASL", "href": "https://www.tenable.com/plugins/nessus/34457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5700.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34457);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2826\", \"CVE-2008-3272\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4576\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5700)\");\n script_summary(english:\"Check for the kernel-5700 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs\nand security fixes.\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between\nSCTP AUTH availability. This might be exploited remotely for a denial\nof service (crash) attack.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle\ncorrupted data structures. With a mounted filesystem image or\npartition that have corrupted dir->i_size and dir->i_blocks, a user\nperforming either a read or write operation on the mounted image or\npartition can lead to a possible denial of service by spamming the\nlogfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\ndid not properly zero out the dio struct, which allows local users to\ncause a denial of service (OOPS), as demonstrated by a certain fio\ntest.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which\ncould be used to leak information from the kernel.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel\ndccp_setsockopt_change() function. An attacker may leverage this\nvulnerability to trigger a kernel panic on a victim's machine\nremotely.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and\nSNMP NAT netfilter modules.\n\nCVE-2008-2826: A integer overflow in SCTP was fixed, which might have\nbeen used by remote attackers to crash the machine or potentially\nexecute code.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op\nfunctions, which might have been used by local attackers to execute\ncode. We think that this affects only devices openable by root, so the\nimpact is limited.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 264, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T14:52:18", "description": "This update fixes various security issues and several bugs in the openSUSE 11.0 kernel. It was also updated to the stable version 2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a denial of service ('soft lockup' and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5700", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-090114.NASL", "href": "https://www.tenable.com/plugins/nessus/40011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-423.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40011);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-423)\");\n script_summary(english:\"Check for the kernel-423 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues and several bugs in the\nopenSUSE 11.0 kernel. It was also updated to the stable version\n2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests,\nwhich allows local users to cause a denial of service (Programmed I/O\nmode on drives) via multiple simultaneous invocations of an\nunspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a\ndenial of service ('soft lockup' and process loss) via a large number\nof sendmsg function calls, which does not block during AF_UNIX garbage\ncollection and triggers an OOM condition, a different vulnerability\nthan CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not\nrestrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager\n(DRM) master, which allows local users to cause a denial of service\n(memory corruption) via a crafted ioctl call, related to absence of\nthe DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not\nreject file descriptors that have the O_APPEND flag set, which allows\nlocal users to bypass append mode and make arbitrary changes to other\nlocations in the file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=362850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=371657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=399966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=405546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=419250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=429919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=445569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=446973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=450417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457898\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:37:20", "description": "a. Service Console update for DHCP and third-party library update for DHCP client.\n\n DHCP is an Internet-standard protocol by which a computer can be connected to a local network, ask to be given configuration information, and receive from a server enough information to configure itself as a member of that network.\n\n A stack-based buffer overflow in the script_write_params method in ISC DHCP dhclient allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue.\n\n An insecure temporary file use flaw was discovered in the DHCP daemon's init script ('/etc/init.d/dhcpd'). A local attacker could use this flaw to overwrite an arbitrary file with the output of the 'dhcpd -t' command via a symbolic link attack, if a system administrator executed the DHCP init script with the 'configtest', 'restart', or 'reload' option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1893 to this issue.\n\nb. Updated Service Console package kernel\n\n Service Console package kernel update to version kernel-2.4.21-58.EL.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-4210, CVE-2008-3275, CVE-2008-0598, CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525 to the security issues fixed in kernel-2.4.21-58.EL\n\nc. JRE Security Update\n\n JRE update to version 1.5.0_18, which addresses multiple security issues that existed in earlier releases of JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_17: CVE-2008-2086, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2008-5339, CVE-2008-5342, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2008-5340, CVE-2008-5341, CVE-2008-5343, and CVE-2008-5355.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107.", "cvss3": {}, "published": "2009-10-19T00:00:00", "type": "nessus", "title": "VMSA-2009-0014 : VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2086", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-5339", "CVE-2008-5340", "CVE-2008-5341", "CVE-2008-5342", "CVE-2008-5343", "CVE-2008-5344", "CVE-2008-5345", "CVE-2008-5346", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5355", "CVE-2008-5356", "CVE-2008-5357", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360", "CVE-2009-0692", "CVE-2009-1093", "CVE-2009-1094", "CVE-2009-1095", "CVE-2009-1096", "CVE-2009-1097", "CVE-2009-1098", "CVE-2009-1099", "CVE-2009-1100", "CVE-2009-1101", "CVE-2009-1102", "CVE-2009-1103", "CVE-2009-1104", "CVE-2009-1105", "CVE-2009-1106", "CVE-2009-1107", "CVE-2009-1893"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:3.0.3", "cpe:/o:vmware:esx:3.5", "cpe:/o:vmware:esx:4.0"], "id": "VMWARE_VMSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/42179", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2009-0014. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42179);\n script_version(\"1.34\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2086\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\", \"CVE-2008-5339\", \"CVE-2008-5340\", \"CVE-2008-5341\", \"CVE-2008-5342\", \"CVE-2008-5343\", \"CVE-2008-5344\", \"CVE-2008-5345\", \"CVE-2008-5346\", \"CVE-2008-5347\", \"CVE-2008-5348\", \"CVE-2008-5349\", \"CVE-2008-5350\", \"CVE-2008-5351\", \"CVE-2008-5352\", \"CVE-2008-5353\", \"CVE-2008-5354\", \"CVE-2008-5355\", \"CVE-2008-5356\", \"CVE-2008-5357\", \"CVE-2008-5358\", \"CVE-2008-5359\", \"CVE-2008-5360\", \"CVE-2009-0692\", \"CVE-2009-1093\", \"CVE-2009-1094\", \"CVE-2009-1095\", \"CVE-2009-1096\", \"CVE-2009-1097\", \"CVE-2009-1098\", \"CVE-2009-1099\", \"CVE-2009-1100\", \"CVE-2009-1101\", \"CVE-2009-1102\", \"CVE-2009-1103\", \"CVE-2009-1104\", \"CVE-2009-1105\", \"CVE-2009-1106\", \"CVE-2009-1107\", \"CVE-2009-1893\");\n script_bugtraq_id(35668);\n script_xref(name:\"VMSA\", value:\"2009-0014\");\n\n script_name(english:\"VMSA-2009-0014 : VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote VMware ESX host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"a. Service Console update for DHCP and third-party library update\n for DHCP client.\n\n DHCP is an Internet-standard protocol by which a computer can be\n connected to a local network, ask to be given configuration\n information, and receive from a server enough information to\n configure itself as a member of that network.\n\n A stack-based buffer overflow in the script_write_params method in\n ISC DHCP dhclient allows remote DHCP servers to execute arbitrary\n code via a crafted subnet-mask option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-0692 to this issue.\n\n An insecure temporary file use flaw was discovered in the DHCP\n daemon's init script ('/etc/init.d/dhcpd'). A local attacker could\n use this flaw to overwrite an arbitrary file with the output of the\n 'dhcpd -t' command via a symbolic link attack, if a system\n administrator executed the DHCP init script with the 'configtest',\n 'restart', or 'reload' option.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-1893 to this issue.\n\nb. Updated Service Console package kernel\n\n Service Console package kernel update to version\n kernel-2.4.21-58.EL.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-4210, CVE-2008-3275, CVE-2008-0598,\n CVE-2008-2136, CVE-2008-2812, CVE-2007-6063, CVE-2008-3525 to the\n security issues fixed in kernel-2.4.21-58.EL\n\nc. JRE Security Update\n\n JRE update to version 1.5.0_18, which addresses multiple security\n issues that existed in earlier releases of JRE.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n JRE 1.5.0_17: CVE-2008-2086, CVE-2008-5347, CVE-2008-5348,\n CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352,\n CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357,\n CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2008-5339,\n CVE-2008-5342, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346,\n CVE-2008-5340, CVE-2008-5341, CVE-2008-5343, and CVE-2008-5355.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095,\n CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099,\n CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103,\n CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2010/000076.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sun Java Calendar Deserialization Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 59, 94, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2009-10-16\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 3.0.3\", patch:\"ESX303-200910402-SG\")) flag++;\n\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200910401-SG\",\n patch_updates : make_list(\"ESX350-200911201-UG\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200910403-SG\",\n patch_updates : make_list(\"ESX350-201003403-SG\", \"ESX350-201203401-SG\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200910406-SG\",\n patch_updates : make_list(\"ESX350-201203405-SG\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-200912404-SG\",\n patch_updates : make_list(\"ESX400-Update02\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-25T14:36:54", "description": "The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components :\n\n - ISC DHCP dhclient\n - Integrated Services Digital Network (ISDN) subsystem\n - Java Runtime Environment (JRE)\n - Java SE Development Kit (JDK)\n - Java SE Web Start\n - Linux kernel\n - Linux kernel 32-bit and 64-bit emulation\n - Linux kernel Simple Internet Transition INET6\n - Linux kernel tty\n - Linux kernel virtual file system (VFS)\n - Red Hat dhcpd init script for DHCP\n - SBNI WAN driver", "cvss3": {}, "published": "2016-03-03T00:00:00", "type": "nessus", "title": "VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2086", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-5339", "CVE-2008-5340", "CVE-2008-5341", "CVE-2008-5342", "CVE-2008-5343", "CVE-2008-5344", "CVE-2008-5345", "CVE-2008-5346", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5355", "CVE-2008-5356", "CVE-2008-5357", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360", "CVE-2009-0692", "CVE-2009-1093", "CVE-2009-1094", "CVE-2009-1095", "CVE-2009-1096", "CVE-2009-1097", "CVE-2009-1098", "CVE-2009-1099", "CVE-2009-1100", "CVE-2009-1101", "CVE-2009-1102", "CVE-2009-1103", "CVE-2009-1104", "CVE-2009-1105", "CVE-2009-1106", "CVE-2009-1107", "CVE-2009-1893"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx", "cpe:/o:vmware:esxi"], "id": "VMWARE_VMSA-2009-0014_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/89116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89116);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2007-6063\",\n \"CVE-2008-0598\",\n \"CVE-2008-2086\",\n \"CVE-2008-2136\",\n \"CVE-2008-2812\",\n \"CVE-2008-3275\",\n \"CVE-2008-3525\",\n \"CVE-2008-4210\",\n \"CVE-2008-5339\",\n \"CVE-2008-5340\",\n \"CVE-2008-5341\",\n \"CVE-2008-5342\",\n \"CVE-2008-5343\",\n \"CVE-2008-5344\",\n \"CVE-2008-5345\",\n \"CVE-2008-5346\",\n \"CVE-2008-5347\",\n \"CVE-2008-5348\",\n \"CVE-2008-5349\",\n \"CVE-2008-5350\",\n \"CVE-2008-5351\",\n \"CVE-2008-5352\",\n \"CVE-2008-5353\",\n \"CVE-2008-5354\",\n \"CVE-2008-5355\",\n \"CVE-2008-5356\",\n \"CVE-2008-5357\",\n \"CVE-2008-5358\",\n \"CVE-2008-5359\",\n \"CVE-2008-5360\",\n \"CVE-2009-0692\",\n \"CVE-2009-1093\",\n \"CVE-2009-1094\",\n \"CVE-2009-1095\",\n \"CVE-2009-1096\",\n \"CVE-2009-1097\",\n \"CVE-2009-1098\",\n \"CVE-2009-1099\",\n \"CVE-2009-1100\",\n \"CVE-2009-1101\",\n \"CVE-2009-1102\",\n \"CVE-2009-1103\",\n \"CVE-2009-1104\",\n \"CVE-2009-1105\",\n \"CVE-2009-1106\",\n \"CVE-2009-1107\",\n \"CVE-2009-1893\"\n );\n script_bugtraq_id(\n 26605,\n 29235,\n 29942,\n 30076,\n 30647,\n 31368,\n 32608,\n 32620,\n 32892,\n 34240,\n 35668,\n 35670\n );\n script_xref(name:\"VMSA\", value:\"2009-0014\");\n\n script_name(english:\"VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check)\");\n script_summary(english:\"Checks the ESX / ESXi version and build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\nremote code execution vulnerabilities, in the following components :\n\n - ISC DHCP dhclient\n - Integrated Services Digital Network (ISDN) subsystem\n - Java Runtime Environment (JRE)\n - Java SE Development Kit (JDK)\n - Java SE Web Start\n - Linux kernel\n - Linux kernel 32-bit and 64-bit emulation\n - Linux kernel Simple Internet Transition INET6\n - Linux kernel tty\n - Linux kernel virtual file system (VFS)\n - Red Hat dhcpd init script for DHCP\n - SBNI WAN driver\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2009-0014\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX / ESXi version 3.5 / 4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sun Java Calendar Deserialization Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 20, 59, 94, 119, 189, 200, 264, 287, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"VMware ESX\";\n\nversion = get_kb_item_or_exit(\"Host/VMware/version\");\nrelease = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\n\nfixes = make_array();\nfixes[\"ESX 3.5\"] = 199239;\nfixes[\"ESX 4.0\"] = 219382;\nfixes[\"ESXi 4.0\"] = 208167;\n\nmatches = eregmatch(pattern:'^VMware (ESXi?).*build-([0-9]+)$', string:release);\nif (empty_or_null(matches))\n exit(1, 'Failed to extract the ESX / ESXi build number.');\n\ntype = matches[1];\nbuild = int(matches[2]);\n\nfixed_build = fixes[version];\n\nif (!isnull(fixed_build) && build < fixed_build)\n{\n padding = crap(data:\" \", length:8 - strlen(type)); # Spacing alignment\n\n report = '\\n ' + type + ' version' + padding + ': ' + version +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fixed_build +\n '\\n';\n\n security_report_v4(extra:report, port:port, severity:SECURITY_HOLE);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + version + \" build \" + build);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-1655-1 security@debian.org\r\nhttp://www.debian.org/security/ dann frazier\r\nOct 16, 2008 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6.24\r\nVulnerability : denial of service/information leak/privilege escalation\r\nProblem type : local\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2008-1514 CVE-2008-3525 CVE-2008-3831 CVE-2008-4113\r\n CVE-2008-4445\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that\r\nmay lead to a denial of service, privilege escalation or a leak of\r\nsensitive data. The Common Vulnerabilities and Exposures project\r\nidentifies the following problems:\r\n\r\nCVE-2008-1514\r\n\r\n Jan Kratochvil reported a local denial of service vulnerability in\r\n the ptrace interface for the s390 architecture. Local users can\r\n trigger an invalid pointer dereference, leading to a system panic.\r\n\r\nCVE-2008-3525\r\n\r\n Eugene Teo reported a lack of capability checks in the kernel\r\n driver for Granch SBNI12 leased line adapters &#40;sbni&#41;, allowing\r\n local users to perform privileged operations.\r\n\r\nCVE-2008-3831\r\n\r\n Olaf Kirch discovered an issue with the i915 driver that may allow\r\n local users to cause memory corruption by use of an ioctl with\r\n insufficient privilege restrictions.\r\n\r\nCVE-2008-4113/CVE-2008-4445\r\n\r\n Eugene Teo discovered two issues in the SCTP subsystem which allow\r\n local users to obtain access to sensitive memory when the\r\n SCTP-AUTH extension is enabled.\r\n\r\nFor the stable distribution &#40;etch&#41;, these problems have been fixed in\r\nversion 2.6.24-6~etchnhalf.6.\r\n\r\nWe recommend that you upgrade your linux-2.6.24 packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mipsel, powerpc, s390 and sparc. An update for mips\r\nwill be made available soon.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.dsc\r\n Size/MD5 checksum: 5107 48de15915d82e55c28f531d9c03f8ba0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz\r\n Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz\r\n Size/MD5 checksum: 3930604 d56abb873a5dc719332b1d6536656c15\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.6_all.deb\r\n Size/MD5 checksum: 754490 9b4effa960f1d60cd0b5ed6ea2eeb276\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.6_all.deb\r\n Size/MD5 checksum: 96114 a486ac629244fe13cacbaad4a888ad68\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.6_all.deb\r\n Size/MD5 checksum: 4467464 8881c194d888d42a8504df8ebb7dac6a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.6_all.deb\r\n Size/MD5 checksum: 81296 7c3acdec53210e758132df5fe8f96bf4\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.6_all.deb\r\n Size/MD5 checksum: 1574790 098f0ba09349695dab163ec3c4e1b213\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.6_all.deb\r\n Size/MD5 checksum: 46934056 27dcac10ac224dbf0ea3c96e60c2c4e1\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 329948 add3abe6143d13abc68965961dbdcd6f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 80800 be0ab1a9e34201c60264fca5800c5674\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 80824 2108b32684fe0c28b4293f5411eac78f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 26729636 187130ad90d9e39d4abdd97c1da62f83\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 3451848 db78b7284667f27b2c5a06f67dd5e64c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 329252 62d2e97fce17b226999845611531a0b9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 27336528 75217a269e395b495f49458ad0cb8eb2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 26752102 479851cee1d9c87af49eeffe836c8f89\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.6_alpha.deb\r\n Size/MD5 checksum: 329776 393c10f6ea419484672968c5fa2cc300\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.6_amd64.deb\r\n Size/MD5 checksum: 351550 3b700488e134314fd27e7a761aaac7d4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.6_amd64.deb\r\n Size/MD5 checksum: 3647352 7d20048c3f7f9518e2cb6157cdad48e0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.6_amd64.deb\r\n Size/MD5 checksum: 80804 44a912ae2a8826e9302d52eac211dbe8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.6_amd64.deb\r\n Size/MD5 checksum: 80810 c372449ab2f928ebfe7efd9bc7cb1773\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.6_amd64.deb\r\n Size/MD5 checksum: 19592336 c55e477bcd75542845b38e8fdd112a0c\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 80916 b11a3bf5b354d5d2f024d5f5b0fca816\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 3934788 90f376950a0115bea3547f973d0a4f6c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 9355260 2a29ed46faf5c56a5fd6096cd0f1ea05\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 307924 7ee32d34d994b2980c3e0821ac392c90\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 296594 0ba7174df934269e265af6451f1e4b18\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 80944 36a87cbb5369aa27ab4a546a51b85446\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 10737744 57ce738b5759bfd3feca027e6c93c94b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 305872 137bbbedb611bacc01d6f96048f1a821\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.6_arm.deb\r\n Size/MD5 checksum: 10729554 d4e852b1df8f9d8bb9371ac3babcc091\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 256456 87538709114e1a8ea4a29a90a9dcd286\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 258154 b9887dfa0260f402af629083d959278e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 13329656 32f1bfe168940d18834a2a3858f40436\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 257322 9b4316ee6463c6a6dd81d4ee6a212898\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 80804 ae18fba1b4fe4bf83e6acd7e98d8a5e8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 13841634 ca11fbd609743ae6fc386f7edd7c9470\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 3437414 a28f8733eb63906e78ddbe32a6edfdf4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 80828 14cc33d8c676244f76438b8accb4d06e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 14369012 172748e495c4d93078dcca89c45f2396\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 259814 2437868a242dd5d2b5403fcfc74d3b79\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.6_hppa.deb\r\n Size/MD5 checksum: 14831336 044b3ef7a34e2edd18941e739658ca07\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 19294692 ac961ac035603aeaf0b8141ce821db93\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 360042 85f4e3d7b30681d454cfd011f49d317f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 359312 4eedcfea638d74d172b2a1f866c07a34\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 360530 440664d0a76fe0514075739a054e973a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 80934 ed830a3735ed9177bde8dee5e5e3556d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 19357564 1856637922f4d1df0415aea3d5671929\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 19589426 91466826671229fcb791f5d61431c58c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 3653990 6a03ceea6e01c2783ff15638a6438909\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 80906 922e31289adcfd7ae75bc96b21257056\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 19360576 4bddd3702ce7499f664b3755f956d1d0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.6_i386.deb\r\n Size/MD5 checksum: 347156 99a385a2d3edf8b570a46314796e28df\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.6_ia64.deb\r\n Size/MD5 checksum: 80804 9682374bcec6295daafa32461efe5da3\r\n \r\nhttp://security.debian.org/pool